[tcllib] Update to new 1.16

Dmitrij S. Kryzhevich krege at fedoraproject.org
Tue Mar 3 05:43:39 UTC 2015 

commit ef43118e860831d125864519ac2dca25de4e7ad7
Author: Dmitrij S. Kryzhevich <krege at land.ru>
Date:   Tue Mar 3 11:43:35 2015 +0600

    Update to new 1.16

 tcllib-1.16-textarea.patch | 82 ++++++++++++++++++++++++++++++++++++++++++++++
 tcllib.spec                | 15 +++++++--
 2 files changed, 94 insertions(+), 3 deletions(-)
---
diff --git a/tcllib-1.16-textarea.patch b/tcllib-1.16-textarea.patch
new file mode 100644
index 0000000..090b3cc
--- /dev/null
+++ b/tcllib-1.16-textarea.patch
@@ -0,0 +1,82 @@
+Index: modules/html/html.man
+==================================================================
+--- modules/html/html.man
++++ modules/html/html.man
+@@ -1,7 +1,7 @@
+ [comment {-*- tcl -*- doctools manpage}]
+-[vset HTML_VERSION 1.4.3]
++[vset HTML_VERSION 1.4.4]
+ [manpage_begin html n [vset HTML_VERSION]]
+ [see_also htmlparse]
+ [see_also ncgi]
+ [keywords checkbox]
+ [keywords checkbutton]
+
+Index: modules/html/html.tcl
+==================================================================
+--- modules/html/html.tcl
++++ modules/html/html.tcl
+@@ -13,11 +13,11 @@
+ #
+ # Originally by Brent Welch, with help from Dan Kuchler and Melissa Chawla
+ 
+ package require Tcl 8.2
+ package require ncgi
+-package provide html 1.4.3
++package provide html 1.4.4
+ 
+ namespace eval ::html {
+ 
+     # State about the current page
+ 
+@@ -910,11 +910,11 @@
+ #
+ # Results:
+ #	The html fragment
+ 
+ proc ::html::textarea {name {param {}} {current {}}} {
+-    ::set value [ncgi::value $name $current]
++    ::set value [quoteFormValue [ncgi::value $name $current]]
+     return "<[string trimright \
+ 	"textarea name=\"$name\"\
+ 		[tagParam textarea $param]"]>$value</textarea>\n"
+ }
+ 
+
+Index: modules/html/html.test
+==================================================================
+--- modules/html/html.test
++++ modules/html/html.test
+@@ -451,10 +451,22 @@
+     ncgi::reset info=[ncgi::encode "The textarea value."]
+     ncgi::parse
+     html::textarea info
+ } {<textarea name="info" cols="50" rows="8">The textarea value.</textarea>
+ }
++
++test html-23.3 {html::textarea, dangerous input} {
++    html::init {
++	textarea.cols 50
++	textarea.rows 8
++    }
++    ncgi::reset info=[ncgi::encode "</textarea><script>alert(1)</script>"]
++    ncgi::parse
++    html::textarea info
++} {<textarea name="info" cols="50" rows="8">&lt;/textarea&gt;&lt;script&gt;alert(1)&lt;/script&gt;</textarea>
++}
++
+ 
+ test html-24.1 {html::submit} {
+     catch {html::submit}
+ } {1}
+ 
+
+Index: modules/html/pkgIndex.tcl
+==================================================================
+--- modules/html/pkgIndex.tcl
++++ modules/html/pkgIndex.tcl
+@@ -1,2 +1,2 @@
+ if {![package vsatisfies [package provide Tcl] 8.2]} {return}
+-package ifneeded html 1.4.3 [list source [file join $dir html.tcl]]
++package ifneeded html 1.4.4 [list source [file join $dir html.tcl]]
+
diff --git a/tcllib.spec b/tcllib.spec
index 9d55057..dfeb743 100644
--- a/tcllib.spec
+++ b/tcllib.spec
@@ -3,14 +3,17 @@
 
 Summary:    The standard Tcl library
 Name:       tcllib
-Version:    1.15
-Release:    8%{?dist}
+Version:    1.16
+Release:    1%{?dist}
 License:    BSD
 Group:      Development/Libraries
-Source:     http://downloads.sourceforge.net/tcllib/tcllib-1.15.tar.gz
+Source:     http://downloads.sourceforge.net/tcllib/Tcllib-%{version}.tar.gz
 URL:        http://tcllib.sourceforge.net/
 BuildArch:: noarch
 
+# Upstream patch for RHBZ #1197669
+Patch50:    tcllib-1.16-textarea.patch
+
 
 Requires:   tcl(abi) = 8.6
 
@@ -23,6 +26,7 @@ programmers.
 
 %prep
 %setup -q
+%patch50 -p0
 chmod -x modules/doctools/mpformats/fr.msg
 # Convert a couple of files to UTF-8
 for file in modules/struct/pool.html ; do
@@ -70,6 +74,10 @@ find %{buildroot}/%{_datadir} -name \*.tcl -exec chmod 0644 {} \;
 %{_bindir}/tcldocstrip
 
 %changelog
+* Tue Mar 03 2015 Dmitrij S. Kryzhevich <krege at land.ru> - 1.16-1
+- Update to 1.16.
+- Patch for RHBZ #1197669.
+
 * Sun Jun 08 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.15-8
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
 
@@ -81,6 +89,7 @@ find %{buildroot}/%{_datadir} -name \*.tcl -exec chmod 0644 {} \;
 
 * Wed May 21 2014 Jaroslav Škarvada <jskarvad at redhat.com> - 1.15-5
 - Rebuilt for https://fedoraproject.org/wiki/Changes/f21tcl86
+>>>>>>> 35f897ac8154ead9438d89049def35a8fbbfc7f2
 
 * Tue Feb 25 2014 Dmitrij S. Kryzhevich <krege at land.ru> - 1.15-4
 - Add two more man files to conflict-list. Again.

More information about the scm-commits mailing list