[Pkg-drupal-commits] r2089 - in /branches/lenny-security/debian: changelog patches/00list patches/15_SA-CORE-2009-006.dpatch

luigi at users.alioth.debian.org luigi at users.alioth.debian.org
Fri Nov 6 01:11:48 UTC 2009 

Author: luigi
Date: Fri Nov  6 01:11:48 2009
New Revision: 2089

URL: http://svn.debian.org/wsvn/pkg-drupal/?sc=1&rev=2089
Log:
Merge security release from Steffen Joeris

Added:
    branches/lenny-security/debian/patches/15_SA-CORE-2009-006.dpatch
Modified:
    branches/lenny-security/debian/changelog
    branches/lenny-security/debian/patches/00list

Modified: branches/lenny-security/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/lenny-security/debian/changelog?rev=2089&op=diff
==============================================================================
--- branches/lenny-security/debian/changelog (original)
+++ branches/lenny-security/debian/changelog Fri Nov  6 01:11:48 2009
@@ -1,3 +1,11 @@
+drupal6 (6.6-3lenny2) stable-security; urgency=high
+
+  * Non-maintainer upload by the security team
+  * Fix cross-site scripting (XSS) issues (Closes: #529190, #531386)
+    Fixes: SA-CORE-2009-006
+
+ -- Steffen Joeris <white at debian.org>  Mon, 01 Jun 2009 12:46:29 +0000
+
 drupal6 (6.6-3lenny1) stable-security; urgency=high
 
   [ Luigi Gangitano ]  

Modified: branches/lenny-security/debian/patches/00list
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/lenny-security/debian/patches/00list?rev=2089&op=diff
==============================================================================
--- branches/lenny-security/debian/patches/00list (original)
+++ branches/lenny-security/debian/patches/00list Fri Nov  6 01:11:48 2009
@@ -2,3 +2,4 @@
 12_SA-2008-073
 13_SA-CORE-2009-001
 14_SA-CORE-2009-005
+15_SA-CORE-2009-006

Added: branches/lenny-security/debian/patches/15_SA-CORE-2009-006.dpatch
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/lenny-security/debian/patches/15_SA-CORE-2009-006.dpatch?rev=2089&op=file
==============================================================================
--- branches/lenny-security/debian/patches/15_SA-CORE-2009-006.dpatch (added)
+++ branches/lenny-security/debian/patches/15_SA-CORE-2009-006.dpatch Fri Nov  6 01:11:48 2009
@@ -1,0 +1,107 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+
+ at DPATCH@
+Index: includes/theme.inc
+===================================================================
+RCS file: /cvs/drupal/drupal/includes/theme.inc,v
+retrieving revision 1.415.2.21
+diff -u -p -r1.415.2.21 theme.inc
+--- includes/theme.inc	30 Apr 2009 00:13:30 -0000	1.415.2.21
++++ drupal6-6.6/includes/theme.inc	13 May 2009 19:58:31 -0000
+@@ -688,7 +688,7 @@ function theme() {
+   // restore path_to_theme()
+   $theme_path = $temp;
+   // Add final markup to the full page.
+-  if ($hook == 'page') {
++  if ($hook == 'page' || $hook == 'book_export_html') {
+     $output = drupal_final_markup($output);
+   }
+   return $output;
+Index: modules/book/book-export-html.tpl.php
+===================================================================
+RCS file: /cvs/drupal/drupal/modules/book/book-export-html.tpl.php,v
+retrieving revision 1.1
+diff -u -p -r1.1 book-export-html.tpl.php
+--- modules/book/book-export-html.tpl.php	4 Nov 2007 14:29:09 -0000	1.1
++++ drupal6-6.6/modules/book/book-export-html.tpl.php	13 May 2009 19:58:31 -0000
+@@ -20,8 +20,8 @@
+ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+ <html xmlns="http://www.w3.org/1999/xhtml" lang="<?php print $language->language; ?>" xml:lang="<?php print $language->language; ?>">
+   <head>
+-    <title><?php print $title; ?></title>
+     <?php print $head; ?>
++    <title><?php print $title; ?></title>
+     <base href="<?php print $base_url; ?>" />
+     <link type="text/css" rel="stylesheet" href="misc/print.css" />
+     <?php if ($language_rtl): ?>
+Index: modules/taxonomy/taxonomy.module
+===================================================================
+RCS file: /cvs/drupal/drupal/modules/taxonomy/taxonomy.module,v
+retrieving revision 1.414.2.8
+diff -u -p -r1.414.2.8 taxonomy.module
+--- modules/taxonomy/taxonomy.module	27 Apr 2009 11:49:05 -0000	1.414.2.8
++++ drupal6-6.6/modules/taxonomy/taxonomy.module	13 May 2009 19:58:31 -0000
+@@ -415,7 +415,7 @@ function taxonomy_del_term($tid) {
+  */
+ function taxonomy_form($vid, $value = 0, $help = NULL, $name = 'taxonomy') {
+   $vocabulary = taxonomy_vocabulary_load($vid);
+-  $help = ($help) ? $help : $vocabulary->help;
++  $help = ($help) ? $help : filter_xss_admin($vocabulary->help);
+ 
+   if (!$vocabulary->multiple) {
+     $blank = ($vocabulary->required) ? t('- Please choose -') : t('- None selected -');
+@@ -514,7 +514,7 @@ function taxonomy_form_alter(&$form, $fo
+           $typed_string = taxonomy_implode_tags($terms, $vocabulary->vid) . (array_key_exists('tags', $terms) ? $terms['tags'][$vocabulary->vid] : NULL);
+         }
+         if ($vocabulary->help) {
+-          $help = $vocabulary->help;
++          $help = filter_xss_admin($vocabulary->help);
+         }
+         else {
+           $help = t('A comma-separated list of terms describing this content. Example: funny, bungee jumping, "Company, Inc.".');
+@@ -538,7 +538,7 @@ function taxonomy_form_alter(&$form, $fo
+             $default_terms[$term->tid] = $term;
+           }
+         }
+-        $form['taxonomy'][$vocabulary->vid] = taxonomy_form($vocabulary->vid, array_keys($default_terms), $vocabulary->help);
++        $form['taxonomy'][$vocabulary->vid] = taxonomy_form($vocabulary->vid, array_keys($default_terms), filter_xss_admin($vocabulary->help));
+         $form['taxonomy'][$vocabulary->vid]['#weight'] = $vocabulary->weight;
+         $form['taxonomy'][$vocabulary->vid]['#required'] = $vocabulary->required;
+       }
+@@ -1018,6 +1018,35 @@ function taxonomy_get_term($tid) {
+   return $terms[$tid];
+ }
+ 
++/**
++ * Create a select form element for a given taxonomy vocabulary.
++ *
++ * NOTE: This function expects input that has already been sanitized and is
++ * safe for display. Callers must properly sanitize the $title and
++ * $description arguments to prevent XSS vulnerabilities.
++ *
++ * @param $title
++ *   The title of the vocabulary. This MUST be sanitized by the caller.
++ * @param $name
++ *   Ignored.
++ * @param $value
++ *   The currently selected terms from this vocabulary, if any.
++ * @param $vocabulary_id
++ *   The vocabulary ID to build the form element for.
++ * @param $description
++ *   Help text for the form element. This MUST be sanitized by the caller.
++ * @param $multiple
++ *   Boolean to control if the form should use a single or multiple select.
++ * @param $blank
++ *   Optional form choice to use when no value has been selected.
++ * @param $exclude
++ *   Optional array of term ids to exclude in the selector.
++ * @return
++ *   A FAPI form array to select terms from the given vocabulary.
++ *
++ * @see taxonomy_form()
++ * @see taxonomy_form_term()
++ */
+ function _taxonomy_term_select($title, $name, $value, $vocabulary_id, $description, $multiple, $blank, $exclude = array()) {
+   $tree = taxonomy_get_tree($vocabulary_id);
+   $options = array();
+

More information about the Pkg-drupal-commits mailing list