[pkgsrc/trunk]: pkgsrc/www/geeklog Add a temporary fix to handle security pro...

[taca <taca%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/02404672b5ff
branches:  trunk
changeset: 515318:02404672b5ff
user:      taca <taca%pkgsrc.org@localhost>
date:      Fri Jun 30 17:16:27 2006 +0000

description:
Add a temporary fix to handle security problem of fckeditor; disabling
file upload functions.

Bump PKGREVISION.

diffstat:

 www/geeklog/Makefile         |   4 ++--
 www/geeklog/distinfo         |   3 ++-
 www/geeklog/patches/patch-ag |  34 ++++++++++++++++++++++++++++++++++
 3 files changed, 38 insertions(+), 3 deletions(-)

diffs (67 lines):

diff -r d722864f1274 -r 02404672b5ff www/geeklog/Makefile
--- a/www/geeklog/Makefile      Fri Jun 30 16:20:41 2006 +0000
+++ b/www/geeklog/Makefile      Fri Jun 30 17:16:27 2006 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.4 2006/06/18 08:34:05 taca Exp $
+# $NetBSD: Makefile,v 1.5 2006/06/30 17:16:27 taca Exp $
 #
 
 DISTNAME=      geeklog-${VER}
 PKGNAME=       geeklog-${VER:S/sr/./}
-PKGREVISION=   1
+PKGREVISION=   2
 CATEGORIES=    www
 MASTER_SITES=  http://www.geeklog.net/filemgmt/upload_dir/
 
diff -r d722864f1274 -r 02404672b5ff www/geeklog/distinfo
--- a/www/geeklog/distinfo      Fri Jun 30 16:20:41 2006 +0000
+++ b/www/geeklog/distinfo      Fri Jun 30 17:16:27 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.1.1.1 2006/06/15 13:26:42 taca Exp $
+$NetBSD: distinfo,v 1.2 2006/06/30 17:16:27 taca Exp $
 
 SHA1 (geeklog-1.4.0sr3.tar.gz) = e2d2fd41285c0cdad1e09cc935bcdb200179846f
 RMD160 (geeklog-1.4.0sr3.tar.gz) = 70d6b625d61fe954626a29a4860d4a59ce155391
@@ -9,3 +9,4 @@
 SHA1 (patch-ad) = 674392480791cd99e21982ff61b81257d4e2e765
 SHA1 (patch-ae) = b7e533ff938f192ac08938cff6615ece9e37bd2f
 SHA1 (patch-af) = 2976c0bdb5f892521172a7e4d2e44a66ab386ef5
+SHA1 (patch-ag) = 176a1c279d9cf002dcf01abdce396a95c414dee7
diff -r d722864f1274 -r 02404672b5ff www/geeklog/patches/patch-ag
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/geeklog/patches/patch-ag      Fri Jun 30 17:16:27 2006 +0000
@@ -0,0 +1,34 @@
+$NetBSD: patch-ag,v 1.1 2006/06/30 17:16:27 taca Exp $
+
+Give first aid to file uploader security problem.
+
+--- public_html/fckeditor/fckconfig.js.orig    2006-05-28 18:41:40.000000000 +0900
++++ public_html/fckeditor/fckconfig.js
+@@ -160,17 +160,17 @@ FCKConfig.ImageDlgHideAdvanced    = fals
+ 
+ FCKConfig.FlashDlgHideAdvanced    = false ;
+ 
+-FCKConfig.LinkBrowser = true ;
++FCKConfig.LinkBrowser = false ;
+ FCKConfig.LinkBrowserURL = FCKConfig.BasePath + 'filemanager/browser/mcpuk/browser.html?Connector=connectors/php/connector.php' ;
+ FCKConfig.LinkBrowserWindowWidth    = screen.width * 0.7 ;    // 70%
+ FCKConfig.LinkBrowserWindowHeight    = screen.height * 0.7 ;    // 70%
+ 
+-FCKConfig.ImageBrowser = true ;
++FCKConfig.ImageBrowser = false ;
+ FCKConfig.ImageBrowserURL = FCKConfig.BasePath + 'filemanager/browser/mcpuk/browser.html?Type=Image&Connector=connectors/php/connector.php' ;
+ FCKConfig.ImageBrowserWindowWidth  = screen.width * 0.7 ;    // 70% ;
+ FCKConfig.ImageBrowserWindowHeight = screen.height * 0.7 ;    // 70% ;
+ 
+-FCKConfig.FlashBrowser = true ;
++FCKConfig.FlashBrowser = false ;
+ FCKConfig.FlashBrowserURL = FCKConfig.BasePath + 'filemanager/browser/mcpuk/browser.html?Type=Flash&Connector=connectors/php/connector.php' ;
+ FCKConfig.FlashBrowserWindowWidth  = screen.width * 0.7 ;    //70% ;
+ FCKConfig.FlashBrowserWindowHeight = screen.height * 0.7 ;    //70% ;
+@@ -198,4 +198,4 @@ FCKConfig.SmileyColumns = 8 ;
+ FCKConfig.SmileyWindowWidth        = 320 ;
+ FCKConfig.SmileyWindowHeight    = 240 ;
+ 
+-if( window.console ) window.console.log( 'Config is loaded!' ) ;    // @Packager.Compactor.RemoveLine
+\ No newline at end of file
++if( window.console ) window.console.log( 'Config is loaded!' ) ;    // @Packager.Compactor.RemoveLine