File: 02_CVE-2007-0508.dpatch

package info (click to toggle)
bbclone 0.4.6-8
  • links: PTS
  • area: main
  • in suites: etch, etch-m68k
  • size: 4,304 kB
  • ctags: 528
  • sloc: php: 15,858; sh: 349; makefile: 41
file content (123 lines) | stat: -rw-r--r-- 4,815 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
 
#! /bin/sh /usr/share/dpatch/dpatch-run
## 02_CVE-2007-0508.dpatch by  <tiago@localhost>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.

@DPATCH@
diff -urNad trunk~/lib/selectlang.php trunk/lib/selectlang.php
--- trunk~/lib/selectlang.php	2007-02-02 20:58:30.000000000 -0300
+++ trunk/lib/selectlang.php	2007-02-02 21:12:33.000000000 -0300
@@ -13,8 +13,10 @@
 
 # See doc/copying.txt for details
 
-if (is_readable($BBC_LIB_PATH."html.php")) require_once($BBC_LIB_PATH."html.php");
-else exit(bbc_msg($BBC_LIB_PATH."html.php"));
+#CVE-2007-0508
+#if (is_readable($BBC_LIB_PATH."html.php")) require_once($BBC_LIB_PATH."html.php");
+#else exit(bbc_msg($BBC_LIB_PATH."html.php"));
+
 
 # initialising the HTML class
 $bbc_html =& new bbc_html;
@@ -26,4 +28,4 @@
   require($BBC_LANGUAGE_PATH."en.php");
 }
 else exit(bbc_msg($BBC_LANGUAGE_PATH."en.php"));
-?>
\ No newline at end of file
+?>
diff -urNad trunk~/show_config.php trunk/show_config.php
--- trunk~/show_config.php	2007-02-02 20:58:19.000000000 -0300
+++ trunk/show_config.php	2007-02-02 21:12:33.000000000 -0300
@@ -18,7 +18,9 @@
 elseif (is_readable("constants.php")) require_once("constants.php");
 else return;
 
-foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."selectlang.php") as $i) {
+#CVE-2007-0508
+#foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."selectlang.php") as $i) {
+foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."html.php", $BBC_LIB_PATH."selectlang.php") as $i) {
   if (is_readable($i)) require_once($i);
   else {
     if (!empty($BBC_DEBUG)) exit(bbc_msg($i));
@@ -86,4 +88,4 @@
     .$bbc_html->copyright()
     .$bbc_html->topbar(0, 1)
     .$bbc_html->html_end();
-?>
\ No newline at end of file
+?>
diff -urNad trunk~/show_detailed.php trunk/show_detailed.php
--- trunk~/show_detailed.php	2007-02-02 21:12:32.000000000 -0300
+++ trunk/show_detailed.php	2007-02-02 21:12:33.000000000 -0300
@@ -18,7 +18,9 @@
 elseif (is_readable("constants.php")) require_once("constants.php");
 else return;
 
-foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."selectlang.php", $BBC_LAST_FILE) as $i) {
+#CVE-2007-0508
+#foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."selectlang.php", $BBC_LAST_FILE) as $i) {
+foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."html.php", $BBC_LIB_PATH."selectlang.php", $BBC_LAST_FILE) as $i) {
   if (is_readable($i)) require_once($i);
   else exit(bbc_msg($i));
 }
diff -urNad trunk~/show_global.php trunk/show_global.php
--- trunk~/show_global.php	2007-02-02 21:12:32.000000000 -0300
+++ trunk/show_global.php	2007-02-02 21:13:15.000000000 -0300
@@ -18,7 +18,11 @@
 elseif (is_readable("constants.php")) require_once("constants.php");
 else return;
 
-foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."selectlang.php", $BBC_ACCESS_FILE) as $i) {
+#CVE-2007-0508
+#foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."selectlang.php", $BBC_ACCESS_FILE) as $i) {
+if (is_readable($BBC_CONFIG_FILE)) require_once($BBC_CONFIG_FILE);
+else exit(bbc_msg($BBC_CONFIG_FILE));
+foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."html.php", $BBC_LIB_PATH."selectlang.php") as $i) {
   if (is_readable($i)) require_once($i);
   else exit(bbc_msg($i));
 }
diff -urNad trunk~/show_time.php trunk/show_time.php
--- trunk~/show_time.php	2007-02-02 20:58:19.000000000 -0300
+++ trunk/show_time.php	2007-02-02 21:12:33.000000000 -0300
@@ -18,7 +18,9 @@
 elseif (is_readable("constants.php")) require_once("constants.php");
 else return;
 
-foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."selectlang.php", $BBC_ACCESS_FILE) as $i) {
+#CVE-2007-0508
+#foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."selectlang.php", $BBC_ACCESS_FILE) as $i) {
+foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."html.php", $BBC_LIB_PATH."selectlang.php", $BBC_ACCESS_FILE) as $i) {
   if (is_readable($i)) require_once($i);
   else exit(bbc_msg($i));
 }
@@ -239,4 +241,4 @@
     .$bbc_html->copyright()
     .$bbc_html->topbar(0, 1)
     .$bbc_html->html_end();
-?>
\ No newline at end of file
+?>
diff -urNad trunk~/show_views.php trunk/show_views.php
--- trunk~/show_views.php	2007-02-02 20:58:19.000000000 -0300
+++ trunk/show_views.php	2007-02-02 21:12:33.000000000 -0300
@@ -18,7 +18,9 @@
 elseif (is_readable("constants.php")) require_once("constants.php");
 else return;
 
-foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."selectlang.php", $BBC_LAST_FILE) as $i) {
+#CVE-2007-0508
+#foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."selectlang.php", $BBC_LAST_FILE) as $i) {
+foreach (array($BBC_CONFIG_FILE, $BBC_LIB_PATH."html.php", $BBC_LIB_PATH."selectlang.php", $BBC_LAST_FILE) as $i) {
   if (is_readable($i)) require_once($i);
   else exit(bbc_msg($i));
 }
@@ -165,4 +167,4 @@
     .$bbc_html->copyright()
     .$bbc_html->topbar(0, 1)
     .$bbc_html->html_end();
-?>
\ No newline at end of file
+?>