Added sql_injection_template_export patch, fixes security bug #317615, thank Marcin Mirosław for report.

(Portage version: 2.2_rc67/cvs/Linux x86_64)

2 files changed, 97 insertions, 1 deletions

diff --git a/net-analyzer/cacti/ChangeLog b/net-analyzer/cacti/ChangeLog
index 833354b33a80..2d9bcef18ed9 100644
--- a/net-analyzer/cacti/ChangeLog
+++ b/net-analyzer/cacti/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-analyzer/cacti
 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/cacti/ChangeLog,v 1.164 2010/04/14 20:41:50 gengor Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/cacti/ChangeLog,v 1.165 2010/05/18 13:09:09 pva Exp $
+
+*cacti-0.8.7e-r2 (18 May 2010)
+
+  18 May 2010; Peter Volkov <pva@gentoo.org> +cacti-0.8.7e-r2.ebuild:
+  Added sql_injection_template_export patch, fixes security bug #317615,
+  thank Marcin Mirosław for report.
 
   14 Apr 2010; Gordon Malm <gengor@gentoo.org> cacti-0.8.7e-r1.ebuild:
   Fix RDEPEND for bug #304583.
diff --git a/net-analyzer/cacti/cacti-0.8.7e-r2.ebuild b/net-analyzer/cacti/cacti-0.8.7e-r2.ebuild
new file mode 100644
index 000000000000..42a185359ed8
--- /dev/null
+++ b/net-analyzer/cacti/cacti-0.8.7e-r2.ebuild
@@ -0,0 +1,90 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/cacti/cacti-0.8.7e-r2.ebuild,v 1.1 2010/05/18 13:09:09 pva Exp $
+
+inherit eutils webapp depend.php
+
+# Support for _p* in version.
+MY_P=${P/_p*/}
+HAS_PATCHES=1
+
+DESCRIPTION="Cacti is a complete frontend to rrdtool"
+HOMEPAGE="http://www.cacti.net/"
+SRC_URI="http://www.cacti.net/downloads/${MY_P}.tar.gz"
+
+# patches
+if [ "${HAS_PATCHES}" == "1" ] ; then
+	UPSTREAM_PATCHES="cli_add_graph
+		snmp_invalid_response
+		template_duplication
+		fix_icmp_on_windows_iis_servers
+		cross_site_fix
+		sql_injection_template_export"
+	for i in ${UPSTREAM_PATCHES} ; do
+		SRC_URI="${SRC_URI} http://www.cacti.net/downloads/patches/${PV/_p*}/${i}.patch"
+	done
+fi
+
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
+IUSE="snmp doc"
+
+DEPEND=""
+
+need_php_cli
+need_httpd_cgi
+need_php_httpd
+
+RDEPEND="snmp? ( >=net-analyzer/net-snmp-5.1.2 )
+	<net-analyzer/rrdtool-1.4
+	dev-php/adodb
+	virtual/mysql
+	virtual/cron"
+
+src_unpack() {
+	if [ "${HAS_PATCHES}" == "1" ] ; then
+		unpack ${MY_P}.tar.gz
+		[ ! ${MY_P} == ${P} ] && mv ${MY_P} ${P}
+		# patches
+		for i in ${UPSTREAM_PATCHES} ; do
+			EPATCH_OPTS="-p1 -d ${S} -N" epatch "${DISTDIR}"/${i}.patch
+		done ;
+	else
+		unpack ${MY_P}.tar.gz
+	fi
+
+	sed -i -e \
+		's:$config\["library_path"\] . "/adodb/adodb.inc.php":"adodb/adodb.inc.php":' \
+		"${S}"/include/global.php
+
+	rm -rf lib/adodb # don't use bundled adodb
+}
+
+pkg_setup() {
+	webapp_pkg_setup
+	has_php
+	require_php_with_use cli mysql xml session pcre sockets
+}
+
+src_compile() { :; }
+
+src_install() {
+	webapp_src_preinst
+
+	rm LICENSE README
+	dodoc docs/{CHANGELOG,CONTRIB,README,txt/manual.txt} || die
+	use doc && dohtml -r docs/html/
+	rm -rf docs
+
+	edos2unix `find -type f -name '*.php'`
+
+	dodir ${MY_HTDOCSDIR}
+	cp -r . "${D}"${MY_HTDOCSDIR}
+
+	webapp_serverowned ${MY_HTDOCSDIR}/rra
+	webapp_serverowned ${MY_HTDOCSDIR}/log/cacti.log
+	webapp_configfile ${MY_HTDOCSDIR}/include/config.php
+	webapp_postinst_txt en "${FILESDIR}"/postinstall-en.txt
+
+	webapp_src_install
+}