[pgv-svn] r87 - in phpgedview/trunk/debian: . patches
thijs at alioth.debian.org
thijs at alioth.debian.org
Tue Oct 23 20:20:47 UTC 2007
Author: thijs
Date: 2007-10-23 20:20:47 +0000 (Tue, 23 Oct 2007)
New Revision: 87
Removed:
phpgedview/trunk/debian/patches/02_CVE-2007-5051.patch
Modified:
phpgedview/trunk/debian/changelog
phpgedview/trunk/debian/control
Log:
new upstream 4.1.2
xs- prefix not needed in vcs fields
02_CVE-2007-5051.patch is incorporated in this release
Modified: phpgedview/trunk/debian/changelog
===================================================================
--- phpgedview/trunk/debian/changelog 2007-10-10 08:30:16 UTC (rev 86)
+++ phpgedview/trunk/debian/changelog 2007-10-23 20:20:47 UTC (rev 87)
@@ -1,3 +1,9 @@
+phpgedview (4.1.e+4.1.2-1) unstable; urgency=low
+
+ * New upstream release.
+
+ -- Thijs Kinkhorst <thijs at debian.org> Tue, 23 Oct 2007 22:07:05 +0200
+
phpgedview (4.1.e+4.1.1-2) unstable; urgency=medium
* Fix cross site scripting (XSS) issues, thanks Nico Golde for
Modified: phpgedview/trunk/debian/control
===================================================================
--- phpgedview/trunk/debian/control 2007-10-10 08:30:16 UTC (rev 86)
+++ phpgedview/trunk/debian/control 2007-10-23 20:20:47 UTC (rev 87)
@@ -5,8 +5,8 @@
Build-Depends: debhelper (>= 5), cdbs (>= 0.4.32)
Standards-Version: 3.7.2
Homepage: http://www.phpgedview.net/
-XS-Vcs-Svn: svn://svn.debian.org/pkg-phpgedview/phpgedview/trunk
-XS-Vcs-Browser: http://svn.debian.org/wsvn/pkg-phpgedview
+Vcs-Svn: svn://svn.debian.org/pkg-phpgedview/phpgedview/trunk
+Vcs-Browser: http://svn.debian.org/wsvn/pkg-phpgedview
Package: phpgedview
Architecture: all
Deleted: phpgedview/trunk/debian/patches/02_CVE-2007-5051.patch
===================================================================
--- phpgedview/trunk/debian/patches/02_CVE-2007-5051.patch 2007-10-10 08:30:16 UTC (rev 86)
+++ phpgedview/trunk/debian/patches/02_CVE-2007-5051.patch 2007-10-23 20:20:47 UTC (rev 87)
@@ -1,57 +0,0 @@
-Index: includes/functions_print.php
-===================================================================
---- includes/functions_print.php (Revision 1723)
-+++ includes/functions_print.php (Revision 1724)
-@@ -990,7 +990,7 @@
- $parts = preg_split("/=/", $var);
- if (count($parts)>1) {
- if (($parts[0]!="changelanguage")&&($parts[0]!="NEWLANGUAGE"))
-- print "\n\t\t<input type=\"hidden\" name=\"$parts[0]\" value=\"".urldecode($parts[1])."\" />";
-+ print "\n\t\t<input type=\"hidden\" name=\"$parts[0]\" value=\"".htmlentities(urldecode($parts[1]))."\" />";
- }
- }
- print "\n\t\t<input type=\"hidden\" name=\"changelanguage\" value=\"yes\" />\n\t\t<select name=\"NEWLANGUAGE\" class=\"header_select\" onchange=\"submit();\">";
-Index: ancestry.php
-===================================================================
---- ancestry.php (Revision 1723)
-+++ ancestry.php (Revision 1724)
-@@ -62,7 +62,7 @@
- print_help_link("rootid_help", "qm");
- print $pgv_lang["root_person"]?></td>
- <td class="optionbox vmiddle">
-- <input class="pedigree_form" type="text" name="rootid" id="rootid" size="3" value="<?php print $controller->rootid ?>" />
-+ <input class="pedigree_form" type="text" name="rootid" id="rootid" size="3" value="<?php print htmlentities($controller->rootid) ?>" />
- <?php print_findindi_link("rootid",""); ?>
- </td>
-
-@@ -71,7 +71,7 @@
- <?php
- print_help_link("box_width_help", "qm");
- print $pgv_lang["box_width"]?></td>
-- <td class="optionbox vmiddle"><input type="text" size="3" name="box_width" value="<?php print $box_width ?>" /> <b>%</b>
-+ <td class="optionbox vmiddle"><input type="text" size="3" name="box_width" value="<?php print htmlentities($box_width) ?>" /> <b>%</b>
- </td>
-
- <!-- // NOTE: chart style -->
-Index: timeline.php
-===================================================================
---- timeline.php (Revision 1723)
-+++ timeline.php (Revision 1724)
-@@ -284,7 +284,7 @@
- <a href="individual.php?pid=<?php print $pid; ?>"> <?php print PrintReady($indi->getName()); ?><br />
- <?php $addname = $indi->getAddName(); if (strlen($addname) > 0) print PrintReady($addname); ?>
- </a>
-- <input type="hidden" name="pids[<?php print $p; ?>]" value="<?php print $pid; ?>" />
-+ <input type="hidden" name="pids[<?php print $p; ?>]" value="<?php print htmlentities($pid); ?>" />
- <?php if (!$controller->isPrintPreview()) {
- print "<br />";
- print_help_link("remove_person_help", "qm");
-@@ -305,7 +305,7 @@
- else {
- print_privacy_error($CONTACT_EMAIL);
- ?>
-- <input type="hidden" name="pids[<?php print $p; ?>]" value="<?php print $pid; ?>" />
-+ <input type="hidden" name="pids[<?php print $p; ?>]" value="<?php print htmlentities($pid); ?>" />
- <?php if (!$controller->isPrintPreview()) {
- print "<br />";
- print_help_link("remove_person_help", "qm");
More information about the pkg-phpgedview-commit
mailing list