Update drupal6 to 6.27 fixed security problem.

* Add a possible fix of SA4931, too. Drupal 6.27, 2012-12-19 ---------------------- - Fixed security issues (multiple vulnerabilities), see SA-CORE-2012-004.
2012-12-20 12:47:35 +00:00 · 2012-12-20 12:47:35 +00:00 · 740f9fe75e
commit 740f9fe75e
parent 2a54d67d42
3 changed files with 25 additions and 7 deletions
--- a/www/drupal6/Makefile
+++ b/www/drupal6/Makefile
@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.39 2012/10/28 06:30:14 asau Exp $
+# $NetBSD: Makefile,v 1.40 2012/12/20 12:47:35 taca Exp $

-DISTNAME=	drupal-6.26
-PKGREVISION=	1
+DISTNAME=	drupal-6.27
 CATEGORIES=	www
 MASTER_SITES=	http://drupal.org/files/projects/

@ -65,6 +64,9 @@ OWN_DIRS+=	share/drupal/profiles/default
 post-extract:
 	${CP} ${FILESDIR}/drupal.conf ${WRKSRC}

+pre-install:
+	${FIND} ${WRKSRC} -type f -name "*.orig" -exec ${RM} -f {} \;
+
 do-install:
 	${INSTALL_DATA} ${WRKSRC}/robots.txt ${DESTDIR}${PREFIX}/${DRUPAL}
 	${INSTALL_DATA} ${WRKSRC}/sites/all/README.txt \
--- a/www/drupal6/distinfo
+++ b/www/drupal6/distinfo
@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.25 2012/05/03 07:02:12 taca Exp $
+$NetBSD: distinfo,v 1.26 2012/12/20 12:47:35 taca Exp $

-SHA1 (drupal-6.26.tar.gz) = 4c96fbcf98d45ab1b4e9e2b899af926e0e24e45b
-RMD160 (drupal-6.26.tar.gz) = 23c8fede73badf33ac268494624bcb057fc88645
-Size (drupal-6.26.tar.gz) = 1105016 bytes
+SHA1 (drupal-6.27.tar.gz) = fa4d3ac5d86133c37156611c1595104879e27467
+RMD160 (drupal-6.27.tar.gz) = fbec59f6275063f60ffd213d603b7ab74c6d5d7d
+Size (drupal-6.27.tar.gz) = 1105095 bytes
+SHA1 (patch-includes_path.inc) = 84825d47cc6cbe3466cb34adb7e512231293e9a4
--- a/www/drupal6/patches/patch-includes_path.inc
+++ b/www/drupal6/patches/patch-includes_path.inc
@ -0,0 +1,15 @@
+$NetBSD: patch-includes_path.inc,v 1.1 2012/12/20 12:47:35 taca Exp $
+
+Possible fix to SA4931.
+
+--- includes/path.inc.orig	2012-12-19 18:51:43.000000000 +0000
+++ includes/path.inc
+@@ -13,7 +13,7 @@
+  * Initialize the $_GET['q'] variable to the proper normal path.
+  */
+ function drupal_init_path() {
+-  if (!empty($_GET['q'])) {
+  if (!empty($_GET['q']) && is_string($_GET['q'])) {
+     $_GET['q'] = drupal_get_normal_path(trim($_GET['q'], '/'));
+   }
+   else {