main/phpldapadmin: secfix for CVE-2017-11107

fixes #7510

2 files changed, 39 insertions, 16 deletions

diff --git a/community/phpldapadmin/APKBUILD b/community/phpldapadmin/APKBUILD
index 299e3cac47..87e6bb4ef6 100644
--- a/community/phpldapadmin/APKBUILD
+++ b/community/phpldapadmin/APKBUILD
@@ -2,7 +2,7 @@
 _php=php5
 pkgname=phpldapadmin
 pkgver=1.2.3
-pkgrel=3
+pkgrel=4
 pkgdesc="Web front-end for managing OpenLDAP"
 url="http://phpldapadmin.sourceforge.net"
 arch="noarch"
@@ -19,8 +19,13 @@ source="http://downloads.sourceforge.net/project/$pkgname/$pkgname-php5/$pkgver/
 	phpldapadmin-1.2.3_fixed-call-to-renamed-function-pla_password_hash.patch
 	phpldapadmin-1.2.3_changed-preg_replace-to-preg_replace-callback.patch
 	phpldapadmin-1.2.3_use-preg_replace_callback.patch
+	CVE-2017-11107.patch
 	"
 
+# secfixes:
+#   1.2.3-r4:
+#   - CVE-2017-11107
+
 _builddir="$srcdir"/$pkgname-$pkgver
 
 prepare() {
@@ -54,24 +59,11 @@ package() {
 	  "$pkgdir"/usr/share/webapps/phpldapadmin/templates/creation/groupOfNames.xml || return 1
 }
 
-md5sums="59a49054039ceb852c2da377d8742360  phpldapadmin-1.2.3.tgz
-3ca4fbf9e16f192b441b51b2d25ecf14  phpldapadmin.additional-template
-34e36e414f59c6ed4946efa1f277f962  phpldapadmin-1.2.3-force-ssha512.patch
-ac802d139e867ecae7e64923ced54741  phpldapadmin-1.2.3_changed-password_hash-to-pla_password_hash.patch
-4037d598cec4261a840e90beda478e35  phpldapadmin-1.2.3_fixed-call-to-renamed-function-pla_password_hash.patch
-231b82f76e2d2359fa3f98079571830b  phpldapadmin-1.2.3_changed-preg_replace-to-preg_replace-callback.patch
-445cf7143613f48918972bc9a5fab06f  phpldapadmin-1.2.3_use-preg_replace_callback.patch"
-sha256sums="aecaf8c3ce77ba3899dd31ee5ee183555b2f9349eb8e196dcd33d8a3c485ed58  phpldapadmin-1.2.3.tgz
-85e931a84f3fd5e398da24403425b58711c48196ed9692f7a312883a0ed9fae0  phpldapadmin.additional-template
-0cd1d8195ecdc53cde9667bf256d2243d67675ac92547d163a707659df5a3d9a  phpldapadmin-1.2.3-force-ssha512.patch
-a5befd05b3332ba37b8778df1505b370c3c84c1494ce9184f3f2ea4cbe99235b  phpldapadmin-1.2.3_changed-password_hash-to-pla_password_hash.patch
-d4a8d75f76c8f865caddfe6ded6d9a9a8ee9b9828da021520ffa516a713ac941  phpldapadmin-1.2.3_fixed-call-to-renamed-function-pla_password_hash.patch
-375571b4471cd39173d16bf54417f8ba2b8c66103d652b4a2ab1eaa9e36b8046  phpldapadmin-1.2.3_changed-preg_replace-to-preg_replace-callback.patch
-a9ad83216edde85f5c44514cf152b3532766f6981e17da6b00c7c267b28dd89b  phpldapadmin-1.2.3_use-preg_replace_callback.patch"
 sha512sums="58a57ca577586685ebd0d7fde7e299b8945d1693018c7803e19239b79f4b9d72a4d207d53c9f284268e32398108038efafcdb434e634619bfe87db3524d267b6  phpldapadmin-1.2.3.tgz
 913cc89bfba3a24064865f091a3bcc6ec88db0824d750e8b3b1f6497b5ac1a1e158ced895f1f85f93607402e9353798b3dd4ccdbb1454713f96937c884456eb7  phpldapadmin.additional-template
 aecbf3699af4ae39426c6c81edd45a738cdd91f9cfc1e8062ade4b6fa11e7530a8d8b4c2730cd648749b87381dbcca1bbe8681b8e45ec7af50b6b74137f89331  phpldapadmin-1.2.3-force-ssha512.patch
 71a0bc987e526401c72b77b36843868099040654c3435e9c2f5b266a49a27b75b007fd949e9981bcd4b9a678f0edd74e988e66647984c882c57fe8dc99a26849  phpldapadmin-1.2.3_changed-password_hash-to-pla_password_hash.patch
 d238e27ed89e400f467ab8282a67920cd1e72e5f52709d086f6b31708960dc65acafc0fe683887ceff0b78b3aa9631e91e2c57f722d9f7e0f057e0f872ae73a2  phpldapadmin-1.2.3_fixed-call-to-renamed-function-pla_password_hash.patch
 0524112c7a3c591eaf4b3e64de26282a786a2c0fa73f1047084f14c4f9093cf31e1b9a36b7b1736d6c6ae89f9940916d42cbbab7081249abf1a963de588aac63  phpldapadmin-1.2.3_changed-preg_replace-to-preg_replace-callback.patch
-57e1d8d861f84f0934a2275d7ba37621c2c19c71bf2c04db918ccbc6df36eaca60986db2ba6b543356ad55eab8d7850267db1d30677d77c96238821c29b99ac9  phpldapadmin-1.2.3_use-preg_replace_callback.patch"
+57e1d8d861f84f0934a2275d7ba37621c2c19c71bf2c04db918ccbc6df36eaca60986db2ba6b543356ad55eab8d7850267db1d30677d77c96238821c29b99ac9  phpldapadmin-1.2.3_use-preg_replace_callback.patch
+647e8924a302666ebae3090bcf61f82e3a82d19c232beabaf3faae43d0c434b12fb83a3d862fe6ce6a27b2b750c67974ac22e583d4897734f39e26733bdd2580  CVE-2017-11107.patch"
diff --git a/community/phpldapadmin/CVE-2017-11107.patch b/community/phpldapadmin/CVE-2017-11107.patch
new file mode 100644
index 0000000000..f161d0e46a
--- /dev/null
+++ b/community/phpldapadmin/CVE-2017-11107.patch
@@ -0,0 +1,31 @@
+Description: Fix multiple Cross-Site Scripting vulnerabilities in file htdocs/entry_chooser.php.
+Author: Ismail Belkacim <xd4rker@gmail.com>
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1701731
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: phpldapadmin-1.2.2/htdocs/entry_chooser.php
+===================================================================
+--- phpldapadmin-1.2.2.orig/htdocs/entry_chooser.php
++++ phpldapadmin-1.2.2/htdocs/entry_chooser.php
+@@ -15,9 +15,9 @@ $www['page'] = new page();
+ 
+ $request = array();
+ $request['container'] = get_request('container','GET');
+-$request['form'] = get_request('form','GET');
+-$request['element'] = get_request('element','GET');
+-$request['rdn'] = get_request('rdn','GET');
++$request['form'] = htmlspecialchars(addslashes(get_request('form','GET')));
++$request['element'] = htmlspecialchars(addslashes(get_request('element','GET')));
++$request['rdn'] = htmlspecialchars(addslashes(get_request('rdn','GET')));
+ 
+ echo '<div class="popup">';
+ printf('<h3 class="subtitle">%s</h3>',_('Entry Chooser'));
+@@ -33,7 +33,7 @@ echo '</script>';
+ echo '<table class="forminput" width="100%" border="0">';
+ if ($request['container']) {
+ 	printf('<tr><td class="heading" colspan="3">%s:</td><td>%s</td></tr>',_('Server'),$app['server']->getName());
+-	printf('<tr><td class="heading" colspan="3">%s:</td><td>%s</td></tr>',_('Looking in'),$request['container']);
++	printf('<tr><td class="heading" colspan="3">%s:</td><td>%s</td></tr>',_('Looking in'),htmlspecialchars($request['container']));
+ 	echo '<tr><td class="blank" colspan="4">&nbsp;</td></tr>';
+ }
+