<pre style='margin:0'>
Zero King (l2dy) pushed a commit to branch master
in repository macports-ports.

</pre>
<p><a href="https://github.com/macports/macports-ports/commit/9e85ce0c07266fcd23ac91c052da9d598ec8a3a3">https://github.com/macports/macports-ports/commit/9e85ce0c07266fcd23ac91c052da9d598ec8a3a3</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'>     new 9e85ce0  newsbeuter: fix CVE-2017-12904
</span>9e85ce0 is described below

<span style='display:block; white-space:pre;color:#808000;'>commit 9e85ce0c07266fcd23ac91c052da9d598ec8a3a3
</span>Author: Zero King <l2dy@macports.org>
AuthorDate: Sat Aug 19 02:44:37 2017 +0000

<span style='display:block; white-space:pre;color:#404040;'>    newsbeuter: fix CVE-2017-12904
</span>---
 net/newsbeuter/Portfile                        |  3 +++
 net/newsbeuter/files/patch-CVE-2017-12904.diff | 16 ++++++++++++++++
 2 files changed, 19 insertions(+)

<span style='display:block; white-space:pre;color:#808080;'>diff --git a/net/newsbeuter/Portfile b/net/newsbeuter/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index 9fe2931..ab7f4a1 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/net/newsbeuter/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/net/newsbeuter/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -4,6 +4,7 @@ PortSystem              1.0
</span> PortGroup               github 1.0
 
 github.setup            akrennmair newsbeuter 2.9 r
<span style='display:block; white-space:pre;background:#e0ffe0;'>+revision                1
</span> license                 MIT
 categories              net www
 platforms               darwin
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -27,6 +28,8 @@ depends_lib             port:curl \
</span>                         port:sqlite3 \
                         port:stfl
 
<span style='display:block; white-space:pre;background:#e0ffe0;'>+patchfiles              patch-CVE-2017-12904.diff
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span> # universal variant needs to be defined for [get_canonical_archflags] to work
 variant universal {}
 
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/net/newsbeuter/files/patch-CVE-2017-12904.diff b/net/newsbeuter/files/patch-CVE-2017-12904.diff
</span>new file mode 100644
<span style='display:block; white-space:pre;color:#808080;'>index 0000000..04d47c7
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- /dev/null
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/net/newsbeuter/files/patch-CVE-2017-12904.diff
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -0,0 +1,16 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+Origin: upstream, https://github.com/akrennmair/newsbeuter/commit/96e9506ae9e252c548665152d1b8968297128307
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- src/controller.cpp.orig        2015-02-19 10:56:59.000000000 +0000
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ src/controller.cpp     2017-08-19 02:35:54.000000000 +0000
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1275,9 +1275,10 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+   std::string bookmark_cmd = cfg.get_configvalue("bookmark-cmd");
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+   bool is_interactive = cfg.get_configvalue_as_bool("bookmark-interactive");
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+   if (bookmark_cmd.length() > 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-          std::string cmdline = utils::strprintf("%s '%s' %s %s",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++          std::string cmdline = utils::strprintf("%s '%s' '%s' '%s'",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                                                  bookmark_cmd.c_str(), utils::replace_all(url,"'", "%27").c_str(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-                                                 stfl::quote(title).c_str(), stfl::quote(description).c_str());
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++                                                 utils::replace_all(title,"'", "%27").c_str(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++                                                 utils::replace_all(description,"'", "%27").c_str());
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ 
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+           LOG(LOG_DEBUG, "controller::bookmark: cmd = %s", cmdline.c_str());
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ 
</span></pre><pre style='margin:0'>

</pre>