head	1.2;
access;
symbols;
locks; strict;
comment	@# @;


1.2
date	2010.01.18.17.39.55;	author delphij;	state dead;
branches;
next	1.1;

1.1
date	2010.01.13.23.30.43;	author delphij;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Update to 20091225c.  This version fixed a CSRF vulnerability in ACL
manager.

Security:	http://bugs.splitbrain.org/index.php?do=details&task_id=1853
@
text
@diff -u -r -N VERSION VERSION
--- VERSION	2009-12-25 02:14:45.000000000 -0800
+++ VERSION	2010-01-13 09:21:13.000000000 -0800
@@@@ -1 +1 @@@@
-2009-12-25 "Lemming"
+2009-12-25b "Lemming"
diff -u -r -N conf/msg conf/msg
--- conf/msg	2009-12-25 02:14:41.000000000 -0800
+++ conf/msg	2010-01-13 08:25:37.000000000 -0800
@@@@ -1,4 +1,4 @@@@
-23
+24
 The first line of this file contains a number, indicating
 which notification messages should not be displayed. This
 is the only information sent to dokuwiki.org when the
diff -u -r -N lib/plugins/acl/ajax.php lib/plugins/acl/ajax.php
--- lib/plugins/acl/ajax.php	2009-12-25 02:14:41.000000000 -0800
+++ lib/plugins/acl/ajax.php	2010-01-13 08:25:37.000000000 -0800
@@@@ -16,9 +16,11 @@@@
 require_once(DOKU_INC.'inc/common.php');
 require_once(DOKU_INC.'inc/pageutils.php');
 require_once(DOKU_INC.'inc/auth.php');
-//close sesseion
+//close session
 session_write_close();
 
+if(!auth_isadmin()) die('forbidden');
+
 $ID    = getID();
 
 if(!auth_isadmin) die('for admins only');
@@@@ -42,6 +44,7 @@@@
     if($ns == '*'){
         $ns ='';
     }
+    $ns  = cleanID($ns);
     $lvl = count(explode(':',$ns));
     $ns  = utf8_encodeFN(str_replace(':','/',$ns));
 
@


1.1
log
@Fix a minor information leak issue which will expose directories outside
the wiki root (not their contents though).

This commit actually upgraded the port to 2009-12-25b by adding the patch
file.

For details please consult:
	http://bugs.splitbrain.org/index.php?do=details&task_id=1847

Sponsored by:	iXsystems, Inc.
@
text
@@

