diff options
Diffstat (limited to 'www-apps/phpsysinfo')
| -rw-r--r-- | www-apps/phpsysinfo/Manifest | 1 | ||||
| -rw-r--r-- | www-apps/phpsysinfo/files/phpsysinfo-3.4.3-cve-2023-49006.patch | 44 | ||||
| -rw-r--r-- | www-apps/phpsysinfo/phpsysinfo-3.4.3-r1.ebuild | 54 | ||||
| -rw-r--r-- | www-apps/phpsysinfo/phpsysinfo-3.4.4.ebuild | 2 |
4 files changed, 1 insertions, 100 deletions
diff --git a/www-apps/phpsysinfo/Manifest b/www-apps/phpsysinfo/Manifest index 582949560b02..8f005b407121 100644 --- a/www-apps/phpsysinfo/Manifest +++ b/www-apps/phpsysinfo/Manifest @@ -1,2 +1 @@ -DIST phpsysinfo-3.4.3.tar.gz 1101922 BLAKE2B b4800af1bb6995f898681d80c95c87d7120146078b1a0f24d65c0217b6c6ea1d9dc9e9a8c54d9e4c1f41988ed68e28f263093af1217caf76af48b001da912136 SHA512 d0c5f0d36da6fa85dd299c8550633055fecc15e16f0f9a57e6765691a0c766da9893fd2be539492fb45b482165b1215ca9950b50f7bddfa84294833c06de27f7 DIST phpsysinfo-3.4.4.tar.gz 1109842 BLAKE2B ef192c27e6aff9c95a05b68780287c9118d79df8e95cb04447ab82fd3334dc18b0b790a1b66c903532a259a2243145fd03f8b746502072055c5beeec32e1d36b SHA512 0f2a6be998eb624ff473a9571f4975c2da8909e2f60826b0c713d781e22cd963fd864ce7bd97992321f86b0d69efb123caeeb24603dbd2223a9986d5e6e8720c diff --git a/www-apps/phpsysinfo/files/phpsysinfo-3.4.3-cve-2023-49006.patch b/www-apps/phpsysinfo/files/phpsysinfo-3.4.3-cve-2023-49006.patch deleted file mode 100644 index 6bed16996d20..000000000000 --- a/www-apps/phpsysinfo/files/phpsysinfo-3.4.3-cve-2023-49006.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 4f2cee505e4f2e9b369a321063ff2c5e0c34ba45 Mon Sep 17 00:00:00 2001 -From: namiltd <namiltd@users.noreply.github.com> -Date: Wed, 24 May 2023 10:39:48 +0200 -Subject: [PATCH] Disable JSONP data mode by default for security reasons - ---- - phpsysinfo.ini.new | 7 +++++++ - read_config.php | 5 +++++ - 2 files changed, 12 insertions(+) - -diff --git a/phpsysinfo.ini.new b/phpsysinfo.ini.new -index f2c90f24..25b67c26 100644 ---- a/phpsysinfo.ini.new -+++ b/phpsysinfo.ini.new -@@ -47,6 +47,13 @@ ADD_PATHS=false - ; - ALLOWED=false - -+; Enable JSONP data mode (e.g. /phpsysinfo/xml.php?plugin=complete&jsonp&callback=getData) -+; Disabled by default for security reasons. -+; - false : JSONP data mode disabled -+; - true : JSONP data mode enabled -+; -+;JSONP=false -+ - ; List of sudo commands - ; Example : SUDO_COMMANDS="iptables-save" //execute "sudo iptables-save" instead "iptables-save" - ; SUDO_COMMANDS=false //no sudo commands -diff --git a/read_config.php b/read_config.php -index 17d0683a..53fbf38e 100644 ---- a/read_config.php -+++ b/read_config.php -@@ -89,6 +89,11 @@ - } - } - -+ if (isset($_GET['jsonp']) && (!defined('PSI_JSONP') || !PSI_JSONP)) { -+ echo "JSONP data mode not enabled in phpsysinfo.ini."; -+ die(); -+ } -+ - /* default error handler */ - if (function_exists('errorHandlerPsi')) { - restore_error_handler(); diff --git a/www-apps/phpsysinfo/phpsysinfo-3.4.3-r1.ebuild b/www-apps/phpsysinfo/phpsysinfo-3.4.3-r1.ebuild deleted file mode 100644 index 9c6a04a29c14..000000000000 --- a/www-apps/phpsysinfo/phpsysinfo-3.4.3-r1.ebuild +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit optfeature webapp - -DESCRIPTION="A customizable PHP script that displays information about your system nicely" -HOMEPAGE="https://phpsysinfo.github.io/phpsysinfo/" -SRC_URI="https://github.com/rk4an/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" - -LICENSE="GPL-2+" -KEYWORDS="amd64 ~hppa ppc ppc64 x86" -RDEPEND=" - dev-lang/php[simplexml,xml,xsl(+),xslt(+),unicode] - virtual/httpd-php -" - -PATCHES=( "${FILESDIR}/${PN}-3.4.3-cve-2023-49006.patch" ) - -need_httpd_cgi - -src_install() { - webapp_src_preinst - - dodoc CHANGELOG.md README* - rm CHANGELOG.md COPYING README* .gitignore || die - - mv phpsysinfo.ini{.new,} || die - insinto "${MY_HTDOCSDIR}" - doins -r . - - webapp_configfile "${MY_HTDOCSDIR}"/phpsysinfo.ini - - webapp_src_install -} - -pkg_postinst() { - optfeature "showing disk temperatures." app-admin/hddtemp - optfeature "showing system uptime." app-misc/uptimed - optfeature "showing snmp statistics." net-analyzer/net-snmp - optfeature "showing iptables rules." net-firewall/iptables - optfeature "showing ipmi sensors." sys-apps/ipmitool - optfeature "showing ipmi sensors." sys-apps/ipmiutil - optfeature "showing system sensors." sys-apps/lm-sensors - optfeature "showing s.m.a.r.t. health." sys-apps/smartmontools - optfeature "showing lsi raid controller health." sys-block/megactl - optfeature "showing fake raid statistics." sys-fs/dmraid - optfeature "showing software raid statistics." sys-fs/mdadm - optfeature "showing quota information." sys-fs/quota - optfeature "showing ipmi sensors." sys-libs/freeipmi - optfeature "showing apc ups statistics." sys-power/apcupsd - optfeature "showing ups statistics." sys-power/nut -} diff --git a/www-apps/phpsysinfo/phpsysinfo-3.4.4.ebuild b/www-apps/phpsysinfo/phpsysinfo-3.4.4.ebuild index 1b43fbab64d0..4225f3e8f229 100644 --- a/www-apps/phpsysinfo/phpsysinfo-3.4.4.ebuild +++ b/www-apps/phpsysinfo/phpsysinfo-3.4.4.ebuild @@ -10,7 +10,7 @@ HOMEPAGE="https://phpsysinfo.github.io/phpsysinfo/" SRC_URI="https://github.com/rk4an/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" LICENSE="GPL-2+" -KEYWORDS="~amd64 ~hppa ~ppc ~ppc64 ~x86" +KEYWORDS="amd64 ~hppa ppc ppc64 x86" RDEPEND=" dev-lang/php[simplexml,xml,xsl(+),xslt(+),unicode] virtual/httpd-php |