[Pkg-drupal-commits] r2057 - in /branches/drupal-5.0/debian: changelog patches/00list patches/20_SA-CORE-2009-007.dpatch

Mon Jul 13 15:24:44 UTC 2009

Author: luigi
Date: Mon Jul 13 15:24:43 2009
New Revision: 2057

URL: http://svn.debian.org/wsvn/pkg-drupal/?sc=1&rev=2057
Log:
Integrate NMU

Added:
    branches/drupal-5.0/debian/patches/20_SA-CORE-2009-007.dpatch
Modified:
    branches/drupal-5.0/debian/changelog
    branches/drupal-5.0/debian/patches/00list

Modified: branches/drupal-5.0/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/debian/changelog?rev=2057&op=diff
==============================================================================

--- branches/drupal-5.0/debian/changelog (original)
+++ branches/drupal-5.0/debian/changelog Mon Jul 13 15:24:43 2009
@@ -1,3 +1,11 @@
+drupal5 (5.18-1.1) unstable; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Apply upstream patch to fix possible password leakage
+    via URLs (no CVE id yet; SA-CORE-2009-007; Closes: #535476).
+
+ -- Nico Golde <nion at debian.org>  Mon, 06 Jul 2009 20:24:02 +0200
+
 drupal5 (5.18-1) unstable; urgency=low
 
   [ Luigi Gangitano ]

Modified: branches/drupal-5.0/debian/patches/00list
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/debian/patches/00list?rev=2057&op=diff
==============================================================================
--- branches/drupal-5.0/debian/patches/00list (original)
+++ branches/drupal-5.0/debian/patches/00list Mon Jul 13 15:24:43 2009
@@ -1,1 +1,2 @@
 10_cronjob
+20_SA-CORE-2009-007

Added: branches/drupal-5.0/debian/patches/20_SA-CORE-2009-007.dpatch
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/debian/patches/20_SA-CORE-2009-007.dpatch?rev=2057&op=file
==============================================================================
--- branches/drupal-5.0/debian/patches/20_SA-CORE-2009-007.dpatch (added)
+++ branches/drupal-5.0/debian/patches/20_SA-CORE-2009-007.dpatch Mon Jul 13 15:24:43 2009
@@ -1,0 +1,46 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 20_SA-CORE-2009-007.dpatch by Nico Golde <nion at debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: fix password leakage in URL
+
+ at DPATCH@
+diff -urNad drupal5-5.18~/includes/pager.inc drupal5-5.18/includes/pager.inc
+--- drupal5-5.18~/includes/pager.inc	2006-10-15 21:57:05.000000000 +0200
++++ drupal5-5.18/includes/pager.inc	2009-07-06 20:21:30.000000000 +0200
+@@ -85,7 +85,7 @@
+ function pager_get_querystring() {
+   static $string = NULL;
+   if (!isset($string)) {
+-    $string = drupal_query_string_encode($_REQUEST, array_merge(array('q', 'page'), array_keys($_COOKIE)));
++    $string = drupal_query_string_encode($_REQUEST, array_merge(array('q', 'page', 'pass'), array_keys($_COOKIE)));
+   }
+   return $string;
+ }
+diff -urNad drupal5-5.18~/includes/tablesort.inc drupal5-5.18/includes/tablesort.inc
+--- drupal5-5.18~/includes/tablesort.inc	2007-06-17 00:29:25.000000000 +0200
++++ drupal5-5.18/includes/tablesort.inc	2009-07-06 20:21:30.000000000 +0200
+@@ -131,7 +131,7 @@
+  *   except for those pertaining to table sorting.
+  */
+ function tablesort_get_querystring() {
+-  return drupal_query_string_encode($_REQUEST, array_merge(array('q', 'sort', 'order'), array_keys($_COOKIE)));
++  return drupal_query_string_encode($_REQUEST, array_merge(array('q', 'sort', 'order', 'pass'), array_keys($_COOKIE)));
+ }
+ 
+ /**
+diff -urNad drupal5-5.18~/modules/forum/forum.module drupal5-5.18/modules/forum/forum.module
+--- drupal5-5.18~/modules/forum/forum.module	2009-04-29 20:53:38.000000000 +0200
++++ drupal5-5.18/modules/forum/forum.module	2009-07-06 20:21:30.000000000 +0200
+@@ -833,6 +833,11 @@
+  * Menu callback; prints a forum listing.
+  */
+ function forum_page($tid = 0) {
++  if (!is_numeric($tid)) {
++    return MENU_NOT_FOUND;
++  }
++  $tid = (int)$tid;
++
+   drupal_add_css(drupal_get_path('module', 'forum') .'/forum.css');
+   $forum_per_page = variable_get('forum_per_page', 25);
+   $sortby = variable_get('forum_order', 1);


