Debian Bug report logs - #201980
phpgroupware: Cross-Site-Scripting and SQL Insertion

version graph

Package: phpgroupware; Maintainer for phpgroupware is (unknown);

Reported by: Thomas Viehmann <tv@beamnet.de>

Date: Fri, 18 Jul 2003 19:48:02 UTC

Severity: grave

Tags: patch, security, sid

Found in version 0.9.14.0.RC3.2-0.9.14.003

Fixed in version phpgroupware/0.9.14.007-4

Done: Thomas Viehmann <tv@beamnet.de>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Luca - De Whiskey's - De Vitis <luca@debian.org>:
Bug#201980; Package phpgroupware. Full text and rfc822 format available.

Acknowledgement sent to Thomas Viehmann <tv@beamnet.de>:
New Bug report received and forwarded. Copy sent to Luca - De Whiskey's - De Vitis <luca@debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Thomas Viehmann <tv@beamnet.de>
To: Debian Bug Tracking System <submit@bugs.debian.org>, mdz@debian.org
Subject: phpgroupware: Cross-Site-Scripting and SQL Insertion
Date: Fri, 18 Jul 2003 21:45:14 +0200
[Message part 1 (text/plain, inline)]
Package: phpgroupware
Version: 0.9.14.0.RC3.2-0.9.14.003
Severity: grave
Justification: non-root security hole
Tags: security patch

In phpgroupware (stable, testing, unstable) several security bugs have been
discovered.
They are fixed by upstream in 0.9.14.004 / 0.9.14.005.
The problems cross site scripting and sql insertion problems.
Parts are covered by the security advisory [1] available on the net, for other
information see the phpgroupware web page [2].

A patch with the backported (to woody) fixes is attached. I've quickly checked
that some very basic functions (mostly entering data) isn't affected by the
security fix. (I.e. entering addresses doesn't work in woody's present packages
and I've only fixed it locally but not in the attached patch.)

Cheers

T.

1. http://www.secnurity-corporation.com/articles-20030702-005.html
2. http://www.phpgroupware.org/


-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux hardy 2.4.21-tv #1 Thu Jul 17 00:13:19 CEST 2003 i686
Locale: LANG=en_US, LC_CTYPE=en_US

Versions of packages phpgroupware depends on:
ii  apache                      1.3.27.0-2   Versatile, high-performance HTTP s
ii  apache [httpd]              1.3.27.0-2   Versatile, high-performance HTTP s
ii  debconf                     1.3.4        Debian configuration management sy
ii  phpgroupware-admin          0.9.14.000-1 The phpGroupWare administration mo
ii  phpgroupware-core           0.9.14.000-1 The phpGroupWare core module
ii  phpgroupware-phpgwapi       0.9.14.000-1 The phpGroupWare API
ii  phpgroupware-preferences    0.9.14.000-1 The phpGroupWare preferences manag
ii  phpgroupware-setup          0.9.14.000-2 The phpGroupWare setup III module
ii  wwwconfig-common            0.0.19       Debian web auto configuration.
[phpgw.security.patch.txt (text/plain, inline)]
diff -urN phpgroupware-0.9.14.0.RC3.2/addressbook/inc/class.uiaddressbook.inc.php phpgroupware-0.9.14/addressbook/inc/class.uiaddressbook.inc.php
--- phpgroupware-0.9.14.0.RC3.2/addressbook/inc/class.uiaddressbook.inc.php	Fri Jul 18 20:33:53 2003
+++ phpgroupware-0.9.14/addressbook/inc/class.uiaddressbook.inc.php	Thu Jul 17 22:17:43 2003
@@ -881,10 +881,6 @@
 							$data = $coldata;
 						}
 					}
-					elseif($column == 'label' && $coldata)
-					{
-						$data .= $this->contacts->formatted_address($fields[0]['id'],'',False);
-					}
 					elseif ($column == 'url' && $coldata)
 					{
 						$ref = '<a href="' . $coldata . '" target="_new">';
@@ -902,6 +898,11 @@
 							$ref = '<a href="mailto:'.$coldata.'">';
 						}
 						$data = $coldata.'</a>';
+					}
+					elseif ($column == 'bday')
+					{
+						list($month,$day,$year) = explode('/',$coldata);
+						$data = $GLOBALS['phpgw']->common->dateformatorder($year,$month,$day,True);
 					}
 					else
 					{
diff -urN phpgroupware-0.9.14.0.RC3.2/chat/messages.php phpgroupware-0.9.14/chat/messages.php
--- phpgroupware-0.9.14.0.RC3.2/chat/messages.php	Mon Nov 19 06:03:35 2001
+++ phpgroupware-0.9.14/chat/messages.php	Thu Jul 17 22:23:49 2003
@@ -48,7 +48,7 @@
 		$GLOBALS['phpgw']->db->next_record();
 		for ($i = 0; $i < $GLOBALS['phpgw']->db->nf(); $i++)
 		{
-			echo '<font color="blue">' . $GLOBALS['phpgw']->db->f('sentby') . ' (' . $GLOBALS['phpgw']->common->show_date($GLOBALS['phpgw']->db->f('timesent'),'H:i.s') . '):  </font><font color="red">' . $GLOBALS['phpgw']->db->f('message') . '</font><br>';
+			echo '<font color="blue">' . htmlentities(stripslashes($GLOBALS['phpgw']->db->f('sentby'))) . ' (' . $GLOBALS['phpgw']->common->show_date($GLOBALS['phpgw']->db->f('timesent'),'H:i.s') . '):  </font><font color="red">' . htmlentities(stripslashes($GLOBALS['phpgw']->db->f('message'))) . '</font><br>';
 			$GLOBALS['phpgw']->db->next_record();
 		}		
 	}
diff -urN phpgroupware-0.9.14.0.RC3.2/debian/changelog phpgroupware-0.9.14/debian/changelog
--- phpgroupware-0.9.14.0.RC3.2/debian/changelog	Fri Jul 18 20:33:54 2003
+++ phpgroupware-0.9.14/debian/changelog	Fri Jul 18 20:56:48 2003
@@ -1,3 +1,13 @@
+phpgroupware (0.9.14-0.RC3.3.woody1) stable; urgency=high
+
+  * Security fix (Cross site scripting and sql insertion)
+    (These are the backports of the security fixes done upstream
+     between version 0.9.14.003 and 0.9.14.005, see phpgroupware.org
+     and <http://www.security-corporation.com/articles-20030702-005.html>)
+    Closes: XXXXX.
+
+ -- Thomas Viehmann <tv@beamnet.de>  Fri, 18 Jul 2003 20:56:35 +0200
+
 phpgroupware (0.9.14-0.RC3.2) unstable; urgency=high
 
   * debian/control file management fix (Closes: #144357).
diff -urN phpgroupware-0.9.14.0.RC3.2/infolog/inc/class.boinfolog.inc.php phpgroupware-0.9.14/infolog/inc/class.boinfolog.inc.php
--- phpgroupware-0.9.14.0.RC3.2/infolog/inc/class.boinfolog.inc.php	Fri Jul 18 20:33:54 2003
+++ phpgroupware-0.9.14/infolog/inc/class.boinfolog.inc.php	Thu Jul 17 22:33:02 2003
@@ -230,9 +230,7 @@
 		function readIdArray($order,$sort,$filter,$cat_id,$query,$action,$addr_id,
 									$proj_id,$info_id,$ordermethod,&$start,&$total)
 		{
-			return $this->so->readIdArray($order,$sort,$filter,$cat_id,$query,
-								  					$action,$addr_id,$proj_id,$info_id,
-													$ordermethod,$start,$total);
+			return      $this->so->search($order,$sort,$filter,$cat_id,$query,$action,$addr_id ? $addr_id : $proj_id,$info_id,$ordermethod,$start,$total);
 		}
 
 
diff -urN phpgroupware-0.9.14.0.RC3.2/infolog/inc/class.soinfolog.inc.php phpgroupware-0.9.14/infolog/inc/class.soinfolog.inc.php
--- phpgroupware-0.9.14.0.RC3.2/infolog/inc/class.soinfolog.inc.php	Thu Oct  4 21:04:58 2001
+++ phpgroupware-0.9.14/infolog/inc/class.soinfolog.inc.php	Fri Jul 18 21:27:11 2003
@@ -20,9 +20,6 @@
 		var $data = array( );
 		var $filters = array( );
 		var $user;
-		var $maybe_slashes = array (
-			'info_des'=>1,'info_subject'=>1,'info_from'=>1,'info_addr'=>1
-		);
 		function soinfolog( $info_id = 0)
 		{
 			$this->db     = $GLOBALS['phpgw']->db;
@@ -159,8 +156,9 @@
 				
 		function read($info_id)		// did _not_ ensure ACL
 		{
+			$info_id = intval($info_id);
 			if ($info_id <= 0 || $info_id != $this->data['info_id'] && 
-										(!$this->db->query("select * FROM phpgw_infolog where info_id='$info_id'") ||   !$this->db->next_record())) 
+										(!$this->db->query("select * FROM phpgw_infolog where info_id=$info_id",__LINE__,__FILE__) ||   !$this->db->next_record())) 
 			{
 				$this->init( );
 				return False;
@@ -168,10 +166,10 @@
 			if ($info_id != $this->data['info_id'])      // data yet read in
 			{
 				$this->data = $this->db->Record;
-				reset($this->maybe_slashes);
-				while (list($key) = each($this->maybe_slashes))
+				reset($this->data);
+				while (list($key,$val) = each($this->data))
 				{
-					$this->data[$key] = stripslashes($this->data[$key]);
+					$this->data[$key] = $GLOBALS['phpgw']->strip_html($val);
 				}
 			}
 			return $this->data;         
@@ -179,10 +177,14 @@
 		
 		function delete($info_id)  // did _not_ ensure ACL
 		{
-			$this->db->query("delete FROM phpgw_infolog where info_id='$info_id' or info_id_parent='"
-				. "$info_id' AND ((info_access='public' and info_owner != '$this->user')"
-				. " or (info_owner='$this->user'))" ,__LINE__,__FILE__);
-				
+			if (($info_id = intval($info_id)) <= 0)
+			{
+				return;
+			}
+			$this->db->query("delete FROM phpgw_infolog where info_id=$info_id or info_id_parent=$info_id" .
+				" AND ((info_access='public' and info_owner != $this->user) OR (info_owner=$this->user))",
+				__LINE__,__FILE__);
+
 			if ($this->data['info_id'] == $info_id)
 			{
 				$this->init( );            
@@ -199,20 +201,24 @@
 
 					$this->data[$key] = $val;   // update internal data
 
-					if ($this->maybe_slashes[$key])
+					switch($val['type'])	// protection against query-insertion
 					{
-						$val = addslashes($val);
+						case 'int': case 'auto':
+							$val = intval($val);
+							break;
+						default:
+							$val = "'".$this->db->db_addslashes($val)."'";
+							break;
 					}
 					$cols .= ($cols ? ',' : '').$key;
-					$vals .= ($vals ? ',' : '')."'$val'";
-					$query .= ($query ? ',' : '')."$key='$val'";
+					$vals .= ($vals ? ',' : '').$val;
+					$query .= ($query ? ',' : '')."$key=$val";
 				}
 			}
 			if ($values['info_id'])
 			{
-				$query = "UPDATE phpgw_infolog SET $query where info_id='".$values['info_id']."'";
-				$this->db->query($query,__LINE__,__FILE__);         
-				$this->data['info_id'] = $values['info_id'];
+				$query = "UPDATE phpgw_infolog SET $query where info_id='".$this->data['info_id']."'";
+				$this->db->query($query,__LINE__,__FILE__);
 			}
 			else
 			{
@@ -220,24 +226,27 @@
 				$this->db->query($query,__LINE__,__FILE__);
 				$this->data['info_id']=$this->db->get_last_insert_id('phpgw_infolog','info_id');
 			}
+			return $this->data['info_id'];
 		}
 
 		function anzSubs( $info_id )
 		{
-			$this->db->query('select count(*) FROM phpgw_infolog where '.
-								  "info_id_parent=$info_id",__LINE__,__FILE__);
+			if (($info_id = intval($info_id)) <= 0)
+			{
+				return 0;
+			}
+			$this->db->query("select count(*) FROM phpgw_infolog where info_id_parent=$info_id",__LINE__,__FILE__);
 
 			$this->db->next_record();
 
 			return $this->db->f(0);
 		}
 
-		function readIdArray($order,$sort,$filter,$cat_id,$query,$action,$addr_id,
-									$proj_id,$info_id,$ordermethod,&$start,&$total)
+		function search($order,$sort,$filter,$cat_id,$query,$action,$action_id,$ordermethod,&$start,&$total)
 		{
 			if ($order)
 			{
-			  $ordermethod = 'order by ' . $order . ' ' . $sort;
+			  $ordermethod = 'ORDER BY ' . $this->db->db_addslashes($order) . ' ' . $this->db->db_addslashes($sort);
 			}
 			else
 			{
@@ -248,19 +257,20 @@
 			$filtermethod .= $this->dateFilter($filter);
 			// echo "<p>filtermethod='$filtermethod'</p>";
 
-			if ($cat_id)
+			if (intval($cat_id))
 			{
-			  $filtermethod .= " AND info_cat='$cat_id' "; 
+			  $filtermethod .= ' AND info_cat='.intval($cat_id).' ';
 			}
 			switch ($action)
 			{
-				case 'addr':	$filtermethod .= " AND info_addr_id=$addr_id ";
+				case 'addr':	$filtermethod .= " AND info_addr_id=$action_id ";
 									break;
-				case 'proj':	$filtermethod .= " AND info_proj_id=$proj_id ";
+				case 'proj':	$filtermethod .= " AND info_proj_id=$action_id ";
 									break;
 			}
 			if ($query)			  // we search in _from, _subject and _des for $query
 			{
+				$query = $this->db->db_addslashes($query);
 				$sql_query = "AND (info_from like '%$query%' OR info_subject ".
 								 "like '%$query%' OR info_des like '%$query%') ";
 			}
@@ -271,8 +281,14 @@
 			{
 				$pid = '';
 			}
-			$this->db->query("SELECT COUNT(*) FROM phpgw_infolog WHERE $filtermethod $pid $sql_query",__LINE__,__FILE__);
-
+			$ids = array( );
+			if ($action == '' || $action == 'sp' || count($links))
+			{
+				$this->db->query($sql="SELECT COUNT(*) FROM phpgw_infolog i WHERE ($filtermethod $pid $sql_query) $link_extra",__LINE__,__FILE__);
+				
+				$this->db->next_record();
+				$total = $this->db->f(0);
+			}
 			$this->db->next_record();
 			$total = $this->db->f(0);
 
diff -urN phpgroupware-0.9.14.0.RC3.2/infolog/inc/class.uiinfolog.inc.php phpgroupware-0.9.14/infolog/inc/class.uiinfolog.inc.php
--- phpgroupware-0.9.14.0.RC3.2/infolog/inc/class.uiinfolog.inc.php	Fri Jul 18 20:33:54 2003
+++ phpgroupware-0.9.14/infolog/inc/class.uiinfolog.inc.php	Thu Jul 17 22:36:56 2003
@@ -883,11 +883,11 @@
 												'type',$type,$this->bo->enums['type']),True));
 
 			$t->set_var('lang_prfrom', lang('From'));
-			if (!isset($from)) $from =$GLOBALS['phpgw']->strip_html($this->bo->so->data['info_from']);
+			if (!isset($from)) $from = $this->bo->so->data['info_from'];
 			$t->set_var('fromval', $from);
 
 			$t->set_var('lang_praddr', lang('Phone/Email'));
-			if (!isset($addr)) $addr =$GLOBALS['phpgw']->strip_html($this->bo->so->data['info_addr']);
+			if (!isset($addr)) $addr = $this->bo->so->data['info_addr'];
 			$t->set_var('addrval', $addr);
 
 			if (!isset($id_project)) $id_project = $this->bo->so->data['info_proj_id'];
@@ -898,12 +898,12 @@
 
 			$t->set_var('lang_prsubject', lang('Subject'));
 			if (!isset($subject)) {
-				$subject = $GLOBALS['phpgw']->strip_html($this->bo->so->data['info_subject']);
+				$subject = $this->bo->so->data['info_subject'];
 			}
 			$t->set_var('subjectval', $subject);
 
 			$t->set_var('lang_prdesc', lang('Description'));
-			if (!isset($des)) $des = $GLOBALS['phpgw']->strip_html($this->bo->so->data['info_des']);
+			if (!isset($des)) $des = $this->bo->so->data['info_des'];
 			$t->set_var('descval', $des);
 
 			$t->set_var('lang_start_date',lang('Startdate'));
diff -urN phpgroupware-0.9.14.0.RC3.2/phpgwapi/inc/class.contacts_shared.inc.php phpgroupware-0.9.14/phpgwapi/inc/class.contacts_shared.inc.php
--- phpgroupware-0.9.14.0.RC3.2/phpgwapi/inc/class.contacts_shared.inc.php	Sun Jan  6 00:57:41 2002
+++ phpgroupware-0.9.14/phpgwapi/inc/class.contacts_shared.inc.php	Thu Jul 17 22:59:24 2003
@@ -302,38 +302,42 @@
 				'adr_two_countryname'	=> 'adr_two_countryname'
 			);
 
-			$address = $this->read_single_entry($id,$fields);
+			list($address) = $this->read_single_entry($id,$fields);
+			foreach($address as $k => $val)
+			{
+				$address[$k] = $GLOBALS['phpgw']->strip_html($val);
+			}
 
-			if ($address[0]['title'])
+			if ($address['title'])
 			{
-				$title = $address[0]['title'] . '&nbsp;';
+				$title = $address['title'] . '&nbsp;';
 			}
 
 			if ($business)
 			{
-				if ($address[0]['org_name'])
+				if ($address['org_name'])
 				{
-					$company = $address[0]['org_name'];
+					$company = $address['org_name'];
 				}
 				else
 				{
-					$company = $title . $address[0]['n_given'] . '&nbsp;' . $address[0]['n_family'];
+					$company = $title . $address['n_given'] . '&nbsp;' . $address['n_family'];
 				}
 
-				$street  = $address[0]['adr_one_street'];
-				$city    = $address[0]['adr_one_locality'];
-				$zip     = $address[0]['adr_one_postalcode'];
-				$state   = $address[0]['adr_one_region'];
-				$country = $address[0]['adr_one_countryname'];
+				$street  = $address['adr_one_street'];
+				$city    = $address['adr_one_locality'];
+				$zip     = $address['adr_one_postalcode'];
+				$state   = $address['adr_one_region'];
+				$country = $address['adr_one_countryname'];
 			}
 			else
 			{
-				$company = $title . $address[0]['n_given'] . '&nbsp;' . $address[0]['n_family'];
-				$street  = $address[0]['adr_two_street'];
-				$city    = $address[0]['adr_two_locality'];
-				$zip     = $address[0]['adr_two_postalcode'];
-				$state   = $address[0]['adr_two_region'];
-				$country = $address[0]['adr_two_countryname'];
+				$company = $title . $address['n_given'] . '&nbsp;' . $address['n_family'];
+				$street  = $address['adr_two_street'];
+				$city    = $address['adr_two_locality'];
+				$zip     = $address['adr_two_postalcode'];
+				$state   = $address['adr_two_region'];
+				$country = $address['adr_two_countryname'];
 			}
 
 			if (! $country)
@@ -358,7 +362,7 @@
 			$a .= $t->set_var('font',$afont);
 			$a .= $t->set_var('fontsize',$asize);
 			$a .= $t->set_var('company',$company);
-			$a .= $t->set_var('department',$address[0]['org_unit']);
+			$a .= $t->set_var('department',$address['org_unit']);
 			$a .= $t->set_var('street',$street);
 			$a .= $t->set_var('city',$city);
 			$a .= $t->set_var('zip',$zip);
@@ -404,42 +408,46 @@
 				'email_home'			=> 'email_home'
 			);
 
-			$address = $this->read_single_entry($id,$fields);
+			list($address) = $this->read_single_entry($id,$fields);
+			foreach($address as $k => $val)
+			{
+				$address[$k] = $GLOBALS['phpgw']->strip_html($val);
+			}
 
-			if ($address[0]['title'])
+			if ($address['title'])
 			{
-				$title = $address[0]['title'] . '&nbsp;';
+				$title = $address['title'] . '&nbsp;';
 			}
 
 			if ($business)
 			{
-				if ($address[0]['org_name'])
+				if ($address['org_name'])
 				{
-					$company = $address[0]['org_name'];
+					$company = $address['org_name'];
 				}
 				else
 				{
-					$company = $title . $address[0]['n_given'] . '&nbsp;' . $address[0]['n_family'];
+					$company = $title . $address['n_given'] . '&nbsp;' . $address['n_family'];
 				}
 
-				$street		= $address[0]['adr_one_street'];
-				$city		= $address[0]['adr_one_locality'];
-				$zip		= $address[0]['adr_one_postalcode'];
-				$state		= $address[0]['adr_one_region'];
-				$country	= $address[0]['adr_one_countryname'];
-				$tel		= $address[0]['tel_work'];
-				$email		= $address[0]['email'];
+				$street		= $address['adr_one_street'];
+				$city		= $address['adr_one_locality'];
+				$zip		= $address['adr_one_postalcode'];
+				$state		= $address['adr_one_region'];
+				$country	= $address['adr_one_countryname'];
+				$tel		= $address['tel_work'];
+				$email		= $address['email'];
 			}
 			else
 			{
-				$company	= $title . $address[0]['n_given'] . '&nbsp;' . $address[0]['n_family'];
-				$street		= $address[0]['adr_two_street'];
-				$city		= $address[0]['adr_two_locality'];
-				$zip		= $address[0]['adr_two_postalcode'];
-				$state		= $address[0]['adr_two_region'];
-				$country	= $address[0]['adr_two_countryname'];
-				$tel		= $address[0]['tel_home'];
-				$email		= $address[0]['email_home'];
+				$company	= $title . $address['n_given'] . '&nbsp;' . $address['n_family'];
+				$street		= $address['adr_two_street'];
+				$city		= $address['adr_two_locality'];
+				$zip		= $address['adr_two_postalcode'];
+				$state		= $address['adr_two_region'];
+				$country	= $address['adr_two_countryname'];
+				$tel		= $address['tel_home'];
+				$email		= $address['email_home'];
 			}
 
 			if (! $country)
@@ -468,15 +476,15 @@
 			$a .= $t->set_var('lang_fax',lang('fax number'));
 			$a .= $t->set_var('lang_fon',lang('phone number'));
 			$a .= $t->set_var('company',$company);
-			$a .= $t->set_var('department',$address[0]['org_unit']);
+			$a .= $t->set_var('department',$address['org_unit']);
 			$a .= $t->set_var('street',$street);
 			$a .= $t->set_var('city',$city);
 			$a .= $t->set_var('zip',$zip);
 			$a .= $t->set_var('state',$state);
 			$a .= $t->set_var('email',$email);
 			$a .= $t->set_var('tel',$tel);
-			$a .= $t->set_var('fax',$address[0]['tel_fax']);
-			$a .= $t->set_var('url',$address[0]['url']);
+			$a .= $t->set_var('fax',$address['tel_fax']);
+			$a .= $t->set_var('url',$address['url']);
 
 			if ($country != $GLOBALS['phpgw_info']['user']['preferences']['common']['country'])
 			{
@@ -511,38 +519,42 @@
 				'adr_two_countryname'	=> 'adr_two_countryname'
 			);
 
-			$address = $this->read_single_entry($id,$fields);
+			list($address) = $this->read_single_entry($id,$fields);
+			foreach($address as $k => $val)
+			{
+				$address[$k] = $GLOBALS['phpgw']->strip_html($val);
+			}
 
-			if ($address[0]['title'])
+			if ($address['title'])
 			{
-				$title = $address[0]['title'] . '&nbsp;';
+				$title = $address['title'] . '&nbsp;';
 			}
 
 			if ($business)
 			{
-				if ($address[0]['org_name'])
+				if ($address['org_name'])
 				{
-					$company = $address[0]['org_name'];
+					$company = $address['org_name'];
 				}
 				else
 				{
-					$company = $title . $address[0]['n_given'] . '&nbsp;' . $address[0]['n_family'];
+					$company = $title . $address['n_given'] . '&nbsp;' . $address['n_family'];
 				}
 
-				$street  = $address[0]['adr_one_street'];
-				$city    = $address[0]['adr_one_locality'];
-				$zip     = $address[0]['adr_one_postalcode'];
-				$state   = $address[0]['adr_one_region'];
-				$country = $address[0]['adr_one_countryname'];
+				$street  = $address['adr_one_street'];
+				$city    = $address['adr_one_locality'];
+				$zip     = $address['adr_one_postalcode'];
+				$state   = $address['adr_one_region'];
+				$country = $address['adr_one_countryname'];
 			}
 			else
 			{
-				$company = $title . $address[0]['n_given'] . '&nbsp;' . $address[0]['n_family'];
-				$street  = $address[0]['adr_two_street'];
-				$city    = $address[0]['adr_two_locality'];
-				$zip     = $address[0]['adr_two_postalcode'];
-				$state   = $address[0]['adr_two_region'];
-				$country = $address[0]['adr_two_countryname'];
+				$company = $title . $address['n_given'] . '&nbsp;' . $address['n_family'];
+				$street  = $address['adr_two_street'];
+				$city    = $address['adr_two_locality'];
+				$zip     = $address['adr_two_postalcode'];
+				$state   = $address['adr_two_region'];
+				$country = $address['adr_two_countryname'];
 			}
 
 			if (! $country)
diff -urN phpgroupware-0.9.14.0.RC3.2/phpgwapi/templates/default/config.tpl phpgroupware-0.9.14/phpgwapi/templates/default/config.tpl
--- phpgroupware-0.9.14.0.RC3.2/phpgwapi/templates/default/config.tpl	Sat Jan  5 21:40:44 2002
+++ phpgroupware-0.9.14/phpgwapi/templates/default/config.tpl	Thu Jul 17 23:02:31 2003
@@ -17,7 +17,7 @@
    </tr>
 
    <tr bgcolor="{row_off}">
-    <td>{lang_Enter_the_full_path_for_users_and_group_files.<br>Examples:_/files,_E:\FILES}:</td>
+    <td>{lang_Enter_the_full_path_for_users_and_group_files.<br>Examples:_/files,_E:\FILES}:<br><b>{lang_This_has_to_be_outside_the_webservers_document-root!!!}</b></td>
     <td><input name="newsettings[files_dir]" value="{value_files_dir}" size="40"></td>
    </tr>
    
diff -urN phpgroupware-0.9.14.0.RC3.2/projects/inc/class.uiprojects.inc.php phpgroupware-0.9.14/projects/inc/class.uiprojects.inc.php
--- phpgroupware-0.9.14.0.RC3.2/projects/inc/class.uiprojects.inc.php	Fri Jul 18 20:33:54 2003
+++ phpgroupware-0.9.14/projects/inc/class.uiprojects.inc.php	Thu Jul 17 23:04:59 2003
@@ -854,6 +854,9 @@
 			$this->t->set_var('status',$values['status']);
 			$this->t->set_var('budget',$values['budget']);
 			$this->t->set_var('currency',$prefs['currency']);
+			$this->t->set_var('number',$GLOBALS['phpgw']->strip_html($values['number']));
+			$this->t->set_var('title',$GLOBALS['phpgw']->strip_html($values['title']));
+			$this->t->set_var('descr',$GLOBALS['phpgw']->strip_html($values['descr']));
 
 			$sdate = $values['sdate'];
 			$edate = $values['edate'];
[Message part 3 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Luca - De Whiskey's - De Vitis <luca@debian.org>:
Bug#201980; Package phpgroupware. Full text and rfc822 format available.

Acknowledgement sent to Thomas Viehmann <tv@beamnet.de>:
Extra info received and forwarded to list. Copy sent to Luca - De Whiskey's - De Vitis <luca@debian.org>. Full text and rfc822 format available.

Message #10 received at 201980@bugs.debian.org (full text, mbox):

From: Thomas Viehmann <tv@beamnet.de>
To: 201980@bugs.debian.org
Subject: OK. The patch seems to work for me...
Date: Sat, 19 Jul 2003 10:24:43 +0200
[Message part 1 (text/plain, inline)]
Hi.

Two or three points I'd like to add:
- I've played around some more with the patched phpgroupware and AFAICT it works
  ok.
- The method I've compiled the patch was to see what files differed between
  the unfixed and the fixed upstream release and then scanned their CVS logs
  for all recent entries that didn't eliminate the possibility of being security
  related (i.e. "fix" was also considered). I've then taken out everything not
  applicable to woody's version.
- I've not done anything about the vfs (phpgw "virtual file system", directory
  where data is stored on disk) issue mentioned on the phpgw page (if it's
  within the web server's document search path, the webserver could be tricked
  to execute arbitrary code) because I think that that's a question of proper
  configuration.

Cheers

T.

[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Luca - De Whiskey's - De Vitis <luca@debian.org>:
Bug#201980; Package phpgroupware. Full text and rfc822 format available.

Acknowledgement sent to Matt Zimmerman <mdz@debian.org>:
Extra info received and forwarded to list. Copy sent to Luca - De Whiskey's - De Vitis <luca@debian.org>. Full text and rfc822 format available.

Message #15 received at 201980@bugs.debian.org (full text, mbox):

From: Matt Zimmerman <mdz@debian.org>
To: Thomas Viehmann <tv@beamnet.de>, 201980@bugs.debian.org
Subject: Re: phpgroupware: Cross-Site-Scripting and SQL Insertion
Date: Mon, 21 Jul 2003 13:34:18 -0400
On Fri, Jul 18, 2003 at 09:45:14PM +0200, Thomas Viehmann wrote:

Thanks for looking into this.

> diff -urN phpgroupware-0.9.14.0.RC3.2/addressbook/inc/class.uiaddressbook.inc.php phpgroupware-0.9.14/addressbook/inc/class.uiaddressbook.inc.php
> --- phpgroupware-0.9.14.0.RC3.2/addressbook/inc/class.uiaddressbook.inc.php	Fri Jul 18 20:33:53 2003
> +++ phpgroupware-0.9.14/addressbook/inc/class.uiaddressbook.inc.php	Thu Jul 17 22:17:43 2003
> @@ -881,10 +881,6 @@
>  							$data = $coldata;
>  						}
>  					}
> -					elseif($column == 'label' && $coldata)
> -					{
> -						$data .= $this->contacts->formatted_address($fields[0]['id'],'',False);
> -					}
>  					elseif ($column == 'url' && $coldata)
>  					{
>  						$ref = '<a href="' . $coldata . '" target="_new">';
> @@ -902,6 +898,11 @@
>  							$ref = '<a href="mailto:'.$coldata.'">';
>  						}
>  						$data = $coldata.'</a>';
> +					}
> +					elseif ($column == 'bday')
> +					{
> +						list($month,$day,$year) = explode('/',$coldata);
> +						$data = $GLOBALS['phpgw']->common->dateformatorder($year,$month,$day,True);
>  					}
>  					else
>  					{

I don't understand this part of the patch.  What problem is it meant to
solve?

> diff -urN phpgroupware-0.9.14.0.RC3.2/infolog/inc/class.boinfolog.inc.php phpgroupware-0.9.14/infolog/inc/class.boinfolog.inc.php
> --- phpgroupware-0.9.14.0.RC3.2/infolog/inc/class.boinfolog.inc.php	Fri Jul 18 20:33:54 2003
> +++ phpgroupware-0.9.14/infolog/inc/class.boinfolog.inc.php	Thu Jul 17 22:33:02 2003
> @@ -230,9 +230,7 @@
>  		function readIdArray($order,$sort,$filter,$cat_id,$query,$action,$addr_id,
>  									$proj_id,$info_id,$ordermethod,&$start,&$total)
>  		{
> -			return $this->so->readIdArray($order,$sort,$filter,$cat_id,$query,
> -								  					$action,$addr_id,$proj_id,$info_id,
> -													$ordermethod,$start,$total);
> +			return      $this->so->search($order,$sort,$filter,$cat_id,$query,$action,$addr_id ? $addr_id : $proj_id,$info_id,$ordermethod,$start,$total);
>  		}
>  
>  

Likewise.

Otherwise, the patch looks OK at first glance.

Where can I find authoritative information on the SQL injection
vulnerability?  It was not in the security-corporation advisory.

-- 
 - mdz



Information forwarded to debian-bugs-dist@lists.debian.org, Luca - De Whiskey's - De Vitis <luca@debian.org>:
Bug#201980; Package phpgroupware. Full text and rfc822 format available.

Acknowledgement sent to Thomas Viehmann <tv@beamnet.de>:
Extra info received and forwarded to list. Copy sent to Luca - De Whiskey's - De Vitis <luca@debian.org>. Full text and rfc822 format available.

Message #20 received at 201980@bugs.debian.org (full text, mbox):

From: Thomas Viehmann <tv@beamnet.de>
To: mdz@debian.org, team@security.debian.org, 201980@bugs.debian.org
Subject: [Fwd: [Phpgroupware-developers] phpGroupWare SECURITY RELEASE 0.9.14.006 - PLEASE UPDATE IMEDIATLY]
Date: Tue, 22 Jul 2003 06:22:19 +0200
[Message part 1 (text/plain, inline)]
Hi.

Another security update of phpGroupWare· I'll see to updating the patch.

Cheers

T.


-------- Original Message --------
From: - Tue Jul 22 06:19:27 2003
To: phpgroupware-developers@gnu.org
Subject: [Phpgroupware-developers] phpGroupWare SECURITY RELEASE 0.9.14.006	-
PLEASE UPDATE IMEDIATLY

Hi all,

this release fixes a just discovered exploit in phpGroupWare.

The exploit works for *ALL* branches (.14, .16 and HEAD) !!!

EVERYONE, PLEASE UPDATE IMEDIATLY !!!

There is also one calendar bug fixed in this release: Dayview is
displaying events again (was broken in .14.005) and germany manual files
for some apps added.

You can grab it via a cvs update or from http://phpgroupware.org/downloads/

Cheers

Ralf Becker
on behalf of the phpGroupWare Development Crew
-- 
----------------------------------------------------------------------
Ralf Becker
OUTDOOR UNLIMITED Training GmbH                Telefon 0631 / 31657-0
Leibnizstraße 17                               Telefax 0631 / 31657-26
D-67663 Kaiserslautern            EMail RalfBecker@outdoor-training.de



_______________________________________________
Phpgroupware-developers mailing list
Phpgroupware-developers@gnu.org
http://mail.gnu.org/mailman/listinfo/phpgroupware-developers
[Message part 2 (application/pgp-signature, inline)]

Tags added: fixed Request was from Thomas Viehmann <tv@beamnet.de> to control@bugs.debian.org. Full text and rfc822 format available.

Tags added: fixed Request was from Thomas Viehmann <tv@beamnet.de> to control@bugs.debian.org. Full text and rfc822 format available.

Tags added: fixed Request was from Thomas Viehmann <tv@beamnet.de> to control@bugs.debian.org. Full text and rfc822 format available.

Tags removed: fixed Request was from Thomas Viehmann <tv@beamnet.de> to control@bugs.debian.org. Full text and rfc822 format available.

Tags added: pending, sid Request was from Thomas Viehmann <tv@beamnet.de> to control@bugs.debian.org. Full text and rfc822 format available.

Tags removed: fixed Request was from Thomas Viehmann <tv@beamnet.de> to control@bugs.debian.org. Full text and rfc822 format available.

Tags added: pending, sid Request was from Thomas Viehmann <tv@beamnet.de> to control@bugs.debian.org. Full text and rfc822 format available.

Reply sent to Thomas Viehmann <tv@beamnet.de>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Thomas Viehmann <tv@beamnet.de>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #39 received at 201980-close@bugs.debian.org (full text, mbox):

From: Thomas Viehmann <tv@beamnet.de>
To: 201980-close@bugs.debian.org
Subject: Bug#201980: fixed in phpgroupware 0.9.14.007-4
Date: Mon, 05 Jan 2004 01:47:21 -0500
Source: phpgroupware
Source-Version: 0.9.14.007-4

We believe that the bug you reported is fixed in the latest version of
phpgroupware, which is due to be installed in the Debian FTP archive:

phpgroupware-addressbook_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-addressbook_0.9.14.007-4_all.deb
phpgroupware-admin_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-admin_0.9.14.007-4_all.deb
phpgroupware-backup_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-backup_0.9.14.007-4_all.deb
phpgroupware-bookmarks_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-bookmarks_0.9.14.007-4_all.deb
phpgroupware-brewer_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-brewer_0.9.14.007-4_all.deb
phpgroupware-calendar_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-calendar_0.9.14.007-4_all.deb
phpgroupware-chat_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-chat_0.9.14.007-4_all.deb
phpgroupware-chora_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-chora_0.9.14.007-4_all.deb
phpgroupware-comic_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-comic_0.9.14.007-4_all.deb
phpgroupware-core_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-core_0.9.14.007-4_all.deb
phpgroupware-developer-tools_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-developer-tools_0.9.14.007-4_all.deb
phpgroupware-dj_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-dj_0.9.14.007-4_all.deb
phpgroupware-eldaptir_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-eldaptir_0.9.14.007-4_all.deb
phpgroupware-email_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-email_0.9.14.007-4_all.deb
phpgroupware-felamimail_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-felamimail_0.9.14.007-4_all.deb
phpgroupware-forum_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-forum_0.9.14.007-4_all.deb
phpgroupware-ftp_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-ftp_0.9.14.007-4_all.deb
phpgroupware-headlines_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-headlines_0.9.14.007-4_all.deb
phpgroupware-hr_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-hr_0.9.14.007-4_all.deb
phpgroupware-img_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-img_0.9.14.007-4_all.deb
phpgroupware-infolog_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-infolog_0.9.14.007-4_all.deb
phpgroupware-inv_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-inv_0.9.14.007-4_all.deb
phpgroupware-manual_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-manual_0.9.14.007-4_all.deb
phpgroupware-meerkat_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-meerkat_0.9.14.007-4_all.deb
phpgroupware-messenger_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-messenger_0.9.14.007-4_all.deb
phpgroupware-netsaint_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-netsaint_0.9.14.007-4_all.deb
phpgroupware-news-admin_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-news-admin_0.9.14.007-4_all.deb
phpgroupware-nntp_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-nntp_0.9.14.007-4_all.deb
phpgroupware-notes_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-notes_0.9.14.007-4_all.deb
phpgroupware-phonelog_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-phonelog_0.9.14.007-4_all.deb
phpgroupware-phpgwapi_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-phpgwapi_0.9.14.007-4_all.deb
phpgroupware-phpsysinfo_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-phpsysinfo_0.9.14.007-4_all.deb
phpgroupware-phpwebhosting_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-phpwebhosting_0.9.14.007-4_all.deb
phpgroupware-polls_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-polls_0.9.14.007-4_all.deb
phpgroupware-preferences_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-preferences_0.9.14.007-4_all.deb
phpgroupware-projects_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-projects_0.9.14.007-4_all.deb
phpgroupware-registration_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-registration_0.9.14.007-4_all.deb
phpgroupware-setup_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-setup_0.9.14.007-4_all.deb
phpgroupware-skel_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-skel_0.9.14.007-4_all.deb
phpgroupware-soap_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-soap_0.9.14.007-4_all.deb
phpgroupware-stocks_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-stocks_0.9.14.007-4_all.deb
phpgroupware-todo_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-todo_0.9.14.007-4_all.deb
phpgroupware-xmlrpc_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware-xmlrpc_0.9.14.007-4_all.deb
phpgroupware_0.9.14.007-4.diff.gz
  to pool/main/p/phpgroupware/phpgroupware_0.9.14.007-4.diff.gz
phpgroupware_0.9.14.007-4.dsc
  to pool/main/p/phpgroupware/phpgroupware_0.9.14.007-4.dsc
phpgroupware_0.9.14.007-4_all.deb
  to pool/main/p/phpgroupware/phpgroupware_0.9.14.007-4_all.deb
phpgroupware_0.9.14.007.orig.tar.gz
  to pool/main/p/phpgroupware/phpgroupware_0.9.14.007.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 201980@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thomas Viehmann <tv@beamnet.de> (supplier of updated phpgroupware package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat,  3 Jan 2004 21:47:07 +0100
Source: phpgroupware
Binary: phpgroupware-stocks phpgroupware-skel phpgroupware-chora phpgroupware-email phpgroupware-netsaint phpgroupware-admin phpgroupware-meerkat phpgroupware-inv phpgroupware-notes phpgroupware-hr phpgroupware-preferences phpgroupware-felamimail phpgroupware-infolog phpgroupware-headlines phpgroupware-brewer phpgroupware-backup phpgroupware-news-admin phpgroupware-img phpgroupware-developer-tools phpgroupware-forum phpgroupware-nntp phpgroupware-chat phpgroupware-messenger phpgroupware-projects phpgroupware-polls phpgroupware-ftp phpgroupware-xmlrpc phpgroupware-dj phpgroupware-bookmarks phpgroupware-manual phpgroupware-calendar phpgroupware-phpsysinfo phpgroupware-eldaptir phpgroupware-registration phpgroupware-core phpgroupware-phonelog phpgroupware-setup phpgroupware-phpgwapi phpgroupware-comic phpgroupware-addressbook phpgroupware-phpwebhosting phpgroupware phpgroupware-todo phpgroupware-soap
Architecture: source all
Version: 0.9.14.007-4
Distribution: unstable
Urgency: low
Maintainer: Thomas Viehmann <tv@beamnet.de>
Changed-By: Thomas Viehmann <tv@beamnet.de>
Description: 
 phpgroupware - web based groupWare system written in PHP
 phpgroupware-addressbook - phpGrouhpWare addressbook management module
 phpgroupware-admin - phpGroupWare administration module
 phpgroupware-backup - phpGroupWare backup module
 phpgroupware-bookmarks - phpGroupWare bookmark management module
 phpgroupware-brewer - phpGroupWare homebrewing module
 phpgroupware-calendar - phpGroupWare calendar management module
 phpgroupware-chat - phpGroupWare chat module
 phpgroupware-chora - phpGroupWare CVS interface module
 phpgroupware-comic - phpGroupWare comic strip parser module
 phpgroupware-core - empty transitional package for phpGroupWare
 phpgroupware-developer-tools - phpGroupWare developer tools
 phpgroupware-dj - phpGroupWare mp3 db interface module
 phpgroupware-eldaptir - phpGroupWare LDAP tree editor module
 phpgroupware-email - phpGroupWare E-Mail client module
 phpgroupware-felamimail - phpGroupWare felamimail (Squirrelmail) module
 phpgroupware-forum - phpGroupWare forum module
 phpgroupware-ftp - phpGroupWare ftp module
 phpgroupware-headlines - phpGroupWare headlines catcher module
 phpgroupware-hr - phpGroupWare human resource management module
 phpgroupware-img - phpGroupWare image editor module
 phpgroupware-infolog - phpGroupWare infolog applcation
 phpgroupware-inv - phpGroupWare inventory module
 phpgroupware-manual - phpGroupWare on-line manual module
 phpgroupware-meerkat - phpGroupWare Meerkat's story module
 phpgroupware-messenger - phpGroupWare messenger module
 phpgroupware-netsaint - phpGroupWare NetSaint administration module
 phpgroupware-news-admin - phpGroupWare news administration interface
 phpgroupware-nntp - phpGroupWare newsgroup reader module
 phpgroupware-notes - phpGroupWare notes management module
 phpgroupware-phonelog - phpGroupWare phone logging module
 phpgroupware-phpgwapi - phpGroupWare API
 phpgroupware-phpsysinfo - phpGroupWare phpSysInfo module
 phpgroupware-phpwebhosting - phpGroupWare next generation file manager module
 phpgroupware-polls - phpGroupWare polling module
 phpgroupware-preferences - phpGroupWare preferences management module
 phpgroupware-projects - phpGroupWare projects management module
 phpgroupware-registration - phpGroupWare registration module
 phpgroupware-setup - phpGroupWare setup III module
 phpgroupware-skel - phpGroupWare skeleton module
 phpgroupware-soap - phpGroupWare SOAP module
 phpgroupware-stocks - phpGroupWare stock management module
 phpgroupware-todo - phpGroupWare todo list management module
 phpgroupware-xmlrpc - phpGroupWare XMLRPC module
Closes: 164354 166574 166579 170818 170820 170841 173871 181935 183896 183991 197702 201980 207777 207797 209692 209809 209817 209832 209941 209954 209980 209992 210043 210064 210143 210153 210176 211161 211639 216306 225342
Changes: 
 phpgroupware (0.9.14.007-4) unstable; urgency=low
 .
   * Uwe Steinmann and Jamin W. Collins did some more bug research.
     Quite a few were closed by the packaging changes and upstream
     bug fixing.
     - Preservation of user changes (Closes: #170820)
     - Configuration of apache-ssl on initial install (Closes: #166574)
     - fixed postrm bug dupe (Closes: #170841)
     - ldap schema now included (Closes: #197702)
     - README.Debian was written. (Closes: #170818)
     - Version display on login page even shows debian revision
       (Closes: #166579)
     - wwwconfig-common not called if removed during purge
       (Closes: #211161, #211639)
     - wwwconfig-common bug in mysql execution fixed (Closes: #207777)
     - '&' in passwords seems to work now (Closes: #181935)
     Fix permissions to /var/lib/phpgroupware/sessions
     This fixes php4 session type. (Closes: #173871)
   * The descriptions have been improved.
     Closes: #209809, #210153, #209817, #209941, #210043, #210176, #210064,
     #210143, #209692, #209954, #209832, #209980, #209992.
 .
 phpgroupware (0.9.14.007-3) unstable; urgency=low
 .
   * Various rules file improvements, allow splitting of source packages
     if desired.
   * Drop packages not yet in sid. (See debian/control.disabled in source.)
 .
 phpgroupware (0.9.14.007-2) unstable; urgency=low
 .
   * Some configuration (debconf use) modifications.
     (Good ideas by Jamin W. Collins (thanks!), bad mistakes by myself.)
     - Remove old debconf upgrade notice
     - Erase admin password in postinst/postrm and reprompt
       where needed.
     - Rephrase some questions.
     - Try to guess administrator name.
     - Reduce db options to mysql and postgres.
   * Fixes to the web based configuration in phpGroupWare
     (Again, thanks to Jamin)
     - Add big fat notice about passwords being displayed in header
       configuration until a fix for the fact itself is ready
     - Fix display of "configuration complete" (in setup/index.php)
       before the user has seen setup/config.php.
     - Improve some language-output. (English only, this needs to be
       better.)
   * Include some modules that had not been in control file.
   * Grant locking rights to phpgroupware mysql account (closes: #225342)
 .
 phpgroupware (0.9.14.007-1) unstable; urgency=low
 .
   * New upstream release
     Security fixes (Closes: #216306):
      - SQL injection in infolog (escaping strings in queries)
      - script injection in calendar
        (holiday files now need extension .txt)
        postinst of calendar will rename files in
        /usr/share/phpgroupware/calendar/phpgroupware.org
   * Remove empty phpgroupware/examples directory
     (Suggestion by Uwe Steinmann, thanks)
   * Fix permissions of files directory (Closes: #207797)
   * New Debian maintainer.
   * Remove link /usr/share/phpgroupware/files, this is needed
     to fix vfs storage problem noted in CAN-2003-0599 and
     addressed by version 0.9.14.005.
   * Fold phpgroupware-core package into phpgroupware.
   * Tweak the build process to weed out lintian errors and reduce
     the number of warnings.
 .
 phpgroupware (0.9.14.006-1) unstable; urgency=low
 .
   * Inofficial release not for debian general usage.
   * New upstream release
   * Corrected illfix to #183896. (Correction pointed out by Luca.)
 .
 phpgroupware (0.9.14.005-1) unstable; urgency=low
 .
   * New upstream version
 .
     Includes security fixes for
     - cross site scripting (CAN-2003-0504),
       see <http://www.security-corporation.com/articles-20030702-005.html>
     - sql insertion (CAN-2003-0657)
     - vfs storage in document dir now prohibited (CAN-2003-0599)
     - Remove $appdir in includes in tables_update.inc.php to prevent
       execution of arbitrary scripts.
     Closes: #201980
 .
   * Repackaging more or less from scratch.
     - Used parts from Luca's / Tilo's packaging.
       See changelog.old.gz for details.
     - Undo source split.
   * Skip invocation wwwconfig-common's utils when they're not present.
     (Closes: #183896)
   * Call db_stop after debhelper includes. (Closes: #164354)
   * Add patch by Toni Mueller to fix manageheader.php's inclusion of
     header.inc.php. (Closes: #183991).
Files: 
 ec4234cdc7cdb0c680d16ebfc5a5c33c 1544 web optional phpgroupware_0.9.14.007-4.dsc
 928d82976cd179b8117b22fea01c1c31 26288 web optional phpgroupware_0.9.14.007-4.diff.gz
 7943d33781c7d38f60a5035eee9558cc 7066920 web optional phpgroupware_0.9.14.007.orig.tar.gz
 0c8cccb202b11cb094658d1cf6b635e9 117188 web optional phpgroupware_0.9.14.007-4_all.deb
 b4f3c7da6cfe867b56ea891c6d7ff679 3960 web optional phpgroupware-core_0.9.14.007-4_all.deb
 86f9e1068b441d92ec3a81508fa71af5 84426 web optional phpgroupware-addressbook_0.9.14.007-4_all.deb
 f873f801dbe56f831bbdecbcb85f3a15 139868 web optional phpgroupware-admin_0.9.14.007-4_all.deb
 44e2e89b44bdf5a07d5fd3b03febae48 24052 web optional phpgroupware-backup_0.9.14.007-4_all.deb
 4c007db84e19f79eda1449a4ff29f794 110924 web optional phpgroupware-bookmarks_0.9.14.007-4_all.deb
 b47aef035fc21b1db07d12080fccd1d9 53538 web optional phpgroupware-brewer_0.9.14.007-4_all.deb
 37f9a517d2057a7c1c9513cd1ec7befb 250368 web optional phpgroupware-calendar_0.9.14.007-4_all.deb
 4da735437f9ef7e9a23226dca7923aa2 14812 web optional phpgroupware-chat_0.9.14.007-4_all.deb
 85d7feca770a28067190b2574201ef62 43082 web optional phpgroupware-chora_0.9.14.007-4_all.deb
 38f71ee40b8ab3b0299cadb87fb27ca1 225938 web optional phpgroupware-comic_0.9.14.007-4_all.deb
 1cbeb3949a6a429b1444a5a2dd11b58a 35768 web optional phpgroupware-dj_0.9.14.007-4_all.deb
 359f113b70bc0fb689ea608fa6aef2a3 46966 web optional phpgroupware-eldaptir_0.9.14.007-4_all.deb
 65a37032046deddac38dc8b2cb29199a 642902 web optional phpgroupware-email_0.9.14.007-4_all.deb
 f4252a25b00d5ba6bc35b6c1988c4fcb 153836 web optional phpgroupware-felamimail_0.9.14.007-4_all.deb
 b21adfe0034b255d2ba04c6d1dff3a88 38642 web optional phpgroupware-forum_0.9.14.007-4_all.deb
 b3297595b8e0dc0b119c5331d84fb0ff 29578 web optional phpgroupware-ftp_0.9.14.007-4_all.deb
 228a49e450821364d0eac70a0f7a4807 56988 web optional phpgroupware-headlines_0.9.14.007-4_all.deb
 408d31cea6252bd40ba4c6de578a2d55 12802 web optional phpgroupware-hr_0.9.14.007-4_all.deb
 552bd0dfe9e43f502ac74d80e894cbf2 27992 web optional phpgroupware-img_0.9.14.007-4_all.deb
 f2015d2067bbb90cb5fdb1db1754f7c8 92520 web optional phpgroupware-infolog_0.9.14.007-4_all.deb
 55c8444a95af4d57a5d2e32dc761a4f2 84000 web optional phpgroupware-inv_0.9.14.007-4_all.deb
 6c13ba8d8aaa660ffba6960eec2b9b3a 84580 web optional phpgroupware-manual_0.9.14.007-4_all.deb
 4869bd451be577406849e80f8d5b27bc 16130 web optional phpgroupware-meerkat_0.9.14.007-4_all.deb
 f072e1fea8d4b13f863e9fd22e619cae 19250 web optional phpgroupware-messenger_0.9.14.007-4_all.deb
 f15524779cb9a49aea13b85b24df4afd 76636 web optional phpgroupware-netsaint_0.9.14.007-4_all.deb
 f8f4a716fea5201359c9aa4a6b7573f9 38530 web optional phpgroupware-nntp_0.9.14.007-4_all.deb
 0a9a5ad7ff8743f7ba00d867cdf8596a 23748 web optional phpgroupware-notes_0.9.14.007-4_all.deb
 0e796128b2fcce3a43e2be808514fc6b 17836 web optional phpgroupware-phonelog_0.9.14.007-4_all.deb
 6ab01a4e6e710c3246510310681d74c5 943034 web optional phpgroupware-phpgwapi_0.9.14.007-4_all.deb
 5c19eab72a3f26a185d74d8baabe22a0 31674 web optional phpgroupware-phpsysinfo_0.9.14.007-4_all.deb
 d5fc54882016bc5b6ecd6db51f928119 61184 web optional phpgroupware-phpwebhosting_0.9.14.007-4_all.deb
 b7209842607c52c10d1779fba4e7ef2d 19742 web optional phpgroupware-polls_0.9.14.007-4_all.deb
 90c91ef68c0aa8cdace7a9964f538c00 39170 web optional phpgroupware-preferences_0.9.14.007-4_all.deb
 bed460e04cb635a759c30029b7939e32 90862 web optional phpgroupware-projects_0.9.14.007-4_all.deb
 d58a03a632adf418e5ed951401e5356b 25400 web optional phpgroupware-registration_0.9.14.007-4_all.deb
 232eb18f61f9ed075fdb4e95ac16b113 262562 web optional phpgroupware-setup_0.9.14.007-4_all.deb
 57be4c26e2e6697d0e909e180db2c6d6 14136 web optional phpgroupware-skel_0.9.14.007-4_all.deb
 59ec95051b4938017655505af3ee08ad 18698 web optional phpgroupware-soap_0.9.14.007-4_all.deb
 08fbe0c9c6394467a917cea6f955b950 16072 web optional phpgroupware-stocks_0.9.14.007-4_all.deb
 652385963a5f5f3f85a1aa428ec8cdf5 38044 web optional phpgroupware-todo_0.9.14.007-4_all.deb
 c9152aa958bd59edd05a35fb2c1d8379 56348 web optional phpgroupware-xmlrpc_0.9.14.007-4_all.deb
 f6e4bee29bb39409529e71ababfcfe9f 24502 web optional phpgroupware-developer-tools_0.9.14.007-4_all.deb
 29141fd1fb8f004b079b8a4ad27ea231 21438 web optional phpgroupware-news-admin_0.9.14.007-4_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/99vCW5ql+IAeqTIRAmnIAJ9uC5Lya1GerQfejT1rr1AZGyZrAwCfejcu
WfRver0yzhiNQdd+PYinsAk=
=1Bh+
-----END PGP SIGNATURE-----




Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 17 13:04:05 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.