Version bump, with security fixes. Remove old insecure versions.

(Portage version: 2.2.0_alpha142/cvs/Linux x86_64, unsigned Manifest commit)

6 files changed, 18 insertions, 133 deletions

diff --git a/www-apps/cgit/ChangeLog b/www-apps/cgit/ChangeLog
index 83ab2de88204..678c8b6eb245 100644
--- a/www-apps/cgit/ChangeLog
+++ b/www-apps/cgit/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for www-apps/cgit
 # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/cgit/ChangeLog,v 1.11 2012/06/01 04:30:38 zmedico Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/cgit/ChangeLog,v 1.12 2012/11/15 01:14:11 zx2c4 Exp $
+
+*cgit-0.9.1 (15 Nov 2012)
+
+  15 Nov 2012; Jason A. Donenfeld <zx2c4@gentoo.org> +cgit-0.9.1.ebuild,
+  -cgit-0.8.3.5.ebuild, -cgit-0.9.0.2-r1.ebuild,
+  -files/cgit-0.9.0.2-fix-xss.patch, cgit-9999.ebuild, files/cgitrc:
+  Version bump, with security fixes. Remove old insecure versions.
 
   01 Jun 2012; Zac Medico <zmedico@gentoo.org> cgit-0.8.3.5.ebuild,
   cgit-0.9.0.2-r1.ebuild, cgit-9999.ebuild:
@@ -66,4 +73,3 @@
   Initial ebuild
 
   Thanks to everyone who helped in #223339 for contributing to the ebuild.
-
diff --git a/www-apps/cgit/cgit-0.8.3.5.ebuild b/www-apps/cgit/cgit-0.8.3.5.ebuild
deleted file mode 100644
index 9720c9c22862..000000000000
--- a/www-apps/cgit/cgit-0.8.3.5.ebuild
+++ /dev/null
@@ -1,88 +0,0 @@
-# Copyright 1999-2012 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/cgit/cgit-0.8.3.5.ebuild,v 1.2 2012/06/01 04:30:38 zmedico Exp $
-
-EAPI="2"
-
-WEBAPP_MANUAL_SLOT="yes"
-
-inherit webapp multilib user
-
-[[ -z "${CGIT_CACHEDIR}" ]] && CGIT_CACHEDIR="/var/cache/${PN}/"
-
-GIT_V="1.7.3"
-
-DESCRIPTION="a fast web-interface for git repositories"
-HOMEPAGE="http://hjemli.net/git/cgit/about/"
-SRC_URI="mirror://kernel/software/scm/git/git-${GIT_V}.tar.bz2
-	http://hjemli.net/git/cgit/snapshot/${P}.tar.bz2"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="doc highlight"
-
-RDEPEND="
-	dev-vcs/git
-	sys-libs/zlib
-	dev-libs/openssl
-	virtual/httpd-cgi
-	highlight? ( app-text/highlight )
-"
-# ebuilds without WEBAPP_MANUAL_SLOT="yes" are broken
-DEPEND="${RDEPEND}
-	!<www-apps/cgit-0.8.3.3
-	doc? ( app-text/docbook-xsl-stylesheets
-		>=app-text/asciidoc-8.5.1 )
-"
-
-pkg_setup() {
-	webapp_pkg_setup
-	enewuser "${PN}"
-}
-
-src_prepare() {
-	rmdir git || die
-	mv "${WORKDIR}"/git-"${GIT_V}" git || die
-
-	sed -i \
-		-e "/^CACHE_ROOT =/s:/var/cache/cgit:${CGIT_CACHEDIR}:" \
-		Makefile || die
-}
-
-src_compile() {
-	emake || die
-	if use doc ; then
-		emake man-doc || die
-	fi
-}
-
-src_install() {
-	webapp_src_preinst
-
-	emake \
-		CGIT_SCRIPT_PATH="${MY_CGIBINDIR}" \
-		CGIT_DATA_PATH="${MY_HTDOCSDIR}" \
-		DESTDIR="${D}" install || die
-
-	exeinto /usr/$(get_libdir)/${PN}/filters
-	doexe filters/*.sh
-
-	insinto /etc
-	doins "${FILESDIR}"/cgitrc
-
-	dodoc README
-	use doc && doman cgitrc.5
-
-	webapp_postinst_txt en "${FILESDIR}"/postinstall-en.txt
-	webapp_src_install
-
-	keepdir "${CGIT_CACHEDIR}"
-	fowners ${PN}:${PN} "${CGIT_CACHEDIR}"
-	fperms 700 "${CGIT_CACHEDIR}"
-}
-
-pkg_postinst() {
-	ewarn "If you intend to run cgit using web server's user"
-	ewarn "you should change /var/cache/cgit/ permissions."
-}
diff --git a/www-apps/cgit/cgit-0.9.0.2-r1.ebuild b/www-apps/cgit/cgit-0.9.1.ebuild
index 7f4908383c8a..9eabc105b772 100644
--- a/www-apps/cgit/cgit-0.9.0.2-r1.ebuild
+++ b/www-apps/cgit/cgit-0.9.1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/cgit/cgit-0.9.0.2-r1.ebuild,v 1.3 2012/06/01 04:30:38 zmedico Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/cgit/cgit-0.9.1.ebuild,v 1.1 2012/11/15 01:14:11 zx2c4 Exp $
 
 EAPI="4"
 
@@ -13,9 +13,9 @@ inherit webapp eutils multilib user
 GIT_V="1.7.4"
 
 DESCRIPTION="a fast web-interface for git repositories"
-HOMEPAGE="http://hjemli.net/git/cgit/about/"
+HOMEPAGE="http://git.zx2c4.com/cgit/about"
 SRC_URI="mirror://kernel/software/scm/git/git-${GIT_V}.tar.bz2
-	http://hjemli.net/git/cgit/snapshot/${P}.tar.bz2"
+	http://git.zx2c4.com/cgit/snapshot/${P}.tar.xz"
 
 LICENSE="GPL-2"
 SLOT="0"
@@ -45,8 +45,6 @@ src_prepare() {
 	rmdir git || die
 	mv "${WORKDIR}"/git-"${GIT_V}" git || die
 
-	epatch "${FILESDIR}"/${P}-fix-xss.patch
-
 	sed -i \
 		-e "/^CACHE_ROOT =/s:/var/cache/cgit:${CGIT_CACHEDIR}:" \
 		Makefile || die
diff --git a/www-apps/cgit/cgit-9999.ebuild b/www-apps/cgit/cgit-9999.ebuild
index 7f2d474dbcef..cb29340e3ca7 100644
--- a/www-apps/cgit/cgit-9999.ebuild
+++ b/www-apps/cgit/cgit-9999.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2012 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-apps/cgit/cgit-9999.ebuild,v 1.5 2012/06/01 04:30:38 zmedico Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-apps/cgit/cgit-9999.ebuild,v 1.6 2012/11/15 01:14:11 zx2c4 Exp $
 
 EAPI="4"
 
@@ -13,9 +13,9 @@ inherit webapp multilib user git-2
 GIT_V="1.7.4"
 
 DESCRIPTION="a fast web-interface for git repositories"
-HOMEPAGE="http://hjemli.net/git/cgit/about/"
+HOMEPAGE="http://git.zx2c4.com/cgit/about/"
 SRC_URI="mirror://kernel/software/scm/git/git-${GIT_V}.tar.bz2"
-EGIT_REPO_URI="git://hjemli.net/pub/git/${PN}"
+EGIT_REPO_URI="http://git.zx2c4.com/cgit"
 
 LICENSE="GPL-2"
 SLOT="0"
diff --git a/www-apps/cgit/files/cgit-0.9.0.2-fix-xss.patch b/www-apps/cgit/files/cgit-0.9.0.2-fix-xss.patch
deleted file mode 100644
index cfd230cd62f3..000000000000
--- a/www-apps/cgit/files/cgit-0.9.0.2-fix-xss.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From bebe89d7c11a92bf206bf6e528c51ffa8ecbc0d5 Mon Sep 17 00:00:00 2001
-From: Lukas Fleischer <cgit@cryptocrack.de>
-Date: Fri, 22 Jul 2011 11:47:19 +0000
-Subject: Fix potential XSS vulnerability in rename hint
-
-The file name displayed in the rename hint should be escaped to avoid
-XSS. Note that this vulnerability is only applicable when an attacker
-has gained push access to the repository.
-
-Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
-Signed-off-by: Lars Hjemli <hjemli@gmail.com>
----
-diff --git a/ui-diff.c b/ui-diff.c
-index d21541b..383a534 100644
---- a/ui-diff.c
-+++ b/ui-diff.c
-@@ -97,10 +97,12 @@ static void print_fileinfo(struct fileinfo *info)
- 	htmlf("</td><td class='%s'>", class);
- 	cgit_diff_link(info->new_path, NULL, NULL, ctx.qry.head, ctx.qry.sha1,
- 		       ctx.qry.sha2, info->new_path, 0);
--	if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED)
--		htmlf(" (%s from %s)",
--		      info->status == DIFF_STATUS_COPIED ? "copied" : "renamed",
--		      info->old_path);
-+	if (info->status == DIFF_STATUS_COPIED || info->status == DIFF_STATUS_RENAMED) {
-+		htmlf(" (%s from ",
-+		      info->status == DIFF_STATUS_COPIED ? "copied" : "renamed");
-+		html_txt(info->old_path);
-+		html(")");
-+	}
- 	html("</td><td class='right'>");
- 	if (info->binary) {
- 		htmlf("bin</td><td class='graph'>%ld -> %ld bytes",
---
-cgit v0.9.0.2-51-g5d24
diff --git a/www-apps/cgit/files/cgitrc b/www-apps/cgit/files/cgitrc
index a3eba1157342..a1d9f2f572b9 100644
--- a/www-apps/cgit/files/cgitrc
+++ b/www-apps/cgit/files/cgitrc
@@ -57,6 +57,10 @@
 ## List of common mimetypes
 ##
 
+# Instead of defining mime types ourselves, grab it from etc
+#mimetype-file=/etc/mime.types
+
+# Or do it manually here
 #mimetype.gif=image/gif
 #mimetype.html=text/html
 #mimetype.jpg=image/jpeg