Add security fix patches, refering http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html.

Bump PKGREVISION.
2009-12-20 04:21:05 +00:00 · 2009-12-20 04:21:05 +00:00 · c029324c48
commit c029324c48
parent b34818b4b5
4 changed files with 109 additions and 3 deletions
--- a/www/typolight26/Makefile
+++ b/www/typolight26/Makefile
@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.4 2009/11/29 06:46:21 taca Exp $
+# $NetBSD: Makefile,v 1.5 2009/12/20 04:21:05 taca Exp $
 #

 DISTNAME=	typolight-${TL_VERSION}
 PKGNAME=	typolight${TL_VER}-${TL_PKGVER}
-PKGREVISION=	2
+PKGREVISION=	3
 CATEGORIES=	www
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=typolight/}

--- a/www/typolight26/distinfo
+++ b/www/typolight26/distinfo
@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.2 2009/04/30 13:12:40 taca Exp $
+$NetBSD: distinfo,v 1.3 2009/12/20 04:21:05 taca Exp $

 SHA1 (typolight-2.6.7.tar.gz) = d360d5a974c3663488576f856302710c0529b500
 RMD160 (typolight-2.6.7.tar.gz) = b15e3c1c910f3fc9bf3797ffd0dfd6dfc3dd7d5a
@ -6,3 +6,5 @@ Size (typolight-2.6.7.tar.gz) = 2906128 bytes
 SHA1 (patch-aa) = 254a1fef4e0baff7c5f10c25ceb9d1501f315684
 SHA1 (patch-ab) = a005f8650564eb031def1f94156dcdc72799a758
 SHA1 (patch-ac) = 035f7703721774b1cc9eaf99ffdbc6aa60489076
+SHA1 (patch-ad) = 1302dfb77f76f3d407f123b3e1f1d9f8dfe6e740
+SHA1 (patch-ae) = 7498d750dc902294163efd32cae3ac20feb08c08
--- a/www/typolight26/patches/patch-ad
+++ b/www/typolight26/patches/patch-ad
@ -0,0 +1,52 @@
+$NetBSD: patch-ad,v 1.1 2009/12/20 04:21:05 taca Exp $
+
+* Security fix:
+	http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html
+
+--- typolight/ftp.php.orig	2008-12-13 15:27:05.000000000 +0000
+++ typolight/ftp.php
+@@ -88,6 +88,9 @@ class FtpCheck extends Controller
+ 		 */
+ 		if ($this->Input->post('FORM_SUBMIT') == 'tl_login')
+ 		{
+			$_SESSION['TL_INSTALL_AUTH'] = '';
+			$_SESSION['TL_INSTALL_EXPIRE'] = 0;
+
+ 			$password =  sha1($this->Input->post('password', true));
+ 
+ 			if (strlen($password) && $password != 'da39a3ee5e6b4b0d3255bfef95601890afd80709')
+@@ -95,7 +98,10 @@ class FtpCheck extends Controller
+ 				// Set cookie
+ 				if ($password == $GLOBALS['TL_CONFIG']['installPassword'])
+ 				{
+-					$this->setCookie('TL_INSTALL_AUTH', md5($this->Environment->ip.session_id()), (time()+300), $GLOBALS['TL_CONFIG']['websitePath']);
+					$_SESSION['TL_INSTALL_EXPIRE'] = (time() + 300);
+					$_SESSION['TL_INSTALL_AUTH'] = md5(uniqid('', true) . $this->Environment->ip . session_id());
+
+					$this->setCookie('TL_INSTALL_AUTH', $_SESSION['TL_INSTALL_AUTH'], $_SESSION['TL_INSTALL_EXPIRE'], $GLOBALS['TL_CONFIG']['websitePath']);
+ 					$this->Config->update("\$GLOBALS['TL_CONFIG']['installCount']", 0);
+ 
+ 					$this->reload();
+@@ -109,14 +115,20 @@ class FtpCheck extends Controller
+ 		}
+ 
+ 		// Check cookie
+-		if (!$this->Input->cookie('TL_INSTALL_AUTH'))
+		if (!$this->Input->cookie('TL_INSTALL_AUTH') || $_SESSION['TL_INSTALL_AUTH'] == '' || $this->Input->cookie('TL_INSTALL_AUTH') != $_SESSION['TL_INSTALL_AUTH'] || $_SESSION['TL_INSTALL_EXPIRE'] < time())
+ 		{
+ 			$this->Template->login = true;
+ 			$this->outputAndExit();
+ 		}
+ 
+ 		// Renew cookie
+-		$this->setCookie('TL_INSTALL_AUTH', md5($this->Environment->ip.session_id()), (time()+300), $GLOBALS['TL_CONFIG']['websitePath']);
+		else
+		{
+			$_SESSION['TL_INSTALL_EXPIRE'] = (time() + 300);
+			$_SESSION['TL_INSTALL_AUTH'] = md5(uniqid('', true) . $this->Environment->ip . session_id());
+
+			$this->setCookie('TL_INSTALL_AUTH', $_SESSION['TL_INSTALL_AUTH'], $_SESSION['TL_INSTALL_EXPIRE'], $GLOBALS['TL_CONFIG']['websitePath']);
+		}
+ 
+ 
+ 		/**
--- a/www/typolight26/patches/patch-ae
+++ b/www/typolight26/patches/patch-ae
@ -0,0 +1,52 @@
+$NetBSD: patch-ae,v 1.1 2009/12/20 04:21:05 taca Exp $
+
+* Security fix:
+	http://www.typolight.org/news/items/major-security-hole-in-the-typolight-install-tool.html
+
+--- typolight/install.php.orig	2008-12-13 15:27:05.000000000 +0000
+++ typolight/install.php
+@@ -113,6 +113,9 @@ class InstallTool extends Controller
+ 		 */
+ 		if ($this->Input->post('FORM_SUBMIT') == 'tl_login')
+ 		{
+			$_SESSION['TL_INSTALL_AUTH'] = '';
+			$_SESSION['TL_INSTALL_EXPIRE'] = 0;
+
+ 			$password =  sha1($this->Input->post('password', true));
+ 
+ 			if (strlen($password) && $password != 'da39a3ee5e6b4b0d3255bfef95601890afd80709')
+@@ -120,7 +123,10 @@ class InstallTool extends Controller
+ 				// Set cookie
+ 				if ($password == $GLOBALS['TL_CONFIG']['installPassword'])
+ 				{
+-					$this->setCookie('TL_INSTALL_AUTH', md5($this->Environment->ip.session_id()), (time()+300), $GLOBALS['TL_CONFIG']['websitePath']);
+					$_SESSION['TL_INSTALL_EXPIRE'] = (time() + 300);
+					$_SESSION['TL_INSTALL_AUTH'] = md5(uniqid('', true) . $this->Environment->ip . session_id());
+
+					$this->setCookie('TL_INSTALL_AUTH', $_SESSION['TL_INSTALL_AUTH'], $_SESSION['TL_INSTALL_EXPIRE'], $GLOBALS['TL_CONFIG']['websitePath']);
+ 					$this->Config->update("\$GLOBALS['TL_CONFIG']['installCount']", 0);
+ 
+ 					$this->reload();
+@@ -134,14 +140,20 @@ class InstallTool extends Controller
+ 		}
+ 
+ 		// Check cookie
+-		if (!$this->Input->cookie('TL_INSTALL_AUTH'))
+		if (!$this->Input->cookie('TL_INSTALL_AUTH') || $_SESSION['TL_INSTALL_AUTH'] == '' || $this->Input->cookie('TL_INSTALL_AUTH') != $_SESSION['TL_INSTALL_AUTH'] || $_SESSION['TL_INSTALL_EXPIRE'] < time())
+ 		{
+ 			$this->Template->login = true;
+ 			$this->outputAndExit();
+ 		}
+ 
+ 		// Renew cookie
+-		$this->setCookie('TL_INSTALL_AUTH', md5($this->Environment->ip.session_id()), (time()+300), $GLOBALS['TL_CONFIG']['websitePath']);
+		else
+		{
+			$_SESSION['TL_INSTALL_EXPIRE'] = (time() + 300);
+			$_SESSION['TL_INSTALL_AUTH'] = md5(uniqid('', true) . $this->Environment->ip . session_id());
+
+			$this->setCookie('TL_INSTALL_AUTH', $_SESSION['TL_INSTALL_AUTH'], $_SESSION['TL_INSTALL_EXPIRE'], $GLOBALS['TL_CONFIG']['websitePath']);
+		}
+ 
+ 
+ 		/**