mirror of
git://slackware.nl/current.git
synced 2025-01-22 07:27:59 +01:00
a44e6a9f0b
patches/packages/curl-8.9.0-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release. patches/packages/htdig-3.2.0b6-x86_64-10_slack15.0.txz: Rebuilt. Patch XSS vulnerability. Thanks to jayjwa. Get this out of cgi-bin. Thanks to LuckyCyborg. For more information, see: https://www.cve.org/CVERecord?id=CVE-2007-6110 (* Security fix *) patches/packages/libxml2-2.11.9-x86_64-1_slack15.0.txz: Upgraded. This update fixes a security issue: Fix XXE protection in downstream code. For more information, see: https://www.cve.org/CVERecord?id=CVE-2024-40896 (* Security fix *)
333 lines
9.6 KiB
Diff
333 lines
9.6 KiB
Diff
--- ./db/os_rw.c.orig 2004-01-12 06:48:24.000000000 -0600
|
|
+++ ./db/os_rw.c 2007-04-07 17:29:44.000000000 -0500
|
|
@@ -5,6 +5,14 @@
|
|
* Sleepycat Software. All rights reserved.
|
|
*/
|
|
|
|
+
|
|
+#define _XOPEN_SOURCE 500
|
|
+#include <sys/types.h>
|
|
+#include <unistd.h>
|
|
+#ifndef u_long
|
|
+typedef __u_long u_long;
|
|
+#endif
|
|
+
|
|
#include "db_config.h"
|
|
|
|
#ifndef lint
|
|
--- ./db/hash.c.orig 2004-06-11 11:44:35.000000000 -0500
|
|
+++ ./db/hash.c 2007-04-07 17:29:44.000000000 -0500
|
|
@@ -250,6 +250,11 @@
|
|
hashp->h_hash = hcp->hdr->dbmeta.version < 5
|
|
? CDB___ham_func4 : CDB___ham_func5;
|
|
|
|
+ /* Make sure we always have a valid hashp->h_hash function. */
|
|
+ if (hashp->h_hash == NULL)
|
|
+ hashp->h_hash = hcp->hdr->dbmeta.version < 5
|
|
+ ? CDB___ham_func4 : CDB___ham_func5;
|
|
+
|
|
err2: /* Release the meta data page */
|
|
if ((t_ret = CDB___ham_release_meta(dbc)) != 0 && ret == 0)
|
|
ret = t_ret;
|
|
--- ./htdig/Server.cc.orig 2004-05-28 08:15:16.000000000 -0500
|
|
+++ ./htdig/Server.cc 2007-04-07 17:29:44.000000000 -0500
|
|
@@ -341,6 +341,8 @@
|
|
{
|
|
String fullpatt = "^[^:]*://[^/]*(";
|
|
fullpatt << pattern << ')';
|
|
+ if (pattern.length() == 0)
|
|
+ fullpatt = "";
|
|
_disallow.set(fullpatt, config->Boolean("case_sensitive"));
|
|
}
|
|
}
|
|
--- ./htfuzzy/Regexp.cc.orig 2004-05-28 08:15:20.000000000 -0500
|
|
+++ ./htfuzzy/Regexp.cc 2007-04-07 17:29:45.000000000 -0500
|
|
@@ -73,16 +73,16 @@
|
|
int wordCount = 0;
|
|
int maximumWords = config.Value("regex_max_words", 25);
|
|
|
|
- wordList->Start_Get();
|
|
- while (wordCount < maximumWords && (key = (String *) wordList->Get_Next()))
|
|
- {
|
|
- if (regexMatch.match(*key, 0, 0) != 0)
|
|
- {
|
|
- words.Add(new String(*key));
|
|
- wordCount++;
|
|
- }
|
|
- }
|
|
if (wordList) {
|
|
+ wordList->Start_Get();
|
|
+ while (wordCount < maximumWords && (key = (String *) wordList->Get_Next()))
|
|
+ {
|
|
+ if (regexMatch.match(*key, 0, 0) != 0)
|
|
+ {
|
|
+ words.Add(new String(*key));
|
|
+ wordCount++;
|
|
+ }
|
|
+ }
|
|
wordList->Destroy();
|
|
delete wordList;
|
|
}
|
|
--- ./htfuzzy/Substring.cc.orig 2004-05-28 08:15:20.000000000 -0500
|
|
+++ ./htfuzzy/Substring.cc 2007-04-07 17:29:45.000000000 -0500
|
|
@@ -73,16 +73,16 @@
|
|
int wordCount = 0;
|
|
int maximumWords = config.Value("substring_max_words", 25);
|
|
|
|
- wordList->Start_Get();
|
|
- while (wordCount < maximumWords && (key = (String *) wordList->Get_Next()))
|
|
- {
|
|
- if (match.FindFirst((char*)*key) >= 0)
|
|
- {
|
|
- words.Add(new String(*key));
|
|
- wordCount++;
|
|
- }
|
|
- }
|
|
if (wordList) {
|
|
+ wordList->Start_Get();
|
|
+ while (wordCount < maximumWords && (key = (String *) wordList->Get_Next()))
|
|
+ {
|
|
+ if (match.FindFirst((char*)*key) >= 0)
|
|
+ {
|
|
+ words.Add(new String(*key));
|
|
+ wordCount++;
|
|
+ }
|
|
+ }
|
|
wordList->Destroy();
|
|
delete wordList;
|
|
}
|
|
--- ./htfuzzy/htfuzzy.cc.orig 2004-05-28 08:15:20.000000000 -0500
|
|
+++ ./htfuzzy/htfuzzy.cc 2007-04-07 17:29:45.000000000 -0500
|
|
@@ -153,8 +153,9 @@
|
|
String word, fuzzyKey;
|
|
int count = 0;
|
|
|
|
- words->Start_Get();
|
|
- while ((key = (String *) words->Get_Next()))
|
|
+ if (words)
|
|
+ words->Start_Get();
|
|
+ while (words && (key = (String *) words->Get_Next()))
|
|
{
|
|
word = *key;
|
|
wordAlgorithms.Start_Get();
|
|
@@ -185,8 +186,11 @@
|
|
fuzzy->writeDB();
|
|
}
|
|
worddb.Close();
|
|
- words->Destroy();
|
|
- delete words;
|
|
+ if (words)
|
|
+ {
|
|
+ words->Destroy();
|
|
+ delete words;
|
|
+ }
|
|
if (fuzzy)
|
|
delete fuzzy;
|
|
}
|
|
--- ./htfuzzy/Prefix.cc.orig 2004-05-28 08:15:20.000000000 -0500
|
|
+++ ./htfuzzy/Prefix.cc 2007-04-07 17:29:45.000000000 -0500
|
|
@@ -99,9 +99,10 @@
|
|
WordReference *word_ref;
|
|
String last_word;
|
|
|
|
- wordList->Start_Get();
|
|
- while (wordCount < maximumWords && (word_ref = (WordReference *) wordList->Get_Next() ))
|
|
- {
|
|
+ if (wordList) {
|
|
+ wordList->Start_Get();
|
|
+ while (wordCount < maximumWords && (word_ref = (WordReference *) wordList->Get_Next() ))
|
|
+ {
|
|
s = word_ref->Key().GetWord();
|
|
|
|
// If we're somehow past the original word, we're done
|
|
@@ -115,8 +116,7 @@
|
|
last_word = s;
|
|
words.Add(new String(s));
|
|
wordCount++;
|
|
- }
|
|
- if (wordList) {
|
|
+ }
|
|
wordList->Destroy();
|
|
delete wordList;
|
|
}
|
|
--- ./htfuzzy/Fuzzy.cc.orig 2004-05-28 08:15:20.000000000 -0500
|
|
+++ ./htfuzzy/Fuzzy.cc 2007-04-07 17:29:45.000000000 -0500
|
|
@@ -61,7 +61,11 @@
|
|
delete index;
|
|
index = 0;
|
|
}
|
|
- delete dict;
|
|
+ if (dict)
|
|
+ {
|
|
+ delete dict;
|
|
+ dict = 0;
|
|
+ }
|
|
}
|
|
|
|
|
|
@@ -154,8 +158,9 @@
|
|
|
|
int count = 0;
|
|
|
|
- dict->Start_Get();
|
|
- while ((fuzzyKey = dict->Get_Next()))
|
|
+ if (dict)
|
|
+ dict->Start_Get();
|
|
+ while (dict && (fuzzyKey = dict->Get_Next()))
|
|
{
|
|
s = (String *) dict->Find(fuzzyKey);
|
|
index->Put(fuzzyKey, *s);
|
|
--- ./htsearch/Display.cc.orig 2004-05-28 08:15:24.000000000 -0500
|
|
+++ ./htsearch/Display.cc 2007-04-07 17:29:44.000000000 -0500
|
|
@@ -54,6 +54,7 @@
|
|
|
|
#include <math.h>
|
|
#include <float.h>
|
|
+#include <values.h>
|
|
|
|
#if !defined(DBL_MAX)
|
|
# if defined (MAXDOUBLE)
|
|
--- ./htsearch/htsearch.cc.orig 2004-05-28 08:15:24.000000000 -0500
|
|
+++ ./htsearch/htsearch.cc 2007-04-07 17:29:44.000000000 -0500
|
|
@@ -211,8 +211,7 @@
|
|
}
|
|
if (access((char*)configFile, R_OK) < 0)
|
|
{
|
|
- reportError(form("Unable to read configuration file '%s'",
|
|
- configFile.get()));
|
|
+ reportError("Unable to read configuration file");
|
|
}
|
|
config->Read(configFile);
|
|
|
|
--- ./htsearch/qtest.cc.orig 2004-05-28 08:15:25.000000000 -0500
|
|
+++ ./htsearch/qtest.cc 2007-04-07 17:29:44.000000000 -0500
|
|
@@ -132,8 +132,7 @@
|
|
|
|
if (access((char*)configFile, R_OK) < 0)
|
|
{
|
|
- reportError(form("Unable to find configuration file '%s'",
|
|
- configFile.get()));
|
|
+ reportError("Unable to find configuration file");
|
|
}
|
|
|
|
config->Read(configFile);
|
|
--- ./htsearch/Collection.h.orig 2004-05-28 08:15:24.000000000 -0500
|
|
+++ ./htsearch/Collection.h 2007-04-07 17:29:45.000000000 -0500
|
|
@@ -36,9 +36,9 @@
|
|
const char *docExcerpt);
|
|
~Collection();
|
|
|
|
- void Collection::Open();
|
|
+ void Open();
|
|
|
|
- void Collection::Close();
|
|
+ void Close();
|
|
|
|
char *getWordFile() { return wordFile.get(); }
|
|
DocumentRef *getDocumentRef(int id);
|
|
--- ./htword/WordDBPage.cc.orig 2004-05-28 08:15:26.000000000 -0500
|
|
+++ ./htword/WordDBPage.cc 2007-04-07 17:29:44.000000000 -0500
|
|
@@ -82,7 +82,7 @@
|
|
if(debuglevel>2)printf("TOTAL SIZE: %6d %8f\n",size,size/8.0);
|
|
// argh! compare failed somthing went wrong
|
|
// display the compress/decompress sequence and fail
|
|
- if(cmp || size>8*1024*1000000000)
|
|
+ if(cmp || size>8*1024)
|
|
{
|
|
if(size>8*1024)
|
|
{
|
|
--- ./installdir/rundig.orig 2007-04-07 17:29:45.000000000 -0500
|
|
+++ ./installdir/rundig 2007-04-07 17:29:45.000000000 -0500
|
|
@@ -14,6 +14,7 @@
|
|
|
|
# To help debug problems, try running rundig -vvv
|
|
# This will add lots of debugging output to all of the programs
|
|
+incremental=0
|
|
stats= opts= alt=
|
|
while [ "$#" -gt 0 ]
|
|
do
|
|
@@ -24,6 +25,7 @@
|
|
conffile="$1"
|
|
opts="$opts -c $conffile"
|
|
;;
|
|
+ +i) incremental=1;;
|
|
*) opts="$opts $1" ;; # e.g. -v
|
|
esac
|
|
shift
|
|
@@ -53,7 +55,13 @@
|
|
TMPDIR=$DBDIR
|
|
export TMPDIR
|
|
|
|
-$BINDIR/htdig -i $opts $stats $alt
|
|
+if [ $incremental -ne 0 ]
|
|
+then
|
|
+ $BINDIR/htdig $opts $stats $alt
|
|
+else
|
|
+ $BINDIR/htdig -i $opts $stats $alt
|
|
+fi
|
|
+
|
|
$BINDIR/htpurge $opts $alt
|
|
case "$alt" in
|
|
-a)
|
|
--- ./installdir/htdig.conf.orig 2004-02-08 04:19:33.000000000 -0600
|
|
+++ ./installdir/htdig.conf 2007-04-07 17:29:44.000000000 -0500
|
|
@@ -18,6 +18,18 @@
|
|
database_dir: @DATABASE_DIR@
|
|
|
|
#
|
|
+# Define common_dir, which is used in several of the examples.
|
|
+#
|
|
+common_dir: /var/www/html/htdig
|
|
+
|
|
+#
|
|
+# Disable the translation of the ISO Latin 1 SGML entities from the
|
|
+# documents into upper end 8-bit characters in the database,
|
|
+# and then back to the Latin 1 SGML entities in htsearch results.
|
|
+#
|
|
+translate_latin1: false
|
|
+
|
|
+#
|
|
# This specifies the URL where the robot (htdig) will start. You can specify
|
|
# multiple URLs here. Just separate them by some whitespace.
|
|
# The example here will cause the ht://Dig homepage and related pages to be
|
|
@@ -25,7 +37,7 @@
|
|
# You could also index all the URLs in a file like so:
|
|
# start_url: `${common_dir}/start.url`
|
|
#
|
|
-start_url: http://www.htdig.org/
|
|
+start_url: http://localhost
|
|
|
|
#
|
|
# This attribute limits the scope of the indexing process. The default is to
|
|
@@ -76,7 +88,7 @@
|
|
# The string htdig will send in every request to identify the robot. Change
|
|
# this to your email address.
|
|
#
|
|
-maintainer: unconfigured@htdig.searchengine.maintainer
|
|
+maintainer: root@localhost
|
|
|
|
#
|
|
# The excerpts that are displayed in long results rely on stored information
|
|
--- ./installdir/rundig.1.in.orig 2004-03-12 02:11:06.000000000 -0600
|
|
+++ ./installdir/rundig.1.in 2007-04-07 17:29:46.000000000 -0500
|
|
@@ -23,6 +23,9 @@
|
|
.TP
|
|
.B \-c configfile
|
|
Use alternate config file.
|
|
+.TP
|
|
+.B \+i
|
|
+Use incremental digging instead non-incremental
|
|
.SH "SEE ALSO"
|
|
Please refer to the HTML pages (in the htdig-doc package)
|
|
.B /usr/share/doc/htdig-doc/html/index.html
|
|
--- ./configure.orig 2004-06-14 03:25:31.000000000 -0500
|
|
+++ ./configure 2007-04-07 17:29:44.000000000 -0500
|
|
@@ -28034,7 +28034,7 @@
|
|
APACHE_REQUEST=`echo 1.3.1 | sed -e 's/\.//g'`
|
|
APACHE_REQUEST_MAJOR=`expr $APACHE_REQUEST : '\(..\)'`
|
|
APACHE_REQUEST_MINOR=`expr $APACHE_REQUEST : '..\(.*\)'`
|
|
- if test "$APACHE_MAJOR" -lt "$APACHE_REQUEST_MAJOR" -o "$APACHE_MINOR" -lt "$APACHE_REQUEST_MINOR" ; then
|
|
+ if test "$APACHE_MAJOR" -eq "APACHE_REQUEST_MAJOR" -a "$APACHE_MINOR" -lt "$APACHE_REQUEST_MINOR" -o "$APACHE_MAJOR" -lt "$APACHE_REQUEST_MAJOR" ; then
|
|
echo "$as_me:$LINENO: result: no" >&5
|
|
echo "${ECHO_T}no" >&6
|
|
{ { echo "$as_me:$LINENO: error: apache version is $APACHE_READABLE_VERSION" >&5
|