gunnar: server/patches/horde-webmail/1.2.0 horde-webmail-1.2.0_kolab_openpkg.patch, 1.23, 1.24
cvs at kolab.org
cvs at kolab.org
Sat Feb 7 17:40:56 CET 2009
- Previous message: mathieu: server/kolabd/kolabd/dist_conf centos-clarkconnect, 1.13, 1.14 common, 1.51, 1.52 debian, 1.23, 1.24 kolab, 1.68, 1.69 mandriva, 1.13, 1.14 suse, 1.81, 1.82
- Next message: gunnar: server/patches/horde-webmail/1.2.0/tg t_horde_SC_CH_SecIssues20090128.diff, NONE, 1.1 t_imp_SC_CH_SecIssues20090128.diff, NONE, 1.1 series, 1.1, 1.2 t_GLOBAL_HK_GW_Config.diff, 1.1, 1.2 t_GLOBAL_HK_GW_ConfigOpenPKG.diff, 1.1, 1.2 t_Kolab__Server_HK_GW_DenyLogin.diff, 1.1, 1.2 t_Kolab__Server_HK_GW_UserMailAndFullname.diff, 1.1, 1.2 t_Prefs_HK_GW_FixLDAPAuthForIngo.diff, 1.1, 1.2 t_SyncML_HK_GW_CombinedFixes.diff, 1.1, 1.2 t_Text_Filter_SC_CH_Xss.diff, 1.1, 1.2 t_framework_HK_GW_Auth_InvalidCheck.diff, 1.1, 1.2 t_framework_HK_GW_Auth_ListUsers.diff, 1.1, 1.2 t_framework_HK_GW_Auth_SafetyCheck.diff, 1.1, 1.2 t_framework_HK_GW_Auth_UseKolabServer.diff, 1.1, 1.2 t_framework_HK_GW_Auth_UseSession.diff, 1.1, 1.2 t_framework_HK_GW_DB_SqliteErrorChecking.diff, 1.1, 1.2 t_framework_HK_GW_Kolab_AttachmentSupport.diff, 1.1, 1.2 t_framework_HK_GW_Kolab_MoveIMAP.diff, 1.1, 1.2 t_framework_HK_GW_Kolab_XfbFixes.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Fbview_XfbConcept.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Forma t_ImprovedPreferencesHandling.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_AdditionalGetFeeBusyServerFixes.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_FixAddressObjectIdentification.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_FixGetGroups.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_ImprovedFreebusyServerFallback.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_ImprovedServerFallbacks.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_ListObjects.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_RequireIMAP.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_RewriteExtend.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_SafetyCheck.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_Session.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_getFreebusyServer.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storage_CatchPossibleError.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storage_FixTriggerOnFolderCreation.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storage_FixTriggerOnFolderRename.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storage_Fo reign__owner.patch.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storage_Restructuring__Fixes.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storage_ShareIdFix.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storage_Trigger.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storgae_FixedUpdateTriggering.diff, 1.1, 1.2 t_framework_HK_GW_Prefs__KolabImapApplicationTag.diff, 1.1, 1.2 t_framework_HK_GW_Vfs_KolabDriver.diff, 1.1, 1.2 t_framework_HK_GW_framework_Kolab_DeprecatedGetServer.diff, 1.1, 1.2 t_framework_HK_GW_framework_Kolab_MoveSessionHandler.diff, 1.1, 1.2 t_framework_HK_GW_framework_Kolab__Format_WS.diff, 1.1, 1.2 t_framework_HK_GW_horde_conf__xmlUpdates.diff, 1.1, 1.2 t_framework_HK_GW_iCalendar_QuotedParameters.diff, 1.1, 1.2 t_imp_HK_GW_AuthForInvitations.diff, 1.1, 1.2 t_imp_HideGroupwareFolders.diff, 1.1, 1.2 t_kronolith_HK_GW_AuthenticatedFreeBusy.diff, 1.1, 1.2 t_kronolith_HK_GW_CalendarRenaming.diff, 1.1, 1.2 t_kronolith_HK_GW_FbviewRelevance.diff, 1.1, 1.2 t_kronolith_HK_GW_SyncMLrefresh.diff, 1.1, 1.2 t_kronolith_HK_GW_XfbA ccess.diff, 1.1, 1.2 t_kronolith_HK_GW_getFreebusyServer.diff, 1.1, 1.2 t_kronolith_HK_SB_ExtraParameters.diff, 1.1, 1.2 t_kronolith_HK_SB_SaveEventAttendees.diff, 1.1, 1.2 t_nag_H_MR_Bug__7400.diff, 1.1, 1.2 t_turba_HK_GW_AutomaticFreeBusyUrl.diff, 1.1, 1.2 t_turba_HK_GW_FixAddressbookDeletion.diff, 1.1, 1.2 t_turba_HK_GW_FixSyncMLAttributeDeletion.diff, 1.1, 1.2 t_turba_HK_GW_PhotoSupport.diff, 1.1, 1.2 t_turba_HK_GW_SyncMLrefresh.diff, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: gunnar
Update of /kolabrepository/server/patches/horde-webmail/1.2.0
In directory doto:/tmp/cvs-serv8107
Modified Files:
horde-webmail-1.2.0_kolab_openpkg.patch
Log Message:
Add security fixes for horde and update a patch to close kolab/issue2546.
Index: horde-webmail-1.2.0_kolab_openpkg.patch
===================================================================
RCS file: /kolabrepository/server/patches/horde-webmail/1.2.0/horde-webmail-1.2.0_kolab_openpkg.patch,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -d -r1.23 -r1.24
--- horde-webmail-1.2.0_kolab_openpkg.patch 5 Feb 2009 23:27:20 -0000 1.23
+++ horde-webmail-1.2.0_kolab_openpkg.patch 7 Feb 2009 16:40:53 -0000 1.24
@@ -262,7 +262,7 @@
+ }
+}
--
-tg: (c56a73f..) t/framework/HK/GW/Kolab_Server/Session (depends on: master)
+tg: (5bcbb67..) t/framework/HK/GW/Kolab_Server/Session (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Auth/UseSession
@@ -455,7 +455,7 @@
return parent::setAuth($userId, $credentials, $realm, $changeRequested);
--
-tg: (9823c9c..) t/framework/HK/GW/Auth/UseSession (depends on: t/framework/HK/GW/Kolab_Server/Session)
+tg: (a25ecee..) t/framework/HK/GW/Auth/UseSession (depends on: t/framework/HK/GW/Kolab_Server/Session)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Server/getFreebusyServer
@@ -544,7 +544,7 @@
$home = $this->get(KOLAB_ATTR_HOMESERVER);
return $home;
--
-tg: (c56a73f..) t/framework/HK/GW/Kolab_Server/getFreebusyServer (depends on: master)
+tg: (5bcbb67..) t/framework/HK/GW/Kolab_Server/getFreebusyServer (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/kronolith/HK/GW/getFreebusyServer
@@ -594,7 +594,7 @@
$options['method'] = 'GET';
$options['timeout'] = 5;
--
-tg: (ad3e393..) t/kronolith/HK/GW/getFreebusyServer (depends on: t/framework/HK/GW/Kolab_Server/getFreebusyServer)
+tg: (eb8858b..) t/kronolith/HK/GW/getFreebusyServer (depends on: t/framework/HK/GW/Kolab_Server/getFreebusyServer)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Storage/Foreign_owner.patch
@@ -620,7 +620,7 @@
}
--
-tg: (c56a73f..) t/framework/HK/GW/Kolab_Storage/Foreign_owner.patch (depends on: master)
+tg: (5bcbb67..) t/framework/HK/GW/Kolab_Storage/Foreign_owner.patch (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Storage/Trigger
@@ -947,7 +947,7 @@
$this->_getAnnotationData();
}
--
-tg: (db327a6..) t/framework/HK/GW/Kolab_Storage/Trigger (depends on: t/framework/HK/GW/Kolab_Storage/Foreign_owner.patch)
+tg: (269811f..) t/framework/HK/GW/Kolab_Storage/Trigger (depends on: t/framework/HK/GW/Kolab_Storage/Foreign_owner.patch)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/framework/Kolab/MoveSessionHandler
@@ -1347,7 +1347,7 @@
- }
-}
--
-tg: (aa5ae9d..) t/framework/HK/GW/framework/Kolab/MoveSessionHandler (depends on: t/framework/HK/GW/Auth/UseSession t/kronolith/HK/GW/getFreebusyServer t/framework/HK/GW/Kolab_Storage/Trigger)
+tg: (b89bccc..) t/framework/HK/GW/framework/Kolab/MoveSessionHandler (depends on: t/framework/HK/GW/Auth/UseSession t/kronolith/HK/GW/getFreebusyServer t/framework/HK/GW/Kolab_Storage/Trigger)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/framework/Kolab/DeprecatedGetServer
@@ -1395,7 +1395,7 @@
}
}
--
-tg: (a85415d..) t/framework/HK/GW/framework/Kolab/DeprecatedGetServer (depends on: t/framework/HK/GW/framework/Kolab/MoveSessionHandler)
+tg: (f335a7b..) t/framework/HK/GW/framework/Kolab/DeprecatedGetServer (depends on: t/framework/HK/GW/framework/Kolab/MoveSessionHandler)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Storage/Restructuring_Fixes
@@ -1477,7 +1477,7 @@
}
--
-tg: (8322653..) t/framework/HK/GW/Kolab_Storage/Restructuring_Fixes (depends on: t/framework/HK/GW/framework/Kolab/DeprecatedGetServer)
+tg: (0387a07..) t/framework/HK/GW/Kolab_Storage/Restructuring_Fixes (depends on: t/framework/HK/GW/framework/Kolab/DeprecatedGetServer)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Server/ListObjects
@@ -2060,7 +2060,7 @@
*
* @return int The current LDAP error number.
--
-tg: (0d4a9cc..) t/framework/HK/GW/Kolab_Server/ListObjects (depends on: t/framework/HK/GW/Kolab_Storage/Restructuring_Fixes)
+tg: (f150a3d..) t/framework/HK/GW/Kolab_Server/ListObjects (depends on: t/framework/HK/GW/Kolab_Storage/Restructuring_Fixes)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Auth/ListUsers
@@ -2122,7 +2122,7 @@
+ }
}
--
-tg: (69e74c3..) t/framework/HK/GW/Auth/ListUsers (depends on: t/framework/HK/GW/Kolab_Server/ListObjects)
+tg: (d3b3a10..) t/framework/HK/GW/Auth/ListUsers (depends on: t/framework/HK/GW/Kolab_Server/ListObjects)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Server/RewriteExtend
@@ -5949,7 +5949,7 @@
+
}
--
-tg: (0d7caa9..) t/framework/HK/GW/Kolab_Server/RewriteExtend (depends on: t/framework/HK/GW/Auth/ListUsers)
+tg: (e8b6ec7..) t/framework/HK/GW/Kolab_Server/RewriteExtend (depends on: t/framework/HK/GW/Auth/ListUsers)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Storage/CatchPossibleError
@@ -5983,7 +5983,7 @@
if ($this->tainted) {
--
-tg: (3b5ef86..) t/framework/HK/GW/Kolab_Storage/CatchPossibleError (depends on: t/framework/HK/GW/Kolab_Server/RewriteExtend)
+tg: (a264c44..) t/framework/HK/GW/Kolab_Storage/CatchPossibleError (depends on: t/framework/HK/GW/Kolab_Server/RewriteExtend)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Auth/UseKolabServer
@@ -6212,7 +6212,7 @@
&& $user != $session->user_id)) {
$session = new Horde_Kolab_Session($user, $credentials);
--
-tg: (44ae6f8..) t/framework/HK/GW/Auth/UseKolabServer (depends on: t/framework/HK/GW/Kolab_Storage/CatchPossibleError)
+tg: (4de8436..) t/framework/HK/GW/Auth/UseKolabServer (depends on: t/framework/HK/GW/Kolab_Storage/CatchPossibleError)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Server/SafetyCheck
@@ -6238,7 +6238,7 @@
if (empty($instances[$signature])) {
$instances[$signature] = &Horde_Kolab_Server::factory($driver,
--
-tg: (1db5f87..) t/framework/HK/GW/Kolab_Server/SafetyCheck (depends on: t/framework/HK/GW/Auth/UseKolabServer)
+tg: (4808648..) t/framework/HK/GW/Kolab_Server/SafetyCheck (depends on: t/framework/HK/GW/Auth/UseKolabServer)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab/MoveIMAP
@@ -10493,7 +10493,7 @@
return $result;
}
--
-tg: (5e92aed..) t/framework/HK/GW/Kolab/MoveIMAP (depends on: t/framework/HK/GW/Kolab_Server/SafetyCheck)
+tg: (8c62e15..) t/framework/HK/GW/Kolab/MoveIMAP (depends on: t/framework/HK/GW/Kolab_Server/SafetyCheck)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Auth/SafetyCheck
@@ -10519,7 +10519,7 @@
return $session->auth;
}
--
-tg: (6435616..) t/framework/HK/GW/Auth/SafetyCheck (depends on: t/framework/HK/GW/Kolab/MoveIMAP)
+tg: (2ca0818..) t/framework/HK/GW/Auth/SafetyCheck (depends on: t/framework/HK/GW/Kolab/MoveIMAP)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Server/RequireIMAP
@@ -10591,7 +10591,7 @@
$params['port'], true, false);
if (is_a($imap, 'PEAR_Error')) {
--
-tg: (97aa080..) t/framework/HK/GW/Kolab_Server/RequireIMAP (depends on: t/framework/HK/GW/Auth/SafetyCheck)
+tg: (9fc3ac7..) t/framework/HK/GW/Kolab_Server/RequireIMAP (depends on: t/framework/HK/GW/Auth/SafetyCheck)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Auth/InvalidCheck
@@ -10617,7 +10617,7 @@
$entry = array();
$entry[ 'timestamp' ] = time();
--
-tg: (fd49bbe..) t/framework/HK/GW/Auth/InvalidCheck (depends on: t/framework/HK/GW/Kolab_Server/RequireIMAP)
+tg: (f09c951..) t/framework/HK/GW/Auth/InvalidCheck (depends on: t/framework/HK/GW/Kolab_Server/RequireIMAP)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab/AttachmentSupport
@@ -11240,7 +11240,7 @@
__FILE__, __LINE__, PEAR_LOG_ERR);
$data = array();
--
-tg: (b29d766..) t/framework/HK/GW/Kolab/AttachmentSupport (depends on: t/framework/HK/GW/Auth/InvalidCheck)
+tg: (b266ebd..) t/framework/HK/GW/Kolab/AttachmentSupport (depends on: t/framework/HK/GW/Auth/InvalidCheck)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Vfs/KolabDriver
@@ -11890,7 +11890,7 @@
+ }
+}
--
-tg: (7383a08..) t/framework/HK/GW/Vfs/KolabDriver (depends on: t/framework/HK/GW/Kolab/AttachmentSupport)
+tg: (3d7f002..) t/framework/HK/GW/Vfs/KolabDriver (depends on: t/framework/HK/GW/Kolab/AttachmentSupport)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/turba/HK/GW/PhotoSupport
@@ -12032,7 +12032,7 @@
$dir = TURBA_VFS_PATH . '/' . $this->getValue('__uid');
$file = $info['name'];
--
-tg: (8a9adcf..) t/turba/HK/GW/PhotoSupport (depends on: t/framework/HK/GW/Vfs/KolabDriver)
+tg: (237e3a0..) t/turba/HK/GW/PhotoSupport (depends on: t/framework/HK/GW/Vfs/KolabDriver)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Server/ImprovedFreebusyServerFallback
@@ -12058,7 +12058,7 @@
}
}
--
-tg: (464c516..) t/framework/HK/GW/Kolab_Server/ImprovedFreebusyServerFallback (depends on: t/turba/HK/GW/PhotoSupport)
+tg: (1a436dd..) t/framework/HK/GW/Kolab_Server/ImprovedFreebusyServerFallback (depends on: t/turba/HK/GW/PhotoSupport)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Server/ImprovedServerFallbacks
@@ -12115,7 +12115,7 @@
}
--
-tg: (b67227b..) t/framework/HK/GW/Kolab_Server/ImprovedServerFallbacks (depends on: t/framework/HK/GW/Kolab_Server/ImprovedFreebusyServerFallback)
+tg: (2e85f5c..) t/framework/HK/GW/Kolab_Server/ImprovedServerFallbacks (depends on: t/framework/HK/GW/Kolab_Server/ImprovedFreebusyServerFallback)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Storgae/FixedUpdateTriggering
@@ -12402,7 +12402,7 @@
$this->_annotation_data = $this->getData('annotation');
}
--
-tg: (9575d2f..) t/framework/HK/GW/Kolab_Storgae/FixedUpdateTriggering (depends on: t/framework/HK/GW/Kolab_Server/ImprovedServerFallbacks)
+tg: (bfee56e..) t/framework/HK/GW/Kolab_Storgae/FixedUpdateTriggering (depends on: t/framework/HK/GW/Kolab_Server/ImprovedServerFallbacks)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/turba/HK/GW/AutomaticFreeBusyUrl
@@ -12466,7 +12466,7 @@
'search' => array(
'name',
--
-tg: (90e5634..) t/turba/HK/GW/AutomaticFreeBusyUrl (depends on: t/framework/HK/GW/Kolab_Storgae/FixedUpdateTriggering)
+tg: (98f183d..) t/turba/HK/GW/AutomaticFreeBusyUrl (depends on: t/framework/HK/GW/Kolab_Storgae/FixedUpdateTriggering)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Server/FixGetGroups
@@ -12492,7 +12492,7 @@
/**
--
-tg: (32043bc..) t/framework/HK/GW/Kolab_Server/FixGetGroups (depends on: t/turba/HK/GW/AutomaticFreeBusyUrl)
+tg: (c2f404e..) t/framework/HK/GW/Kolab_Server/FixGetGroups (depends on: t/turba/HK/GW/AutomaticFreeBusyUrl)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/kronolith/HK/GW/CalendarRenaming
@@ -12565,7 +12565,7 @@
$this->name = $this->new_name;
$this->new_name = null;
--
-tg: (0251b34..) t/kronolith/HK/GW/CalendarRenaming (depends on: t/framework/HK/GW/Kolab_Server/FixGetGroups)
+tg: (3c4d2c4..) t/kronolith/HK/GW/CalendarRenaming (depends on: t/framework/HK/GW/Kolab_Server/FixGetGroups)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Storage/FixTriggerOnFolderRename
@@ -12617,7 +12617,7 @@
$this->name = $this->new_name;
$this->new_name = null;
--
-tg: (b393e2b..) t/framework/HK/GW/Kolab_Storage/FixTriggerOnFolderRename (depends on: t/kronolith/HK/GW/CalendarRenaming)
+tg: (4e45499..) t/framework/HK/GW/Kolab_Storage/FixTriggerOnFolderRename (depends on: t/kronolith/HK/GW/CalendarRenaming)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Storage/FixTriggerOnFolderCreation
@@ -12766,7 +12766,7 @@
if (!isset($this->_annotation_data)) {
--
-tg: (2134872..) t/framework/HK/GW/Kolab_Storage/FixTriggerOnFolderCreation (depends on: t/framework/HK/GW/Kolab_Storage/FixTriggerOnFolderRename)
+tg: (156cfca..) t/framework/HK/GW/Kolab_Storage/FixTriggerOnFolderCreation (depends on: t/framework/HK/GW/Kolab_Storage/FixTriggerOnFolderRename)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Server/AdditionalGetFeeBusyServerFixes
@@ -12813,7 +12813,7 @@
/**
--
-tg: (2a42a9e..) t/framework/HK/GW/Kolab_Server/AdditionalGetFeeBusyServerFixes (depends on: t/framework/HK/GW/Kolab_Storage/FixTriggerOnFolderCreation)
+tg: (028c582..) t/framework/HK/GW/Kolab_Server/AdditionalGetFeeBusyServerFixes (depends on: t/framework/HK/GW/Kolab_Storage/FixTriggerOnFolderCreation)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Server/FixAddressObjectIdentification
@@ -12848,7 +12848,7 @@
case KOLAB_OBJECT_ADMINISTRATOR:
case KOLAB_OBJECT_MAINTAINER:
--
-tg: (bf81ddd..) t/framework/HK/GW/Kolab_Server/FixAddressObjectIdentification (depends on: t/framework/HK/GW/Kolab_Server/AdditionalGetFeeBusyServerFixes)
+tg: (17622c9..) t/framework/HK/GW/Kolab_Server/FixAddressObjectIdentification (depends on: t/framework/HK/GW/Kolab_Server/AdditionalGetFeeBusyServerFixes)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Fbview/XfbConcept
@@ -12984,7 +12984,7 @@
$params = $default;
}
--
-tg: (ee3a00d..) t/framework/HK/GW/Kolab_Fbview/XfbConcept (depends on: t/framework/HK/GW/Kolab_Server/FixAddressObjectIdentification)
+tg: (914f60a..) t/framework/HK/GW/Kolab_Fbview/XfbConcept (depends on: t/framework/HK/GW/Kolab_Server/FixAddressObjectIdentification)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab/XfbFixes
@@ -13064,7 +13064,7 @@
default:
$this->_data[$attribute] = $value;
--
-tg: (dd67889..) t/framework/HK/GW/Kolab/XfbFixes (depends on: t/framework/HK/GW/Kolab_Fbview/XfbConcept)
+tg: (c79c667..) t/framework/HK/GW/Kolab/XfbFixes (depends on: t/framework/HK/GW/Kolab_Fbview/XfbConcept)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/DB/SqliteErrorChecking
@@ -13090,7 +13090,7 @@
if (!isset($error_regexps)) {
$error_regexps = array(
--
-tg: (046d71f..) t/framework/HK/GW/DB/SqliteErrorChecking (depends on: t/framework/HK/GW/Kolab/XfbFixes)
+tg: (a3c75a8..) t/framework/HK/GW/DB/SqliteErrorChecking (depends on: t/framework/HK/GW/Kolab/XfbFixes)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Storage/ShareIdFix
@@ -13119,7 +13119,7 @@
return rawurlencode($this->name);
}
--
-tg: (3a7655a..) t/framework/HK/GW/Kolab_Storage/ShareIdFix (depends on: t/framework/HK/GW/DB/SqliteErrorChecking)
+tg: (302cf96..) t/framework/HK/GW/Kolab_Storage/ShareIdFix (depends on: t/framework/HK/GW/DB/SqliteErrorChecking)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/iCalendar/QuotedParameters
@@ -13182,7 +13182,7 @@
}
}
--
-tg: (463d36b..) t/framework/HK/GW/iCalendar/QuotedParameters (depends on: t/framework/HK/GW/Kolab_Storage/ShareIdFix)
+tg: (556bc82..) t/framework/HK/GW/iCalendar/QuotedParameters (depends on: t/framework/HK/GW/Kolab_Storage/ShareIdFix)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/Kolab_Server/HK/GW/DenyLogin
@@ -13349,7 +13349,7 @@
if (!empty($result) && !is_a($result, 'PEAR_Error')) {
$this->user_mail = $result;
--
-tg: (a8fff25..) t/Kolab_Server/HK/GW/DenyLogin (depends on: t/framework/HK/GW/iCalendar/QuotedParameters)
+tg: (379ee4a..) t/Kolab_Server/HK/GW/DenyLogin (depends on: t/framework/HK/GW/iCalendar/QuotedParameters)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/Kolab_Server/HK/GW/UserMailAndFullname
@@ -13360,11 +13360,11 @@
Signed-off-by: Gunnar Wrobel <p at rdus.de>
---
- horde-webmail/lib/Horde/Kolab/Server/Object.php | 5 +++++
- .../lib/Horde/Kolab/Server/Object/address.php | 10 ++++++++++
- .../lib/Horde/Kolab/Server/Object/user.php | 2 ++
- horde-webmail/lib/Horde/Kolab/Session.php | 19 +++++++++++++++++--
- 4 files changed, 34 insertions(+), 2 deletions(-)
+ horde-webmail/lib/Horde/Kolab/Server/Object.php | 5 ++++
+ .../lib/Horde/Kolab/Server/Object/address.php | 10 +++++++++
+ .../lib/Horde/Kolab/Server/Object/user.php | 2 +
+ horde-webmail/lib/Horde/Kolab/Session.php | 21 ++++++++++++++++++-
+ 4 files changed, 36 insertions(+), 2 deletions(-)
diff --git a/horde-webmail/lib/Horde/Kolab/Server/Object.php b/horde-webmail/lib/Horde/Kolab/Server/Object.php
index 663281e..e3b38e0 100644
@@ -13424,7 +13424,7 @@
/**
diff --git a/horde-webmail/lib/Horde/Kolab/Session.php b/horde-webmail/lib/Horde/Kolab/Session.php
-index d47f8b0..486b67e 100644
+index d47f8b0..bcbda7e 100644
--- a/horde-webmail/lib/Horde/Kolab/Session.php
+++ b/horde-webmail/lib/Horde/Kolab/Session.php
@@ -55,6 +55,13 @@ class Horde_Kolab_Session {
@@ -13453,7 +13453,16 @@
$result = $user_object->getServer('imap');
if (!empty($result) && !is_a($result, 'PEAR_Error')) {
$server = explode(':', $result, 2);
-@@ -332,9 +344,12 @@ class Horde_Kolab_Session {
+@@ -249,6 +261,8 @@ class Horde_Kolab_Session {
+ $params['user'] = $user;
+ if (isset($credentials['password'])) {
+ $params['pass'] = $credentials['password'];
++ } else {
++ $params['pass'] = Auth::getCredential('password');
+ }
+ }
+ return Horde_Kolab_Server::singleton($params);
+@@ -332,9 +346,12 @@ class Horde_Kolab_Session {
$session = $hs->query('kolab_session');
}
@@ -13469,7 +13478,7 @@
}
--
-tg: (5dcea93..) t/Kolab_Server/HK/GW/UserMailAndFullname (depends on: t/Kolab_Server/HK/GW/DenyLogin)
+tg: (7281ae6..) t/Kolab_Server/HK/GW/UserMailAndFullname (depends on: t/Kolab_Server/HK/GW/DenyLogin)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/imp/HK/GW/AuthForInvitations
@@ -13538,7 +13547,7 @@
$this->_msgs[$key][] = array('error', sprintf(_("Error sending reply: %s."), $status->getMessage()));
} else {
--
-tg: (cfbcbec..) t/imp/HK/GW/AuthForInvitations (depends on: t/Kolab_Server/HK/GW/UserMailAndFullname)
+tg: (926ddad..) t/imp/HK/GW/AuthForInvitations (depends on: t/Kolab_Server/HK/GW/UserMailAndFullname)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/SyncML/HK/GW/CombinedFixes
@@ -13906,7 +13915,7 @@
$backend->logMessage($suid->message, __FILE__, __LINE__, PEAR_LOG_DEBUG);
--
-tg: (c56a73f..) t/SyncML/HK/GW/CombinedFixes (depends on: master)
+tg: (5bcbb67..) t/SyncML/HK/GW/CombinedFixes (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/Prefs/HK/GW/FixLDAPAuthForIngo
@@ -13944,7 +13953,7 @@
}
--
-tg: (20a6a9e..) t/Prefs/HK/GW/FixLDAPAuthForIngo (depends on: t/SyncML/HK/GW/CombinedFixes)
+tg: (6acdc34..) t/Prefs/HK/GW/FixLDAPAuthForIngo (depends on: t/SyncML/HK/GW/CombinedFixes)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/Text/Filter/SC/CH/Xss
@@ -13970,7 +13979,7 @@
$patterns['|<style[^>]*>(?:\s*<\!--)*|i'] = '<!--';
$patterns['|(?:-->\s*)*</style>|i'] = '-->';
--
-tg: (c56a73f..) t/Text/Filter/SC/CH/Xss (depends on: master)
+tg: (5bcbb67..) t/Text/Filter/SC/CH/Xss (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/framework/Kolab_Format/WS
@@ -13996,7 +14005,7 @@
$primary_category = '';
--
-tg: (c56a73f..) t/framework/HK/GW/framework/Kolab_Format/WS (depends on: master)
+tg: (5bcbb67..) t/framework/HK/GW/framework/Kolab_Format/WS (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Kolab_Format/ImprovedPreferencesHandling
@@ -14032,7 +14041,7 @@
$horde_categories = $cManager->get();
} else {
--
-tg: (8d833cb..) t/framework/HK/GW/Kolab_Format/ImprovedPreferencesHandling (depends on: t/framework/HK/GW/framework/Kolab_Format/WS)
+tg: (fff6d82..) t/framework/HK/GW/Kolab_Format/ImprovedPreferencesHandling (depends on: t/framework/HK/GW/framework/Kolab_Format/WS)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/Prefs_KolabImapApplicationTag
@@ -14133,7 +14142,7 @@
$result = $this->_connection->_storage->save($object, $old_uid);
--
-tg: (c56a73f..) t/framework/HK/GW/Prefs_KolabImapApplicationTag (depends on: master)
+tg: (5bcbb67..) t/framework/HK/GW/Prefs_KolabImapApplicationTag (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/framework/HK/GW/horde/conf_xmlUpdates
@@ -14185,7 +14194,7 @@
</case>
</configswitch>
--
-tg: (c56a73f..) t/framework/HK/GW/horde/conf_xmlUpdates (depends on: master)
+tg: (5bcbb67..) t/framework/HK/GW/horde/conf_xmlUpdates (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/kronolith/HK/GW/AuthenticatedFreeBusy
@@ -14232,7 +14241,7 @@
return PEAR::raiseError(sprintf(_("The free/busy url for %s cannot be retrieved."), $email));
}
--
-tg: (c56a73f..) t/kronolith/HK/GW/AuthenticatedFreeBusy (depends on: master)
+tg: (5bcbb67..) t/kronolith/HK/GW/AuthenticatedFreeBusy (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/kronolith/HK/SB/SaveEventAttendees
@@ -14516,7 +14525,7 @@
+</div>
+</form>
--
-tg: (c56a73f..) t/kronolith/HK/SB/SaveEventAttendees (depends on: master)
+tg: (5bcbb67..) t/kronolith/HK/SB/SaveEventAttendees (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/kronolith/HK/SB/ExtraParameters
@@ -14610,7 +14619,7 @@
-<td><div class="busy" style="left:<tag:left />;width:<tag:width />;"> </div></td>
+<td><div class="busy" onclick="<tag:evclick />" style="cursor:pointer;left:<tag:left />;width:<tag:width />;" title="<tag:label />"> </div></td>
--
-tg: (50d5619..) t/kronolith/HK/SB/ExtraParameters (depends on: t/kronolith/HK/SB/SaveEventAttendees)
+tg: (083b765..) t/kronolith/HK/SB/ExtraParameters (depends on: t/kronolith/HK/SB/SaveEventAttendees)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/kronolith/HK/GW/FbviewRelevance
@@ -14684,7 +14693,7 @@
if ($original_name != $this->_vars->get('name')) {
$result = $GLOBALS['kronolith_driver']->rename($original_name, $this->_vars->get('name'));
--
-tg: (fffea19..) t/kronolith/HK/GW/FbviewRelevance (depends on: t/kronolith/HK/SB/ExtraParameters)
+tg: (2685978..) t/kronolith/HK/GW/FbviewRelevance (depends on: t/kronolith/HK/SB/ExtraParameters)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/kronolith/HK/GW/XfbAccess
@@ -14837,7 +14846,7 @@
<td colspan="7"> </td>
</tr>
--
-tg: (0cc44ec..) t/kronolith/HK/GW/XfbAccess (depends on: t/kronolith/HK/GW/FbviewRelevance)
+tg: (54021ca..) t/kronolith/HK/GW/XfbAccess (depends on: t/kronolith/HK/GW/FbviewRelevance)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/nag/H/MR/Bug_7400
@@ -14919,7 +14928,7 @@
}
--
-tg: (c56a73f..) t/nag/H/MR/Bug_7400 (depends on: master)
+tg: (5bcbb67..) t/nag/H/MR/Bug_7400 (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/GLOBAL/HK/GW/Config
@@ -16015,7 +16024,7 @@
* An address book based on message recipients. This will always be private and
* read-only. The address book content is provided by the
--
-tg: (c56a73f..) t/GLOBAL/HK/GW/Config (depends on: master)
+tg: (5bcbb67..) t/GLOBAL/HK/GW/Config (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/GLOBAL/HK/GW/ConfigOpenPKG
@@ -16042,7 +16051,7 @@
$conf['alarms']['params']['ttl'] = 300;
$conf['alarms']['driver'] = 'sql';
--
-tg: (05da78c..) t/GLOBAL/HK/GW/ConfigOpenPKG (depends on: t/GLOBAL/HK/GW/Config)
+tg: (7baa33d..) t/GLOBAL/HK/GW/ConfigOpenPKG (depends on: t/GLOBAL/HK/GW/Config)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/kronolith/HK/GW/SyncMLrefresh
@@ -16112,7 +16121,7 @@
$histories = $history->getByTimestamp('>', $timestamp, array(array('op' => '=', 'field' => 'action', 'value' => $action)), 'kronolith:' . $calendar);
if (is_a($histories, 'PEAR_Error')) {
--
-tg: (c56a73f..) t/kronolith/HK/GW/SyncMLrefresh (depends on: master)
+tg: (5bcbb67..) t/kronolith/HK/GW/SyncMLrefresh (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/turba/HK/GW/FixAddressbookDeletion
@@ -16138,7 +16147,7 @@
return $this->_driver->_deleteAll($sourceName);
}
--
-tg: (c56a73f..) t/turba/HK/GW/FixAddressbookDeletion (depends on: master)
+tg: (5bcbb67..) t/turba/HK/GW/FixAddressbookDeletion (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/turba/HK/GW/FixSyncMLAttributeDeletion
@@ -16165,7 +16174,7 @@
switch ($item['name']) {
case 'FN':
--
-tg: (c56a73f..) t/turba/HK/GW/FixSyncMLAttributeDeletion (depends on: master)
+tg: (5bcbb67..) t/turba/HK/GW/FixSyncMLAttributeDeletion (depends on: master)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/turba/HK/GW/SyncMLrefresh
@@ -16190,7 +16199,7 @@
/**
--
-tg: (f86048d..) t/turba/HK/GW/SyncMLrefresh (depends on: t/turba/HK/GW/FixSyncMLAttributeDeletion)
+tg: (a490d6b..) t/turba/HK/GW/SyncMLrefresh (depends on: t/turba/HK/GW/FixSyncMLAttributeDeletion)
From: Gunnar Wrobel <p at rdus.de>
Subject: [PATCH] t/imp/HideGroupwareFolders
@@ -16328,4 +16337,141 @@
/**
--
-tg: (c56a73f..) t/imp/HideGroupwareFolders (depends on: master)
+tg: (5bcbb67..) t/imp/HideGroupwareFolders (depends on: master)
+From: Gunnar Wrobel <p at rdus.de>
+Subject: [PATCH] t/imp/SC/CH/SecIssues20090128
+
+Security issues patched on 20090128
+
+Signed-off-by: Gunnar Wrobel <p at rdus.de>
+
+---
+ horde-webmail/imp/message.php | 10 +++++-----
+ horde-webmail/imp/pgp.php | 4 ++--
+ horde-webmail/imp/smime.php | 4 ++--
+ 3 files changed, 9 insertions(+), 9 deletions(-)
+
+diff --git a/horde-webmail/imp/message.php b/horde-webmail/imp/message.php
+index c822e0b..0488af7 100644
+--- a/horde-webmail/imp/message.php
++++ b/horde-webmail/imp/message.php
+@@ -444,7 +444,7 @@ if (!$printer_friendly && !empty($conf['maillog']['use_maillog'])) {
+
+ /* Do MDN processing now. */
+ if ($imp_ui->MDNCheck($ob->header, Util::getFormData('mdn_confirm'))) {
+- $confirm_link = Horde::link(Util::addParameter($selfURL, 'mdn_confirm', 1)) . _("HERE") . '</a>';
++ $confirm_link = Horde::link(htmlspecialchars(Util::addParameter($selfURL, 'mdn_confirm', 1))) . _("HERE") . '</a>';
+ $notification->push(sprintf(_("The sender of this message is requesting a Message Disposition Notification from you when you have read this message. Please click %s to send the notification message."), $confirm_link), 'horde.message', array('content.raw'));
+ }
+ }
+@@ -617,13 +617,13 @@ if (!$printer_friendly) {
+
+ $a_template->set('headers', Horde::widget('#', _("Headers"), 'widget hasmenu', '', '', _("Headers"), true));
+ if ($all_headers || $list_headers) {
+- $a_template->set('common_headers', Horde::widget($headersURL, _("Show Common Headers"), 'widget', '', '', _("Show Common Headers"), true));
++ $a_template->set('common_headers', Horde::widget(htmlspecialchars($headersURL), _("Show Common Headers"), 'widget', '', '', _("Show Common Headers"), true));
+ }
+ if (!$all_headers) {
+- $a_template->set('all_headers', Horde::widget(Util::addParameter($headersURL, 'show_all_headers', 1), _("Show All Headers"), 'widget', '', '', _("Show All Headers"), true));
++ $a_template->set('all_headers', Horde::widget(htmlspecialchars(Util::addParameter($headersURL, 'show_all_headers', 1)), _("Show All Headers"), 'widget', '', '', _("Show All Headers"), true));
+ }
+ if ($list_info['exists'] && !$list_headers) {
+- $a_template->set('list_headers', Horde::widget(Util::addParameter($headersURL, 'show_list_headers', 1), _("Show Mailing List Information"), 'widget', '', '', _("Show Mailing List Information"), true));
++ $a_template->set('list_headers', Horde::widget(htmlspecialchars(Util::addParameter($headersURL, 'show_list_headers', 1)), _("Show Mailing List Information"), 'widget', '', '', _("Show Mailing List Information"), true));
+ }
+
+ echo $a_template->fetch(IMP_TEMPLATES . '/message/navbar_actions.html');
+@@ -681,7 +681,7 @@ if ($show_parts || ($downloadall_link && !$printer_friendly)) {
+ $url = Horde::selfUrl(true);
+ $url = Util::removeParameter($url, array('actionID'));
+ $url = Util::addParameter($url, array('actionID' => 'strip_all', 'message_token' => $message_token));
+- $val .= '<br />' . Horde::link($url, _("Strip All Attachments"), null, null, "return window.confirm('" . addslashes(_("Are you sure you wish to PERMANENTLY delete all attachments?")) . "');") . _("Strip All Attachments") . ' ' . Horde::img('delete.png', _("Strip Attachments"), null, $registry->getImageDir('horde')) . '</a>';
++ $val .= '<br />' . Horde::link(htmlspecialchars($url), _("Strip All Attachments"), null, null, "return window.confirm('" . addslashes(_("Are you sure you wish to PERMANENTLY delete all attachments?")) . "');") . _("Strip All Attachments") . ' ' . Horde::img('delete.png', _("Strip Attachments"), null, $registry->getImageDir('horde')) . '</a>';
+ }
+ }
+ $hdrs[] = array('name' => _("Part(s)"), 'val' => $val, 'i' => (++$i % 2));
+diff --git a/horde-webmail/imp/pgp.php b/horde-webmail/imp/pgp.php
+index 35c733c..e88e910 100644
+--- a/horde-webmail/imp/pgp.php
++++ b/horde-webmail/imp/pgp.php
+@@ -40,7 +40,7 @@ function _outputPassphraseDialog($secure_check, $symmetric = false)
+ $t->set('symmetric', $symmetric);
+ $t->set('submit_url', Util::addParameter(Horde::applicationUrl('pgp.php'), 'actionID', $symmetric ? 'process_symmetric_passphrase_dialog' : 'process_passphrase_dialog'));
+ $t->set('reload', htmlspecialchars(Util::getFormData('reload')));
+- $t->set('action', Util::getFormData('passphrase_action'));
++ $t->set('action', htmlspecialchars(Util::getFormData('passphrase_action')));
+ $t->set('locked_img', Horde::img('locked.png', _("PGP"), null, $GLOBALS['registry']->getImageDir('horde')));
+ echo $t->fetch(IMP_TEMPLATES . '/pgp/passphrase.html');
+ }
+@@ -66,7 +66,7 @@ function _importKeyDialog($target)
+
+ function _reloadWindow()
+ {
+- Util::closeWindowJS('opener.focus();opener.location.href="' . Util::getFormData('reload') . '";');
++ Util::closeWindowJS('opener.focus();opener.location.href="' . htmlspecialchars(Util::getFormData('reload')) . '";');
+ }
+
+ function _getImportKey()
+diff --git a/horde-webmail/imp/smime.php b/horde-webmail/imp/smime.php
+index 6ba24c6..d05c454 100644
+--- a/horde-webmail/imp/smime.php
++++ b/horde-webmail/imp/smime.php
+@@ -63,7 +63,7 @@ function _outputPassphraseDialog($secure_check)
+ $t->setOption('gettext', true);
+ $t->set('submit_url', Util::addParameter(Horde::applicationUrl('smime.php'), 'actionID', 'process_passphrase_dialog'));
+ $t->set('reload', htmlspecialchars(html_entity_decode(Util::getFormData('reload'))));
+- $t->set('action', Util::getFormData('passphrase_action'));
++ $t->set('action', htmlspecialchars(Util::getFormData('passphrase_action')));
+ $t->set('locked_img', Horde::img('locked.png', _("S/MIME"), null, $GLOBALS['registry']->getImageDir('horde')));
+ echo $t->fetch(IMP_TEMPLATES . '/smime/passphrase.html');
+ }
+@@ -79,7 +79,7 @@ function _actionWindow()
+
+ function _reloadWindow()
+ {
+- Util::closeWindowJS('opener.focus();opener.location.href="' . Util::getFormData('reload') . '";');
++ Util::closeWindowJS('opener.focus();opener.location.href="' . htmlspecialchars(Util::getFormData('reload')) . '";');
+ }
+
+ function _textWindowOutput($filename, $msg, $html = false)
+--
+tg: (5bcbb67..) t/imp/SC/CH/SecIssues20090128 (depends on: master)
+From: Gunnar Wrobel <p at rdus.de>
+Subject: [PATCH] t/horde/SC/CH/SecIssues20090128
+
+Security issues that were patched on 20090128.
+
+Signed-off-by: Gunnar Wrobel <p at rdus.de>
+
+---
+ horde-webmail/lib/Horde/Image.php | 1 +
+ horde-webmail/services/portal/cloud_search.php | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletions(-)
+
+diff --git a/horde-webmail/lib/Horde/Image.php b/horde-webmail/lib/Horde/Image.php
+index 2d48777..1288ef5 100644
+--- a/horde-webmail/lib/Horde/Image.php
++++ b/horde-webmail/lib/Horde/Image.php
+@@ -551,6 +551,7 @@ class Horde_Image {
+ list($app, $driver) = $driver;
+ }
+
++ $driver = basename($driver);
+ $class = 'Horde_Image_' . $driver;
+ if (!class_exists($class)) {
+ if (!empty($app)) {
+diff --git a/horde-webmail/services/portal/cloud_search.php b/horde-webmail/services/portal/cloud_search.php
+index 0d0bc53..7e22aa6 100644
+--- a/horde-webmail/services/portal/cloud_search.php
++++ b/horde-webmail/services/portal/cloud_search.php
+@@ -28,7 +28,7 @@ $results = $registry->call('images/searchTags', array(array($tag)));
+ $results = array_merge($results, $registry->call('news/searchTags',
+ array(array($tag))));
+ echo '<div class="control"><strong>'
+- . sprintf(_("Results for %s"), '<span style="font-style:italic">' . $tag . '</span>')
++ . sprintf(_("Results for %s"), '<span style="font-style:italic">' . htmlspecialchars($tag) . '</span>')
+ . '</strong>'
+ . Horde::link('#', '', '', '', '$(\'cloudsearch\').hide();', '', '', array('style' => 'font-size:75%;'))
+ . '(' . _("Hide Results") . ')</a></span></div><ul class="linedRow">';
+--
+tg: (5bcbb67..) t/horde/SC/CH/SecIssues20090128 (depends on: master)
- Previous message: mathieu: server/kolabd/kolabd/dist_conf centos-clarkconnect, 1.13, 1.14 common, 1.51, 1.52 debian, 1.23, 1.24 kolab, 1.68, 1.69 mandriva, 1.13, 1.14 suse, 1.81, 1.82
- Next message: gunnar: server/patches/horde-webmail/1.2.0/tg t_horde_SC_CH_SecIssues20090128.diff, NONE, 1.1 t_imp_SC_CH_SecIssues20090128.diff, NONE, 1.1 series, 1.1, 1.2 t_GLOBAL_HK_GW_Config.diff, 1.1, 1.2 t_GLOBAL_HK_GW_ConfigOpenPKG.diff, 1.1, 1.2 t_Kolab__Server_HK_GW_DenyLogin.diff, 1.1, 1.2 t_Kolab__Server_HK_GW_UserMailAndFullname.diff, 1.1, 1.2 t_Prefs_HK_GW_FixLDAPAuthForIngo.diff, 1.1, 1.2 t_SyncML_HK_GW_CombinedFixes.diff, 1.1, 1.2 t_Text_Filter_SC_CH_Xss.diff, 1.1, 1.2 t_framework_HK_GW_Auth_InvalidCheck.diff, 1.1, 1.2 t_framework_HK_GW_Auth_ListUsers.diff, 1.1, 1.2 t_framework_HK_GW_Auth_SafetyCheck.diff, 1.1, 1.2 t_framework_HK_GW_Auth_UseKolabServer.diff, 1.1, 1.2 t_framework_HK_GW_Auth_UseSession.diff, 1.1, 1.2 t_framework_HK_GW_DB_SqliteErrorChecking.diff, 1.1, 1.2 t_framework_HK_GW_Kolab_AttachmentSupport.diff, 1.1, 1.2 t_framework_HK_GW_Kolab_MoveIMAP.diff, 1.1, 1.2 t_framework_HK_GW_Kolab_XfbFixes.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Fbview_XfbConcept.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Forma t_ImprovedPreferencesHandling.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_AdditionalGetFeeBusyServerFixes.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_FixAddressObjectIdentification.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_FixGetGroups.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_ImprovedFreebusyServerFallback.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_ImprovedServerFallbacks.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_ListObjects.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_RequireIMAP.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_RewriteExtend.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_SafetyCheck.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_Session.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Server_getFreebusyServer.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storage_CatchPossibleError.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storage_FixTriggerOnFolderCreation.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storage_FixTriggerOnFolderRename.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storage_Fo reign__owner.patch.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storage_Restructuring__Fixes.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storage_ShareIdFix.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storage_Trigger.diff, 1.1, 1.2 t_framework_HK_GW_Kolab__Storgae_FixedUpdateTriggering.diff, 1.1, 1.2 t_framework_HK_GW_Prefs__KolabImapApplicationTag.diff, 1.1, 1.2 t_framework_HK_GW_Vfs_KolabDriver.diff, 1.1, 1.2 t_framework_HK_GW_framework_Kolab_DeprecatedGetServer.diff, 1.1, 1.2 t_framework_HK_GW_framework_Kolab_MoveSessionHandler.diff, 1.1, 1.2 t_framework_HK_GW_framework_Kolab__Format_WS.diff, 1.1, 1.2 t_framework_HK_GW_horde_conf__xmlUpdates.diff, 1.1, 1.2 t_framework_HK_GW_iCalendar_QuotedParameters.diff, 1.1, 1.2 t_imp_HK_GW_AuthForInvitations.diff, 1.1, 1.2 t_imp_HideGroupwareFolders.diff, 1.1, 1.2 t_kronolith_HK_GW_AuthenticatedFreeBusy.diff, 1.1, 1.2 t_kronolith_HK_GW_CalendarRenaming.diff, 1.1, 1.2 t_kronolith_HK_GW_FbviewRelevance.diff, 1.1, 1.2 t_kronolith_HK_GW_SyncMLrefresh.diff, 1.1, 1.2 t_kronolith_HK_GW_XfbA ccess.diff, 1.1, 1.2 t_kronolith_HK_GW_getFreebusyServer.diff, 1.1, 1.2 t_kronolith_HK_SB_ExtraParameters.diff, 1.1, 1.2 t_kronolith_HK_SB_SaveEventAttendees.diff, 1.1, 1.2 t_nag_H_MR_Bug__7400.diff, 1.1, 1.2 t_turba_HK_GW_AutomaticFreeBusyUrl.diff, 1.1, 1.2 t_turba_HK_GW_FixAddressbookDeletion.diff, 1.1, 1.2 t_turba_HK_GW_FixSyncMLAttributeDeletion.diff, 1.1, 1.2 t_turba_HK_GW_PhotoSupport.diff, 1.1, 1.2 t_turba_HK_GW_SyncMLrefresh.diff, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the commits
mailing list