[pkg-java] r4318 - in trunk/libservlet2.4-java/debian: . patches
mkoch at alioth.debian.org
mkoch at alioth.debian.org
Sun Oct 7 10:39:14 UTC 2007
Author: mkoch
Date: 2007-10-07 10:39:14 +0000 (Sun, 07 Oct 2007)
New Revision: 4318
Added:
trunk/libservlet2.4-java/debian/patches/
trunk/libservlet2.4-java/debian/patches/cve-2007-4724.patch
Modified:
trunk/libservlet2.4-java/debian/
trunk/libservlet2.4-java/debian/changelog
trunk/libservlet2.4-java/debian/rules
Log:
libservlet2.4-java (5.0.30-6) unstable; urgency=low
* Fix XSS bug (CVE-2007-4724) in cal2.jsp.
-- Michael Koch <konqueror at gmx.de> Sat, 06 Oct 2007 23:50:14 +0200
Property changes on: trunk/libservlet2.4-java/debian
___________________________________________________________________
Name: svn:ignore
+ files
libservlet2.4-java
libservlet2.4-java-gcj
stamp-*
*.debhelper
*.substvars
Modified: trunk/libservlet2.4-java/debian/changelog
===================================================================
--- trunk/libservlet2.4-java/debian/changelog 2007-10-07 09:44:55 UTC (rev 4317)
+++ trunk/libservlet2.4-java/debian/changelog 2007-10-07 10:39:14 UTC (rev 4318)
@@ -1,3 +1,9 @@
+libservlet2.4-java (5.0.30-6) unstable; urgency=low
+
+ * Fix XSS bug (CVE-2007-4724) in cal2.jsp.
+
+ -- Michael Koch <konqueror at gmx.de> Sat, 06 Oct 2007 23:50:14 +0200
+
libservlet2.4-java (5.0.30-5) unstable; urgency=low
* Build a libservlet2.4-java-gcj package.
Property changes on: trunk/libservlet2.4-java/debian/patches
___________________________________________________________________
Name: svn:ignore
+ *.log
Added: trunk/libservlet2.4-java/debian/patches/cve-2007-4724.patch
===================================================================
--- trunk/libservlet2.4-java/debian/patches/cve-2007-4724.patch (rev 0)
+++ trunk/libservlet2.4-java/debian/patches/cve-2007-4724.patch 2007-10-07 10:39:14 UTC (rev 4318)
@@ -0,0 +1,11 @@
+--- ./jsr152/examples/cal/cal2.jsp.orig 2007-10-06 23:46:52.000000000 +0200
++++ ./jsr152/examples/cal/cal2.jsp 2007-10-06 23:48:07.000000000 +0200
+@@ -29,7 +29,7 @@
+
+ <FONT SIZE=5> Please add the following event:
+ <BR> <h3> Date <%= table.getDate() %>
+-<BR> Time <%= time %> </h3>
++<BR> Time <%= util.HTMLFilter.filter(time) %> </h3>
+ </FONT>
+ <FORM METHOD=POST ACTION=cal1.jsp>
+ <BR>
Modified: trunk/libservlet2.4-java/debian/rules
===================================================================
--- trunk/libservlet2.4-java/debian/rules 2007-10-07 09:44:55 UTC (rev 4317)
+++ trunk/libservlet2.4-java/debian/rules 2007-10-07 10:39:14 UTC (rev 4318)
@@ -10,6 +10,7 @@
include /usr/share/cdbs/1/rules/debhelper.mk
include /usr/share/cdbs/1/class/ant.mk
+include /usr/share/cdbs/1/rules/simple-patchsys.mk
include /usr/share/gcj/debian_defaults
ifneq (,$(filter $(DEB_HOST_ARCH), $(gcj_native_archs)))
More information about the pkg-java-commits
mailing list