pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/www/geeklog Update geeklog-1.4.0.4 (1.4.0sr3).



details:   https://anonhg.NetBSD.org/pkgsrc/rev/a1ee23e8106c
branches:  trunk
changeset: 515336:a1ee23e8106c
user:      taca <taca%pkgsrc.org@localhost>
date:      Sat Jul 01 00:22:38 2006 +0000

description:
Update geeklog-1.4.0.4 (1.4.0sr3).

----------------------------------------------------------------------------

Two exploits have been released by "rgod" for insecure Geeklog installations
and for a bug in the "mcpuk" file manager that we've been shipping as part of
FCKeditor in all previous 1.4.0 releases.

 o  Some of the files outside of the public_html directory were not protected
    against direct execution. If Geeklog was installed such that those files
    were accessible from a URL (which has always been strongly discouraged in
    the installation instructions) then those files could be used to load and
    execute malicious code from a remote server.

    More information: So-called Geeklog "exploit" posted

    In this release, we've added the missing execution prevention for all files
    outside of public_html. We would still, however, suggest that you fix your
    Geeklog install if the files outside of public_html are accessible from a
    URL (see our FAQ for details).
 o  The "mcpuk" file manager that we've integrated into FCKeditor allowed the
    upload of arbitrary PHP code (even if FCKeditor was disabled in Geeklog's
    config.php). Depending on your webserver's configuration, it was then
    possible to execute that uploaded code.

    More information: Exploit for FCKeditor's mcpuk file manager

    The file manager has been removed from this release. You will therefore no
    longer be able to upload files, e.g. images, through FCKeditor. Future
    versions of Geeklog will ship with an updated version of FCKeditor and its
    included file manager.

Note: This release also includes the updated lib-trackback.php for better
protection against Trackback spam.

----------------------------------------------------------------------------

First problem dosen't related to pkgsrc.

diffstat:

 www/geeklog/Makefile         |    5 +-
 www/geeklog/PLIST            |  144 +------------------------------------------
 www/geeklog/distinfo         |    9 +-
 www/geeklog/patches/patch-ag |   34 ----------
 4 files changed, 7 insertions(+), 185 deletions(-)

diffs (246 lines):

diff -r 89742d798e73 -r a1ee23e8106c www/geeklog/Makefile
--- a/www/geeklog/Makefile      Fri Jun 30 22:50:09 2006 +0000
+++ b/www/geeklog/Makefile      Sat Jul 01 00:22:38 2006 +0000
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.5 2006/06/30 17:16:27 taca Exp $
+# $NetBSD: Makefile,v 1.6 2006/07/01 00:22:38 taca Exp $
 #
 
 DISTNAME=      geeklog-${VER}
 PKGNAME=       geeklog-${VER:S/sr/./}
-PKGREVISION=   2
 CATEGORIES=    www
 MASTER_SITES=  http://www.geeklog.net/filemgmt/upload_dir/
 
@@ -14,7 +13,7 @@
 DEPENDS+=      ${APACHE_PKG_PREFIX}-${PHP_PKG_PREFIX}>=4.3.3:../../www/ap-php
 DEPENDS+=      ${PHP_PKG_PREFIX}-mysql>=4.3.0:../../databases/php-mysql
 
-VER=           1.4.0sr3
+VER=           1.4.0sr4
 NO_BUILD=      YES
 
 GEEKLOG_SYS=           emailgeeklogstories language plugins readme sql system
diff -r 89742d798e73 -r a1ee23e8106c www/geeklog/PLIST
--- a/www/geeklog/PLIST Fri Jun 30 22:50:09 2006 +0000
+++ b/www/geeklog/PLIST Sat Jul 01 00:22:38 2006 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.2 2006/06/18 08:34:05 taca Exp $
+@comment $NetBSD: PLIST,v 1.3 2006/07/01 00:22:38 taca Exp $
 ${GEEKLOG_BASE}/emailgeeklogstories
 ${GEEKLOG_BASE}/language/bosnian.php
 ${GEEKLOG_BASE}/language/bosnian_utf-8.php
@@ -447,132 +447,6 @@
 ${GEEKLOG_PUB}/fckeditor/editor/fckdebug.html
 ${GEEKLOG_PUB}/fckeditor/editor/fckdialog.html
 ${GEEKLOG_PUB}/fckeditor/editor/fckeditor.html
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/browser.css
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/browser.html
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Auth/Default.php
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/CreateFolder.php
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/DeleteFile.php
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/DeleteFolder.php
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/FileUpload.php
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/GetFolders.php
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/GetFoldersAndFiles.php
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/GetUploadProgress.php
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/RenameFile.php
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/RenameFolder.php
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/Thumbnail.php
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/helpers/header.cgi
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/helpers/iconlookup.php
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/helpers/progress.cgi
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/helpers/upload.cgi
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Docs/AuthenticationHandlers.txt
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Docs/license.txt
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Docs/readme.txt
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/config.php
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/connector.php
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/dtd/iso-lat1.ent
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/ascii.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/binary.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/document2.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/email.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/empty.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/html.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/image.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/info.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/kmplot.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/kmultiple.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/pdf.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/php.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/postscript.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/real_doc.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/sound.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/spreadsheet.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/tar.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images/video.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/test.html.suspended
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/testme.php.suspended
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/frmactualfolder.html
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/frmcreatefolder.html
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/frmfolders.html
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/frmimageeditor.html
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/frmresourceslist.html
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/frmresourcetype.html
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/frmupload.html
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/2x2.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/2x2_w.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/ButtonArrow.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/Folder.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/Folder32.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/Folder96.jpg
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/FolderOpened.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/FolderOpened32.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/FolderUp.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/close.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/delete.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/edit.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/editImage.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/ai.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/avi.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/bmp.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/cs.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/default.icon.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/dll.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/doc.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/exe.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/fla.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/gif.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/htm.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/html.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/jpg.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/js.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/mdb.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/mp3.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/pdf.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/ppt.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/rdp.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/swf.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/swt.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/txt.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/vsd.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/xls.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/xml.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32/zip.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/ai.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/avi.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/bmp.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/cs.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/default.icon.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/dll.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/doc.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/exe.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/fla.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/gif.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/htm.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/html.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/jpg.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/js.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/mdb.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/mp3.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/pdf.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/ppt.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/rdp.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/swf.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/swt.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/txt.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/vsd.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/xls.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/xml.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/zip.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/spacer.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/toolbar/close.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/toolbar/crop.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/toolbar/flip.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/toolbar/resize.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/toolbar/rotate.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/toolbar/save.gif
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/js/EditorContent.js
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/js/common.js
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/js/fckxml.js
-${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/js/wz_jsgraphics.js
 ${GEEKLOG_PUB}/fckeditor/editor/images/anchor.gif
 ${GEEKLOG_PUB}/fckeditor/editor/images/smiley/fun/aiua.gif
 ${GEEKLOG_PUB}/fckeditor/editor/images/smiley/fun/ak.gif
@@ -1710,22 +1584,6 @@
 @dirrm ${GEEKLOG_PUB}/fckeditor/editor/images/smiley/fun
 @dirrm ${GEEKLOG_PUB}/fckeditor/editor/images/smiley
 @dirrm ${GEEKLOG_PUB}/fckeditor/editor/images
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/js
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/toolbar
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons/32
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images/icons
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/images
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/images
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/dtd
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Docs
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands/helpers
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Commands
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php/Auth
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors/php
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk/connectors
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser/mcpuk
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager/browser
-@dirrm ${GEEKLOG_PUB}/fckeditor/editor/filemanager
 @dirrm ${GEEKLOG_PUB}/fckeditor/editor/dialog/fck_universalkey
 @dirrm ${GEEKLOG_PUB}/fckeditor/editor/dialog/fck_template/images
 @dirrm ${GEEKLOG_PUB}/fckeditor/editor/dialog/fck_template
diff -r 89742d798e73 -r a1ee23e8106c www/geeklog/distinfo
--- a/www/geeklog/distinfo      Fri Jun 30 22:50:09 2006 +0000
+++ b/www/geeklog/distinfo      Sat Jul 01 00:22:38 2006 +0000
@@ -1,12 +1,11 @@
-$NetBSD: distinfo,v 1.2 2006/06/30 17:16:27 taca Exp $
+$NetBSD: distinfo,v 1.3 2006/07/01 00:22:38 taca Exp $
 
-SHA1 (geeklog-1.4.0sr3.tar.gz) = e2d2fd41285c0cdad1e09cc935bcdb200179846f
-RMD160 (geeklog-1.4.0sr3.tar.gz) = 70d6b625d61fe954626a29a4860d4a59ce155391
-Size (geeklog-1.4.0sr3.tar.gz) = 3394402 bytes
+SHA1 (geeklog-1.4.0sr4.tar.gz) = e7130c1295e7efda2a46b050056a83987b789f58
+RMD160 (geeklog-1.4.0sr4.tar.gz) = 3f649af15ea725f04df64eae3f0b78cd12aeb75b
+Size (geeklog-1.4.0sr4.tar.gz) = 3288549 bytes
 SHA1 (patch-aa) = 899fef1e35fc185289a86eff950eeef42a598f89
 SHA1 (patch-ab) = 8d7f4ce02880b83907104698e5a61aa5bb7f8de6
 SHA1 (patch-ac) = a976a962b28a2c40db4d0ef78d4f8472d1ece5ef
 SHA1 (patch-ad) = 674392480791cd99e21982ff61b81257d4e2e765
 SHA1 (patch-ae) = b7e533ff938f192ac08938cff6615ece9e37bd2f
 SHA1 (patch-af) = 2976c0bdb5f892521172a7e4d2e44a66ab386ef5
-SHA1 (patch-ag) = 176a1c279d9cf002dcf01abdce396a95c414dee7
diff -r 89742d798e73 -r a1ee23e8106c www/geeklog/patches/patch-ag
--- a/www/geeklog/patches/patch-ag      Fri Jun 30 22:50:09 2006 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,34 +0,0 @@
-$NetBSD: patch-ag,v 1.1 2006/06/30 17:16:27 taca Exp $
-
-Give first aid to file uploader security problem.
-
---- public_html/fckeditor/fckconfig.js.orig    2006-05-28 18:41:40.000000000 +0900
-+++ public_html/fckeditor/fckconfig.js
-@@ -160,17 +160,17 @@ FCKConfig.ImageDlgHideAdvanced    = fals
- 
- FCKConfig.FlashDlgHideAdvanced    = false ;
- 
--FCKConfig.LinkBrowser = true ;
-+FCKConfig.LinkBrowser = false ;
- FCKConfig.LinkBrowserURL = FCKConfig.BasePath + 'filemanager/browser/mcpuk/browser.html?Connector=connectors/php/connector.php' ;
- FCKConfig.LinkBrowserWindowWidth    = screen.width * 0.7 ;    // 70%
- FCKConfig.LinkBrowserWindowHeight    = screen.height * 0.7 ;    // 70%
- 
--FCKConfig.ImageBrowser = true ;
-+FCKConfig.ImageBrowser = false ;
- FCKConfig.ImageBrowserURL = FCKConfig.BasePath + 'filemanager/browser/mcpuk/browser.html?Type=Image&Connector=connectors/php/connector.php' ;
- FCKConfig.ImageBrowserWindowWidth  = screen.width * 0.7 ;    // 70% ;
- FCKConfig.ImageBrowserWindowHeight = screen.height * 0.7 ;    // 70% ;
- 
--FCKConfig.FlashBrowser = true ;
-+FCKConfig.FlashBrowser = false ;
- FCKConfig.FlashBrowserURL = FCKConfig.BasePath + 'filemanager/browser/mcpuk/browser.html?Type=Flash&Connector=connectors/php/connector.php' ;
- FCKConfig.FlashBrowserWindowWidth  = screen.width * 0.7 ;    //70% ;
- FCKConfig.FlashBrowserWindowHeight = screen.height * 0.7 ;    //70% ;
-@@ -198,4 +198,4 @@ FCKConfig.SmileyColumns = 8 ;
- FCKConfig.SmileyWindowWidth        = 320 ;
- FCKConfig.SmileyWindowHeight    = 240 ;
- 
--if( window.console ) window.console.log( 'Config is loaded!' ) ;    // @Packager.Compactor.RemoveLine
-\ No newline at end of file
-+if( window.console ) window.console.log( 'Config is loaded!' ) ;    // @Packager.Compactor.RemoveLine



Home | Main Index | Thread Index | Old Index