Item13787: More patch work for 1.1.x

foswiki · Oct 31, 2015 · 23fbe8b · 23fbe8b
1 parent c13b23e
commit 23fbe8b
Show file tree

Hide file tree

Showing 8 changed files with 452 additions and 25 deletions.
diff --git a/PatchRelease01x01Contrib/data/System/PatchRelease01x01Contrib.txt b/PatchRelease01x01Contrib/data/System/PatchRelease01x01Contrib.txt
@@ -1,4 +1,4 @@
-%META:TOPICINFO{author="ProjectContributor" comment="" date="1444271674" format="1.1"  version="1"}%
+%META:TOPICINFO{author="ProjectContributor" comment="" date="1446264082" format="1.1"  version="1"}%
 <!--
 One line description, required for extensions repository catalog.
    * Set SHORTDESCRIPTION = %$SHORTDESCRIPTION%
@@ -72,6 +72,43 @@ The structure of a typical patch:
             |-- Item13777-119.patch
 </verbatim>
 
+The following patch files are included:
+| *Patch file* | *Modifies* | *Applies to Releases:* |
+|| Item11267:  New extension VERSION strings will crash configure ||
+| Item11267-001.patch | | |
+| Item11267-002.patch | | |
+|| Item12285: Maketext vulnerability ||
+| Item12285-112.patch | | |
+| Item12285-116.patch | | |
+|| Item12391: ||
+| Item12391-112.patch | | |
+| Item12391-116.patch | | |
+| Item12391-117.patch | | |
+| Item12414-118.patch | | |
+| Item12616-118.patch | | |
+| Item12849-110.patch | | |
+| Item12849-113.patch | | |
+| Item12849-114.patch | | |
+| Item12849-115.patch | | |
+| Item12849-119.patch | | |
+| Item13775: CGI removed the -any pragma. Patches: <br/>\
+<ul><li> =bin/configure= <br/>\
+<li> =lib/Foswiki/Configure/Type.pm= <br/>\
+<li> =lib/Foswiki/Engine/CGI.pm= <br/>\
+<li> =lib/Foswiki/Plugins/CommentPlugin/Comment.pm= <br/>\
+<li> =lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm= <br/>\
+<li> =lib/Foswiki/Contrib/MailerContrib.pm= <br/>\
+<li> =lib/Foswiki/Plugins/WysiwygPlugin/TML2HTML.pm= </ul> ||
+| Item13775-110.patch | 1.1.0 |
+| Item13775-111.patch | 1.1.1 |
+| Item13775-112.patch | 1.1.2 |
+| Item13775-118.patch | 1.1.8 |
+| Item13775-119.patch | 1.1.9 |
+|| Item13777: Encode URLPARAM to prevent xss ||
+| Item13777-118.patch | =lib/Foswiki/Macros/URLPARAM.pm= =lib/Foswiki/Search.pm= =data/System/WebSearch.txt= | 1.1.8 |
+| Item13777-119.patch | =lib/Foswiki/Macros/URLPARAM.pm= =lib/Foswiki/Search.pm= =data/System/WebSearch.txt= | 1.1.9 |
+
+
 The files in the =working/configure/patch= directory are the actual patches.
 If a collection of related files is patched in a single file, they can be manually applied by
 changing to the root of the install and running:

diff --git a/PatchRelease01x01Contrib/lib/Foswiki/Contrib/PatchRelease01x01Contrib/MANIFEST b/PatchRelease01x01Contrib/lib/Foswiki/Contrib/PatchRelease01x01Contrib/MANIFEST
@@ -1,40 +1,30 @@
 data/System/PatchRelease01x01Contrib.txt 0644
 lib/Foswiki/Contrib/PatchRelease01x01Contrib.pm 0644
 lib/Foswiki/Contrib/PatchRelease01x01Contrib/DEPENDENCIES 0644
-working/configure/patch/Item11267-110.patch 0664
-working/configure/patch/Item11267-111.patch 0664
-working/configure/patch/Item11267-112.patch 0664
-working/configure/patch/Item11267-113.patch 0664
-working/configure/patch/Item11267-114.patch 0664
-working/configure/patch/Item11267-115.patch 0664
-working/configure/patch/Item12285-110.patch 0664
-working/configure/patch/Item12285-111.patch 0664
+working/configure/patch/Item11267-001.patch 0664
+working/configure/patch/Item11267-002.patch 0664
 working/configure/patch/Item12285-112.patch 0664
-working/configure/patch/Item12285-113.patch 0664
-working/configure/patch/Item12285-114.patch 0664
-working/configure/patch/Item12285-115.patch 0664
 working/configure/patch/Item12285-116.patch 0664
-working/configure/patch/Item12391-110.patch 0664
-working/configure/patch/Item12391-111.patch 0664
 working/configure/patch/Item12391-112.patch 0664
-working/configure/patch/Item12391-113.patch 0664
-working/configure/patch/Item12391-114.patch 0664
-working/configure/patch/Item12391-115.patch 0664
 working/configure/patch/Item12391-116.patch 0664
 working/configure/patch/Item12391-117.patch 0664
 working/configure/patch/Item12414-118.patch 0664
 working/configure/patch/Item12616-118.patch 0664
 working/configure/patch/Item12849-110.patch 0664
-working/configure/patch/Item12849-111.patch 0664
-working/configure/patch/Item12849-112.patch 0664
 working/configure/patch/Item12849-113.patch 0664
 working/configure/patch/Item12849-114.patch 0664
 working/configure/patch/Item12849-115.patch 0664
-working/configure/patch/Item12849-116.patch 0664
-working/configure/patch/Item12849-117.patch 0664
-working/configure/patch/Item12849-118.patch 0664
 working/configure/patch/Item12849-119.patch 0664
+working/configure/patch/Item13775-110.patch 0664
+working/configure/patch/Item13775-111.patch 0664
+working/configure/patch/Item13775-112.patch 0664
+working/configure/patch/Item13775-113.patch 0664
+working/configure/patch/Item13775-114.patch 0664
+working/configure/patch/Item13775-115.patch 0664
+working/configure/patch/Item13775-116.patch 0664
+working/configure/patch/Item13775-117.patch 0664
 working/configure/patch/Item13775-118.patch 0664
 working/configure/patch/Item13775-119.patch 0664
 working/configure/patch/Item13777-118.patch 0664
 working/configure/patch/Item13777-119.patch 0664
+
diff --git a/PatchRelease01x01Contrib/working/configure/patch/Item13775-113.patch b/PatchRelease01x01Contrib/working/configure/patch/Item13775-113.patch
@@ -0,0 +1,79 @@
+~~~PATCH 46259a60b8576e98621685ceaea86bce:a4fd3f925c7bcbe9ec5895e827a280cd bin/configure (Foswiki-1.1.3)
+diff --git bin/configure bin/configure
+index 72bc74a..64b9501 100755
+--- bin/configure
++++ bin/configure
+@@ -227,7 +227,7 @@ HERE
+     }
+ }
+
+-foreach my $module ( 'FindBin', 'File::Spec', 'Config', 'CGI qw(:any)', ) {
++foreach my $module ( 'FindBin', 'File::Spec', 'Config', 'CGI', ) {
+     ::_loadBasicModule($module);
+ }
+
+@@ -270,6 +270,8 @@ package Foswiki;
+ # We keep the actual config, and the default from Foswiki.spec, separate
+ my ( %cfg, $defaultCfg );
+
++$CGI::LIST_CONTEXT_WARN = 0;
++
+ # Declared in Foswiki to support checkers
+ our $query = new CGI;
+
+~~~PATCH 4a9bb8a10d76686a2b59c9430bee46a1:e5c3f9958be1a30d98823eb369aeb1a5 lib/Foswiki/Configure/Type.pm (Foswiki-1.1.3)
+diff --git lib/Foswiki/Configure/Type.pm lib/Foswiki/Configure/Type.pm
+index edef99a..752008a 100644
+--- lib/Foswiki/Configure/Type.pm
++++ lib/Foswiki/Configure/Type.pm
+@@ -18,7 +18,7 @@ package Foswiki::Configure::Type;
+ use strict;
+ use warnings;
+
+-use CGI qw( :any );
++use CGI;
+
+ use Foswiki::Configure::Types::UNKNOWN;
+
+~~~PATCH 8dfe6a6b79b3b4979cdd455797f3f312:a622f9278e06a8a0c452539a541427e7 lib/Foswiki/Engine/CGI.pm (Foswiki-1.1.3)
+diff --git lib/Foswiki/Engine/CGI.pm lib/Foswiki/Engine/CGI.pm
+index c0e0c1a..feb3896 100644
+--- lib/Foswiki/Engine/CGI.pm
++++ lib/Foswiki/Engine/CGI.pm
+@@ -22,6 +22,7 @@ use Assert;
+ use Foswiki::Request         ();
+ use Foswiki::Request::Upload ();
+ use Foswiki::Response        ();
++$CGI::LIST_CONTEXT_WARN = 0;
+
+ sub run {
+     my $this = shift;
+
+~~~PATCH ed4cdee6f3b1beee19f813cf96523c0d:a5d3a91165489a873e2b657a872540d1 lib/Foswiki/Plugins/CommentPlugin/Comment.pm (Foswiki-1.1.3)
+diff --git lib/Foswiki/Plugins/CommentPlugin/Comment.pm lib/Foswiki/Plugins/CommentPlugin/Comment.pm
+index c084d36..b3bd507 100644
+--- lib/Foswiki/Plugins/CommentPlugin/Comment.pm
++++ lib/Foswiki/Plugins/CommentPlugin/Comment.pm
+@@ -9,7 +9,7 @@ use Foswiki;
+ use Foswiki::Plugins;
+ use Foswiki::Store;
+ use Foswiki::Attrs;
+-use CGI qw( -any );
++use CGI;
+
+ package Foswiki::Plugins::CommentPlugin::Comment;
+
+~~~PATCH edcfd084a20e16588d6f7c6de9ad56de:bd2ee6b9037bd05edd804022327569a0 lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm (Foswiki-1.1.3)
+diff --git lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm
+index ba54bd5..1d4775b 100644
+--- lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm
++++ lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm
+@@ -9,7 +9,7 @@ use warnings;
+ use Assert;
+ use Error (':try');
+
+-use CGI qw( :cgi -any );
++use CGI;
+
+ use Encode ();
+
diff --git a/PatchRelease01x01Contrib/working/configure/patch/Item13775-114.patch b/PatchRelease01x01Contrib/working/configure/patch/Item13775-114.patch
@@ -0,0 +1,86 @@
+Date:   Thu Oct 1 17:32:57 2015 -0400
+
+    Item13778: CGI -any pragma deprecated
+    Item13775: CGI param called in list context
+
+    Backport Foswiki 2.0 fixes.
+
+~~~PATCH 864149f31c70f0bafd3485c632897650:e79e2d33874a7a1db9ba3fdf94b35c8d lib/Foswiki/Plugins/CommentPlugin/Comment.pm (Foswiki-1.1.4)
+diff --git lib/Foswiki/Plugins/CommentPlugin/Comment.pm lib/Foswiki/Plugins/CommentPlugin/Comment.pm
+index edbd86e..e1b09f9 100644
+--- lib/Foswiki/Plugins/CommentPlugin/Comment.pm
++++ lib/Foswiki/Plugins/CommentPlugin/Comment.pm
+@@ -9,7 +9,7 @@ use Foswiki;
+ use Foswiki::Plugins;
+ use Foswiki::Store;
+ use Foswiki::Attrs;
+-use CGI qw( -any );
++use CGI;
+
+ package Foswiki::Plugins::CommentPlugin::Comment;
+
+~~~PATCH a03d288688e27185675596c59ed2db16:65b5d181b21a37ca98a45fc1a229f650 lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm (Foswiki-1.1.4)
+diff --git lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm
+index b2b8f84..8f39274 100644
+--- lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm
++++ lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm
+@@ -9,7 +9,7 @@ use warnings;
+ use Assert;
+ use Error (':try');
+
+-use CGI qw( :cgi -any );
++use CGI;
+
+ use Encode ();
+
+
+~~~PATCH f624dc0e15746d8a3db483dd349c7ab6:2076d8bd964801fa2ea97f300f732740 lib/Foswiki/Configure/Type.pm (Foswiki-1.1.4)
+diff --git lib/Foswiki/Configure/Type.pm lib/Foswiki/Configure/Type.pm
+index dad2f5d..aeddd50 100755
+--- lib/Foswiki/Configure/Type.pm
++++ lib/Foswiki/Configure/Type.pm
+@@ -18,7 +18,7 @@ package Foswiki::Configure::Type;
+ use strict;
+ use warnings;
+
+-use CGI qw( :any );
++use CGI;
+
+ use Foswiki::Configure::Types::UNKNOWN;
+
+~~~PATCH 18544845f938401a061d27c3510db12a:d50d8819985fb897b06323d4967dc240 lib/Foswiki/Engine/CGI.pm (Foswiki-1.1.4)
+diff --git lib/Foswiki/Engine/CGI.pm lib/Foswiki/Engine/CGI.pm
+index 33fc31a..7bb1172 100644
+--- lib/Foswiki/Engine/CGI.pm
++++ lib/Foswiki/Engine/CGI.pm
+@@ -22,6 +22,7 @@ use Assert;
+ use Foswiki::Request         ();
+ use Foswiki::Request::Upload ();
+ use Foswiki::Response        ();
++$CGI::LIST_CONTEXT_WARN = 0;
+
+ sub run {
+     my $this = shift;
+~~~PATCH 12c821fd2496411c18ad1932794aa7e7:989ce3ed1153959b5d945c4b72941e27 bin/configure (Foswiki-1.1.4)
+diff --git bin/configure bin/configure
+index 3be5c2e..69789a2 100755
+--- bin/configure
++++ bin/configure
+@@ -261,7 +261,7 @@ if ($@) {
+     unshift( @INC, File::Spec->catfile( @root, 'lib' ) );
+ }
+
+-::_loadBasicModule('CGI qw(:any)');
++::_loadBasicModule('CGI');
+
+ $| = 1;    # no buffering on STDOUT
+
+@@ -272,6 +272,8 @@ package Foswiki;
+ # We keep the actual config, and the default from Foswiki.spec, separate
+ my ( %cfg, $defaultCfg );
+
++$CGI::LIST_CONTEXT_WARN = 0;
++
+ # Declared in Foswiki to support checkers
+ our $query = new CGI;
+
diff --git a/PatchRelease01x01Contrib/working/configure/patch/Item13775-115.patch b/PatchRelease01x01Contrib/working/configure/patch/Item13775-115.patch
@@ -0,0 +1,78 @@
+~~~PATCH 178c84385cca86468cb71c01e8981712:9b70154085522feb0276846e28d3e787 bin/configure (Foswiki-1.1.5)
+diff --git bin/configure bin/configure
+--- bin/configure
++++ bin/configure
+@@ -261,7 +261,7 @@ if ($@) {
+     unshift( @INC, File::Spec->catfile( @root, 'lib' ) );
+ }
+
+-::_loadBasicModule('CGI qw(:any)');
++::_loadBasicModule('CGI');
+
+ $| = 1;    # no buffering on STDOUT
+
+@@ -272,6 +272,8 @@ package Foswiki;
+ # We keep the actual config, and the default from Foswiki.spec, separate
+ my ( %cfg, $defaultCfg );
+
++$CGI::LIST_CONTEXT_WARN = 0;
++
+ # Declared in Foswiki to support checkers
+ our $query = new CGI;
+
+~~~PATCH f624dc0e15746d8a3db483dd349c7ab6:2076d8bd964801fa2ea97f300f732740 lib/Foswiki/Configure/Type.pm (Foswiki-1.1.5)
+diff --git lib/Foswiki/Configure/Type.pm lib/Foswiki/Configure/Type.pm
+index dad2f5d..aeddd50 100644
+--- lib/Foswiki/Configure/Type.pm
++++ lib/Foswiki/Configure/Type.pm
+@@ -18,7 +18,7 @@ package Foswiki::Configure::Type;
+ use strict;
+ use warnings;
+
+-use CGI qw( :any );
++use CGI;
+
+ use Foswiki::Configure::Types::UNKNOWN;
+
+~~~PATCH 18544845f938401a061d27c3510db12a:d50d8819985fb897b06323d4967dc240 lib/Foswiki/Engine/CGI.pm (Foswiki-1.1.5)
+diff --git lib/Foswiki/Engine/CGI.pm lib/Foswiki/Engine/CGI.pm
+index 8160be9..4cbb577 100644
+--- lib/Foswiki/Engine/CGI.pm
++++ lib/Foswiki/Engine/CGI.pm
+@@ -22,6 +22,7 @@ use Assert;
+ use Foswiki::Request         ();
+ use Foswiki::Request::Upload ();
+ use Foswiki::Response        ();
++$CGI::LIST_CONTEXT_WARN = 0;
+
+ sub run {
+     my $this = shift;
+
+~~~PATCH 864149f31c70f0bafd3485c632897650:e79e2d33874a7a1db9ba3fdf94b35c8d lib/Foswiki/Plugins/CommentPlugin/Comment.pm (Foswiki-1.1.5)
+diff --git lib/Foswiki/Plugins/CommentPlugin/Comment.pm lib/Foswiki/Plugins/CommentPlugin/Comment.pm
+index e07bc70..904deeb 100644
+--- lib/Foswiki/Plugins/CommentPlugin/Comment.pm
++++ lib/Foswiki/Plugins/CommentPlugin/Comment.pm
+@@ -9,7 +9,7 @@ use Foswiki;
+ use Foswiki::Plugins;
+ use Foswiki::Store;
+ use Foswiki::Attrs;
+-use CGI qw( -any );
++use CGI;
+
+ package Foswiki::Plugins::CommentPlugin::Comment;
+
+~~~PATCH c67cb91a5c5d17a4d1b3a8ff82d123e7:5e531499741f78089d169232e15d0fbb lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm (Foswiki-1.1.5)
+diff --git lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm
+index 7a497e1..29d9d63 100644
+--- lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm
++++ lib/Foswiki/Plugins/WysiwygPlugin/Handlers.pm
+@@ -9,7 +9,7 @@ use warnings;
+ use Assert;
+ use Error (':try');
+
+-use CGI qw( :cgi -any );
++use CGI;
+
+ use Encode ();
+