[pgv-svn] r86 - in phpgedview/trunk/debian: . patches

thijs at alioth.debian.org thijs at alioth.debian.org
Wed Oct 10 08:30:16 UTC 2007 

Author: thijs
Date: 2007-10-10 08:30:16 +0000 (Wed, 10 Oct 2007)
New Revision: 86

Added:
   phpgedview/trunk/debian/patches/02_CVE-2007-5051.patch
Modified:
   phpgedview/trunk/debian/changelog
Log:
* Fix cross site scripting (XSS) issues, thanks Nico Golde for
  helping to research the patch (CVE-2007-5051, closes: #443901).


Modified: phpgedview/trunk/debian/changelog
===================================================================
--- phpgedview/trunk/debian/changelog	2007-09-22 07:45:42 UTC (rev 85)
+++ phpgedview/trunk/debian/changelog	2007-10-10 08:30:16 UTC (rev 86)
@@ -1,3 +1,10 @@
+phpgedview (4.1.e+4.1.1-2) unstable; urgency=medium
+
+  * Fix cross site scripting (XSS) issues, thanks Nico Golde for
+    helping to research the patch (CVE-2007-5051, closes: #443901).
+
+ -- Thijs Kinkhorst <thijs at debian.org>  Wed, 10 Oct 2007 10:08:42 +0200
+
 phpgedview (4.1.e+4.1.1-1) unstable; urgency=low
 
   * New upstream release 4.1.1.

Added: phpgedview/trunk/debian/patches/02_CVE-2007-5051.patch
===================================================================
--- phpgedview/trunk/debian/patches/02_CVE-2007-5051.patch	                        (rev 0)
+++ phpgedview/trunk/debian/patches/02_CVE-2007-5051.patch	2007-10-10 08:30:16 UTC (rev 86)
@@ -0,0 +1,57 @@
+Index: includes/functions_print.php
+===================================================================
+--- includes/functions_print.php	(Revision 1723)
++++ includes/functions_print.php	(Revision 1724)
+@@ -990,7 +990,7 @@
+ 						$parts = preg_split("/=/", $var);
+ 						if (count($parts)>1) {
+ 							if (($parts[0]!="changelanguage")&&($parts[0]!="NEWLANGUAGE"))
+-								print "\n\t\t<input type=\"hidden\" name=\"$parts[0]\" value=\"".urldecode($parts[1])."\" />";
++								print "\n\t\t<input type=\"hidden\" name=\"$parts[0]\" value=\"".htmlentities(urldecode($parts[1]))."\" />";
+ 						}
+ 					}
+ 					print "\n\t\t<input type=\"hidden\" name=\"changelanguage\" value=\"yes\" />\n\t\t<select name=\"NEWLANGUAGE\" class=\"header_select\" onchange=\"submit();\">";
+Index: ancestry.php
+===================================================================
+--- ancestry.php	(Revision 1723)
++++ ancestry.php	(Revision 1724)
+@@ -62,7 +62,7 @@
+ 	print_help_link("rootid_help", "qm");
+ 	print $pgv_lang["root_person"]?></td>
+ 	<td class="optionbox vmiddle">
+-	<input class="pedigree_form" type="text" name="rootid" id="rootid" size="3" value="<?php print $controller->rootid ?>" />
++	<input class="pedigree_form" type="text" name="rootid" id="rootid" size="3" value="<?php print htmlentities($controller->rootid) ?>" />
+ 	<?php print_findindi_link("rootid",""); ?>
+ 	</td>
+ 
+@@ -71,7 +71,7 @@
+ 	<?php
+ 	print_help_link("box_width_help", "qm");
+ 	print $pgv_lang["box_width"]?></td>
+-	<td class="optionbox vmiddle"><input type="text" size="3" name="box_width" value="<?php print $box_width ?>" /> <b>%</b>
++	<td class="optionbox vmiddle"><input type="text" size="3" name="box_width" value="<?php print htmlentities($box_width) ?>" /> <b>%</b>
+ 	</td>
+ 
+ 	<!-- // NOTE: chart style -->
+Index: timeline.php
+===================================================================
+--- timeline.php	(Revision 1723)
++++ timeline.php	(Revision 1724)
+@@ -284,7 +284,7 @@
+  			<a href="individual.php?pid=<?php print $pid; ?>">&nbsp;<?php print PrintReady($indi->getName()); ?><br />
+  			<?php $addname = $indi->getAddName(); if (strlen($addname) > 0) print PrintReady($addname); ?>
+ 			</a>
+-			<input type="hidden" name="pids[<?php print $p; ?>]" value="<?php print $pid; ?>" />
++			<input type="hidden" name="pids[<?php print $p; ?>]" value="<?php print htmlentities($pid); ?>" />
+ 			<?php if (!$controller->isPrintPreview()) {
+ 				print "<br />";
+ 				print_help_link("remove_person_help", "qm");
+@@ -305,7 +305,7 @@
+ 		else {
+ 			print_privacy_error($CONTACT_EMAIL);
+ 			?>
+-			<input type="hidden" name="pids[<?php print $p; ?>]" value="<?php print $pid; ?>" />
++			<input type="hidden" name="pids[<?php print $p; ?>]" value="<?php print htmlentities($pid); ?>" />
+ 			<?php if (!$controller->isPrintPreview()) {
+ 				print "<br />";
+ 				print_help_link("remove_person_help", "qm");

More information about the pkg-phpgedview-commit mailing list