From 028c2614439c4e4be26fac189ce4e8352cc88661 Mon Sep 17 00:00:00 2001 From: Bernard Cafarelli Date: Thu, 22 Nov 2012 16:03:53 +0000 Subject: Add upstream patch to fix DoS with postgresql backend, thanks Thomas Beutin in bug #444163 (Portage version: 2.2.0_alpha142/cvs/Linux x86_64, signed Manifest commit with key C74525F2) --- www-apps/owncloud/ChangeLog | 9 +++- .../files/owncloud-4.5.2-fix_sabre_connector.patch | 26 +++++++++++ www-apps/owncloud/owncloud-4.5.2-r1.ebuild | 52 ++++++++++++++++++++++ www-apps/owncloud/owncloud-4.5.2.ebuild | 47 ------------------- 4 files changed, 86 insertions(+), 48 deletions(-) create mode 100644 www-apps/owncloud/files/owncloud-4.5.2-fix_sabre_connector.patch create mode 100644 www-apps/owncloud/owncloud-4.5.2-r1.ebuild delete mode 100644 www-apps/owncloud/owncloud-4.5.2.ebuild (limited to 'www-apps') diff --git a/www-apps/owncloud/ChangeLog b/www-apps/owncloud/ChangeLog index 9f05b3814926..36f111d93e3b 100644 --- a/www-apps/owncloud/ChangeLog +++ b/www-apps/owncloud/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for www-apps/owncloud # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-apps/owncloud/ChangeLog,v 1.19 2012/11/15 09:02:19 voyageur Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-apps/owncloud/ChangeLog,v 1.20 2012/11/22 16:03:52 voyageur Exp $ + +*owncloud-4.5.2-r1 (22 Nov 2012) + + 22 Nov 2012; Bernard Cafarelli -owncloud-4.5.2.ebuild, + +owncloud-4.5.2-r1.ebuild, +files/owncloud-4.5.2-fix_sabre_connector.patch: + Add upstream patch to fix DoS with postgresql backend, thanks Thomas Beutin + in bug #444163 *owncloud-4.5.2 (15 Nov 2012) *owncloud-4.0.9 (15 Nov 2012) diff --git a/www-apps/owncloud/files/owncloud-4.5.2-fix_sabre_connector.patch b/www-apps/owncloud/files/owncloud-4.5.2-fix_sabre_connector.patch new file mode 100644 index 000000000000..c769006e9bbe --- /dev/null +++ b/www-apps/owncloud/files/owncloud-4.5.2-fix_sabre_connector.patch @@ -0,0 +1,26 @@ +From bfff3d3f9baf5baaf9ea247d0a5d17ac498f8077 Mon Sep 17 00:00:00 2001 +From: Brice Maron +Date: Wed, 14 Nov 2012 20:10:24 +0000 +Subject: [PATCH] Correct quoting error with Sabre connector. Fix critical pg + pbms + +--- + lib/connector/sabre/node.php | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/connector/sabre/node.php b/lib/connector/sabre/node.php +index 6a2ad22..bac4418 100644 +--- a/lib/connector/sabre/node.php ++++ b/lib/connector/sabre/node.php +@@ -278,7 +278,7 @@ static public function removeETagPropertyForPath($path) { + + //remove etag for all Shared folders + $query = OC_DB::prepare( 'DELETE FROM `*PREFIX*properties`' +- .' WHERE `propertypath` = "/Shared"' ++ .' WHERE `propertypath` = \'/Shared\' ' + ); + $query->execute(array()); + +-- +1.7.10 + diff --git a/www-apps/owncloud/owncloud-4.5.2-r1.ebuild b/www-apps/owncloud/owncloud-4.5.2-r1.ebuild new file mode 100644 index 000000000000..48474b792ce3 --- /dev/null +++ b/www-apps/owncloud/owncloud-4.5.2-r1.ebuild @@ -0,0 +1,52 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/www-apps/owncloud/owncloud-4.5.2-r1.ebuild,v 1.1 2012/11/22 16:03:52 voyageur Exp $ + +EAPI=4 + +inherit eutils webapp depend.php + +DESCRIPTION="Web-based storage application where all your data is under your own control" +HOMEPAGE="http://owncloud.org" +SRC_URI="http://owncloud.org/releases/${P}.tar.bz2" +LICENSE="AGPL-3" + +KEYWORDS="~amd64 ~x86" +IUSE="+curl mysql postgres +sqlite3" +REQUIRED_USE="|| ( mysql postgres sqlite3 )" + +DEPEND="" +RDEPEND="dev-lang/php[curl?,gd,json,mysql?,pdo,postgres?,sqlite3?,xmlwriter,zip]" + +need_httpd_cgi +need_php_httpd + +S=${WORKDIR}/${PN} + +pkg_setup() { + webapp_pkg_setup +} + +src_prepare() { + # Fix DoS with postgres backend + epatch "${FILESDIR}"/${P}-fix_sabre_connector.patch +} + +src_install() { + webapp_src_preinst + + local docs="README" + dodoc ${docs} + rm -f ${docs} + + insinto "${MY_HTDOCSDIR}" + doins -r . + dodir "${MY_HTDOCSDIR}"/data + + webapp_serverowned -R "${MY_HTDOCSDIR}"/apps + webapp_serverowned -R "${MY_HTDOCSDIR}"/data + webapp_serverowned -R "${MY_HTDOCSDIR}"/config + webapp_configfile "${MY_HTDOCSDIR}"/.htaccess + + webapp_src_install +} diff --git a/www-apps/owncloud/owncloud-4.5.2.ebuild b/www-apps/owncloud/owncloud-4.5.2.ebuild deleted file mode 100644 index f37c15387a47..000000000000 --- a/www-apps/owncloud/owncloud-4.5.2.ebuild +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright 1999-2012 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/www-apps/owncloud/owncloud-4.5.2.ebuild,v 1.1 2012/11/15 09:02:19 voyageur Exp $ - -EAPI=4 - -inherit webapp depend.php - -DESCRIPTION="Web-based storage application where all your data is under your own control" -HOMEPAGE="http://owncloud.org" -SRC_URI="http://owncloud.org/releases/${P}.tar.bz2" -LICENSE="AGPL-3" - -KEYWORDS="~amd64 ~x86" -IUSE="+curl mysql postgres +sqlite3" -REQUIRED_USE="|| ( mysql postgres sqlite3 )" - -DEPEND="" -RDEPEND="dev-lang/php[curl?,gd,json,mysql?,pdo,postgres?,sqlite3?,xmlwriter,zip]" - -need_httpd_cgi -need_php_httpd - -S=${WORKDIR}/${PN} - -pkg_setup() { - webapp_pkg_setup -} - -src_install() { - webapp_src_preinst - - local docs="README" - dodoc ${docs} - rm -f ${docs} - - insinto "${MY_HTDOCSDIR}" - doins -r . - dodir "${MY_HTDOCSDIR}"/data - - webapp_serverowned -R "${MY_HTDOCSDIR}"/apps - webapp_serverowned -R "${MY_HTDOCSDIR}"/data - webapp_serverowned -R "${MY_HTDOCSDIR}"/config - webapp_configfile "${MY_HTDOCSDIR}"/.htaccess - - webapp_src_install -} -- cgit v1.2.3-65-gdbad