warning This is an experimental version of PatchItem12285Contrib.

support To configure your Foswiki to install from this repository, modify the {ExtensionsRepositories} setting in your lib/LocalSite.cfg like this:
$Foswiki::cfg{ExtensionsRepositories} = 'Foswiki.org=(http://foswiki.org/Extensions/,http://foswiki.org/pub/Extensions/);Local=(http://foswiki.org/Extensions/Testing/,http://foswiki.org/pub/Extensions/Testing/)';

Read more about configuring Extension repositories

PatchItem12285Contrib

Patch a critical vulnerability in Locale::Maketext

Usage

This extensions applies a "hotfix" for Item12285 to your Foswiki 1.1.0 thru 1.1.6 system. Foswiki 1.0.x versions need to be manually patched.

ALERT! NOTICE: This patch addresses a criticalFoswiki vulnerability and should be installed as soon as possible.

When this extension is installed, it uses the Post-installation exit to apply any patch files found in the manifest. This extension ships with a hotfix for the following items:

Original Issue Patch File Description
Item12285 Item12285-001 Addresses a vulnerability in Locale::Maketext.
Before any file is patched, a backup is copied to working/configure/backup/<Item12285-001-date-time>. Each file that is a candidate to be patched is backed up. If the extensions is installed multple times, a new backup is made for each run, regardless of whether or not the patch will be applied. For this patch, the following files are copied:
  • lib/Foswiki/Macros/MAKETEXT.pm

Patches are only applied if the target file is an exact match to the original file. There is no attempt to do "fuzzy" patching. Note however that a patch can be built to cover multiple versions of the file.

There is no "dependency order" established between patches. Patches are installed in order of their patch file name.

Patches will be mapped from the default Foswiki filename to the directory location used on the target system.

Installation

You do not need to install anything in the browser to use this extension. The following instructions are for the administrator who installs the extension on the server.

Open configure, and open the "Extensions" section. Use "Find More Extensions" to get a list of available extensions. Select "Install".

If you have any problems, or if the extension isn't available in configure, then you can still install manually from the command-line. See http://foswiki.org/Support/ManuallyInstallingExtensions for more help.

Info

Author: GeorgeClark
Copyright ©: Foswiki Contributors
License: GPL ( GNU General Public License)
Dependencies:
NameVersionDescription
Foswiki::Contrib::PatchFoswikiContrib >=1.3 Required for old Foswiki versions.
Version: 16179 (2012-12-10)
Change History:
1.1 (10 Dec 2012) Minor changes
1.0 (10 Dec 2012) Initial version
Home: http://foswiki.org/Extensions/PatchItem12285Contrib
Support: http://foswiki.org/Support/PatchItem12285Contrib
Topic revision: r3 - 10 Dec 2012, GeorgeClark
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy