CAcert Code Development list.

[Wytze van der Raay <wytze AT cacert.org>]

Hi Benny,

Benny Baumann schreef op 15-10-2013 23:06:
> we have some bugfixes for you to apply to the production system which
> should be applied in the following order:
> 
> 1. Bug 1208: Improve readability of "Assure someone" page (Reviews by:
> BenBE, dastrath)
> 2. Bug 1182: Fix Deprecation messages sqldump.php (Reviews by: BenBE,
> NEOatNHNG)
> 3. Bug 1199: arbitrary code injection (Reviews by: BenBE, NEOatNHNG)
> 4. Bug 918: Weak keys in certificates (Reviews by: BenBE, NEOatNHNG)
> 
> The reviews were performed by BenBE (me), dastrath (Dirk Astrath) and
> NEOatNHNG (Michael Tänzer) as noted above.

The patches have been installed in the stated order on the production
server on October 16, 2013. See also the attached log messages.
> 
> Please also give kudos to our testers: A. Terpotiz, Ansgar, Eva, INOPIAE
> (Marcus Mängel), law (Mario Lipinski), magu (Martin Gummi), Uli60
> (Ulrich Schröter).

Kudos!

> Furthermore remember to update the translations when the patches have
> been applied successfully.

I've done that too, and restarted the Apache2 webserver to make the
download effective. However, I am not certain whether the upload was
fully succesfull. The translation server is reporting the following
error messages:

$ make upload
scp  messages.pot
critical AT translations.cacert.org:/var/www/Pootle/po/cacert/templates/messages.pot
messages.pot                                               100%  160KB
160.1KB/s   00:00
ssh  
critical AT translations.cacert.org
 "sudo -u www-data pootle-update
cacert"
Dictionary for language 'de' could not be found
Dictionary for language 'es' could not be found
Dictionary for language 'fi' could not be found
Dictionary for language 'fr' could not be found
Dictionary for language 'hr' could not be found
Dictionary for language 'hu' could not be found
Dictionary for language 'it' could not be found
Dictionary for language 'nl' could not be found
Dictionary for language 'pl' could not be found
Dictionary for language 'pt_BR' could not be found
Dictionary for language 'sv' could not be found
Loading custom settings from '/var/www/pootle/pootle.conf'...
$

This doesn't look quite right, or? Maybe Michael can comment on that?

Regards,
-- wytze

--- Begin Message ---

• From: Wytze van der Raay <wytze AT cacert.org>
• To: cacert-systemlog AT lists.cacert.org
• Subject: Fwd: cvs.cacert.org checkin notification
• Date: Wed, 16 Oct 2013 12:46:22 +0200
• Organization: CAcert

Fix for http://bugs.cacert.org/view.php?id=1208
Improve readability of "Assure someone" page.

In conjunction with the attached CVS changes a new tarball has been
made available incorporating all updates. The new tarball is available
through http://www.cacert.org/src-lic.php

-- end

--- Begin Message ---

• From: "root" <root AT cvs.cacert.org>
• To: critical-admin AT cacert.org
• Subject: cvs.cacert.org checkin notification
• Date: Wed, 16 Oct 2013 12:41:11 +0200 (CEST)

uid=0(root) gid=0(root) groups=0(root)
notary.inc.php 1.6 1.7
Wed Oct 16 12:41:11 CEST 2013
Update of /var/lib/cvs/cacert/includes
In directory webdb:/home/cacert/www/includes

Modified Files:
notary.inc.php
Log Message:
Fix for http://bugs.cacert.org/view.php?id=1208
Improve readability of "Assure someone" page.

===================================================================
RCS file: /var/lib/cvs/cacert/includes/notary.inc.php,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- notary.inc.php 2013/09/06 15:20:50 1.6
+++ notary.inc.php 2013/10/16 10:41:11 1.7
@@ -720,7 +720,7 @@
{
?>
<tr>
- <td class="DataTD"><?=$field1.(empty($field1)?'':':')?>:</td>
+ <td class="DataTD"><?=$field1.(empty($field1)?'':':')?></td>
<td class="DataTD"><?=$field2?></td>
</tr>
<?
@@ -768,7 +768,7 @@
{
?>
<tr>
- <td class="DataTD"><?=$field.(empty($field)?'':':')?>:</td>
+ <td class="DataTD"><?=$field.(empty($field)?'':':')?></td>
<td class="DataTD"><input type="text" name="<?=$type?>"
value="<?=$value?>"><?=$description?></td>
</tr>
<?

--- End Message ---

--- Begin Message ---

• From: "root" <root AT cvs.cacert.org>
• To: critical-admin AT cacert.org
• Subject: cvs.cacert.org checkin notification
• Date: Wed, 16 Oct 2013 12:41:17 +0200 (CEST)

uid=0(root) gid=0(root) groups=0(root)
6.php 1.37 1.38
Wed Oct 16 12:41:17 CEST 2013
Update of /var/lib/cvs/cacert/pages/wot
In directory webdb:/home/cacert/www/pages/wot

Modified Files:
6.php
Log Message:
Fix for http://bugs.cacert.org/view.php?id=1208
Improve readability of "Assure someone" page.

===================================================================
RCS file: /var/lib/cvs/cacert/pages/wot/6.php,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -r1.37 -r1.38
--- 6.php 2013/09/06 15:21:06 1.37
+++ 6.php 2013/10/16 10:41:17 1.38
@@ -32,22 +32,48 @@
else
$methods = array("Face to Face Meeting");

+ $mnames = array(
+ '01' => _('January'),
+ '02' => _('February'),
+ '03' => _('March'),
+ '04' => _('April'),
+ '05' => _('May'),
+ '06' => _('June'),
+ '07' => _('July'),
+ '08' => _('August'),
+ '09' => _('September'),
+ '10' => _('October'),
+ '11' => _('November'),
+ '12' => _('December')
+ );
+
$fname = $row['fname'];
$mname = $row['mname'];
$lname = $row['lname'];
$suffix = $row['suffix'];
$dob = $row['dob'];
+
+ $dob_date = explode('-', $dob, 3);
+ $dob_print = sprintf(
+ '<tt class="accountdetail">%s-%s-%s</tt> (%d %s %d)',
+ $dob_date[0], $dob_date[1], $dob_date[2],
+ intval($dob_date[2], 10), $mnames[$dob_date[1]],
intval($dob_date[0], 10)
+ );
+
$name = $fname." ".$mname." ".$lname." ".$suffix;
$_SESSION['_config']['wothash'] = md5($name."-".$dob);


require_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");

- AssureHead(_("Assurance Confirmation"),sprintf(_("Please check the
following details match against what you witnessed when you met %s in person.
You MUST NOT proceed unless you are sure the details are correct. You may be
held responsible by the CAcert Arbitrator for any issues with this
Assurance."), $fname));
- AssureTextLine(_("Name"),$name);
- AssureTextLine(_("Date of Birth"),$dob." ("._("YYYY-MM-DD").")");
+ AssureHead(_("Assurance Confirmation"),sprintf(_("Please check the
following details match against what you witnessed when you met %s %s %s %s
in person. You MUST NOT proceed unless you are sure the details are correct.
You may be held responsible by the CAcert Arbitrator for any issues with this
Assurance."), $fname, $mname, $lname, $suffix));
+ AssureTextLine(_("Name"), sprintf(
+ "<tt><span class=\"accountdetail name\"><span
class=\"accountdetail fname\">%s</span> <span class=\"accountdetail
mname\">%s</span> <span class=\"accountdetail lname\">%s</span> <span
class=\"accountdetail suffix\">%s</span></span></tt>",
+ $fname, $mname, $lname, $suffix
+ ));
+ AssureTextLine(_("Date of Birth"),$dob_print);
AssureMethodLine(_("Method"),$methods,'');
- AssureBoxLine("certify",sprintf(_("I certify that %s %s %s has
appeared in person."), $fname, $mname,
$lname),array_key_exists('certify',$_POST) && $_POST['certify'] == 1);
- AssureBoxLine("CCAAgreed",sprintf(_("I verify that %s %s %s has
accepted the CAcert Community Agreement."), $fname, $mname,
$lname),array_key_exists('CCAAgreed',$_POST) && $_POST['CCAAgreed'] == 1);
+ AssureBoxLine("certify",sprintf(_("I certify that %s %s %s %s has
appeared in person."), $fname, $mname, $lname,
$suffix),array_key_exists('certify',$_POST) && $_POST['certify'] == 1);
+ AssureBoxLine("CCAAgreed",sprintf(_("I verify that %s %s %s %s has
accepted the CAcert Community Agreement."), $fname, $mname, $lname,
$suffix),array_key_exists('CCAAgreed',$_POST) && $_POST['CCAAgreed'] == 1);

AssureInboxLine("location",_("Location"),array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:"","");

AssureInboxLine("date",_("Date"),array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:date("Y-m-d"),"<br/>"._("The
date when the assurance took place. Please adjust the date if you assured
the person on a different day (YYYY-MM-DD)."));
AssureTextLine("",_("Only tick the next box if the Assurance was face
to face."));

--- End Message ---

--- Begin Message ---

• From: "root" <root AT cvs.cacert.org>
• To: critical-admin AT cacert.org
• Subject: cvs.cacert.org checkin notification
• Date: Wed, 16 Oct 2013 12:41:19 +0200 (CEST)

uid=0(root) gid=0(root) groups=0(root)
style.css 1.2 1.3
Wed Oct 16 12:41:19 CEST 2013
Update of /var/lib/cvs/cacert/stamp
In directory webdb:/home/cacert/www/stamp

Modified Files:
style.css
Log Message:
Fix for http://bugs.cacert.org/view.php?id=1208
Improve readability of "Assure someone" page.

===================================================================
RCS file: /var/lib/cvs/cacert/stamp/style.css,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- style.css 2006/11/27 23:10:08 1.2
+++ style.css 2013/10/16 10:41:19 1.3
@@ -6,94 +6,95 @@
/***********************************************/
/* HTML tag styles */
/***********************************************/
-body{
+body {
font-family: Arial,sans-serif;
color: #333333;
- line-height: 1.166;
+ line-height: 1.166;
margin: 0px;
padding: 0px;
- background: #cccccc;
+ background: #cccccc;
/* url("/siteimages/bg_grad.jpg") fixed; */
}

+
/******* hyperlink and anchor tag styles *******/

-a:link, a:visited{
+a:link, a:visited {
color: #005FA9;
text-decoration: none;
}

-a:hover{
+a:hover {
text-decoration: underline;
}

/************** header tag styles **************/

-h1{
- font: bold 120% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
-}
-
-h2{
- font: bold 114% Arial,sans-serif;
- color: #006699;
- margin: 0px;
- padding: 0px;
-}
-
-h3{
- font: bold 100% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
- cursor: pointer;
-/* cursor: hand; */
-}
-
-h4{
- font: bold 100% Arial,sans-serif;
- color: #333333;
- margin: 0px;
- padding: 0px;
-}
-
-h5{
- font: 100% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
+h1 {
+ font: bold 120% Arial,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
+}
+
+h2 {
+ font: bold 114% Arial,sans-serif;
+ color: #006699;
+ margin: 0px;
+ padding: 0px;
+}
+
+h3 {
+ font: bold 100% Arial,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
+ cursor: pointer;
+ /* cursor: hand; */
+}
+
+h4 {
+ font: bold 100% Arial,sans-serif;
+ color: #333333;
+ margin: 0px;
+ padding: 0px;
+}
+
+h5 {
+ font: 100% Arial,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
}


/*************** list tag styles ***************/

ul.menu {
-list-style: none;
-margin :0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 1px dotted #000;
+ list-style: none;
+ margin :0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 1px dotted #000;
}

ul.top {
-list-style: none;
-margin: 0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 0px;
+ list-style: none;
+ margin: 0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 0px;
}

ul {
-list-style: none;
-margin: 0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 1px dotted #000;
+ list-style: none;
+ margin: 0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 1px dotted #000;
}

/***********************************************/
/* Layout Divs */
/***********************************************/
-#pagecell1{
+#pagecell1 {
position:absolute;
top: 2%;
left: 2%;

--- End Message ---

--- Begin Message ---

• From: "root" <root AT cvs.cacert.org>
• To: critical-admin AT cacert.org
• Subject: cvs.cacert.org checkin notification
• Date: Wed, 16 Oct 2013 12:41:21 +0200 (CEST)

uid=0(root) gid=0(root) groups=0(root)
default.css 1.13 1.14
Wed Oct 16 12:41:21 CEST 2013
Update of /var/lib/cvs/cacert/www/styles
In directory webdb:/home/cacert/www/www/styles

Modified Files:
default.css
Log Message:
Fix for http://bugs.cacert.org/view.php?id=1208
Improve readability of "Assure someone" page.

===================================================================
RCS file: /var/lib/cvs/cacert/www/styles/default.css,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- default.css 2013/04/24 12:43:09 1.13
+++ default.css 2013/10/16 10:41:21 1.14
@@ -6,20 +6,22 @@
/***********************************************/
/* HTML tag styles */
/***********************************************/
-body{
+
+body {
font-family: Arial,sans-serif;
color: #333333;
- line-height: 1.166;
+ line-height: 1.166;
margin: 0px;
padding: 0px;
- background: #cccccc;
-/* url("/siteimages/bg_grad.jpg") fixed; */
+ background: #cccccc;
+/* url("/siteimages/bg_grad.jpg") fixed; */
}

+
/******* hyperlink and anchor tag styles *******/

a:link, a:visited {
- color: #005FA9;
+ color: #005fa9;
text-decoration: none;
}

@@ -27,85 +29,87 @@
text-decoration: underline;
}

+
/************** header tag styles **************/

-h1{
- font: bold 120% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
+h1 {
+ font: bold 120% Arial ,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
}

-h2{
- font: bold 114% Arial,sans-serif;
- color: #006699;
- margin: 0px;
- padding: 0px;
+h2 {
+ font: bold 114% Arial ,sans-serif;
+ color: #006699;
+ margin: 0px;
+ padding: 0px;
}

-h3{
- font: bold 100% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
+h3 {
+ font: bold 100% Arial ,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
}

-h3.pointer{
- cursor: pointer;
- /* cursor: hand; */
+h3.pointer {
+ cursor: pointer;
+ /* cursor: hand; */
}

-h4{
- font: bold 100% Arial,sans-serif;
- color: #333333;
- margin: 0px;
- padding: 0px;
+h4 {
+ font: bold 100% Arial ,sans-serif;
+ color: #333333;
+ margin: 0px;
+ padding: 0px;
}

-h5{
- font: 100% Arial,sans-serif;
- color: #334d55;
- margin: 0px;
- padding: 0px;
+h5 {
+ font: 100% Arial ,sans-serif;
+ color: #334d55;
+ margin: 0px;
+ padding: 0px;
}


/*************** list tag styles ***************/

ul.menu {
-list-style: none;
-margin :0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 1px dotted #000;
+ list-style: none;
+ margin: 0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 1px dotted #000;
}

ul.top {
-list-style: none;
-margin: 0px 0px 0px 15px;
-padding-left: 5px;
-border-left: 0px;
+ list-style: none;
+ margin: 0px 0px 0px 15px;
+ padding-left: 5px;
+ border-left: 0px;
}

ul.no_indent {
-list-style: none;
-padding: 0px;
+ list-style: none;
+ padding: 0px;
}

+
/***********************************************/
/* Layout Divs */
/***********************************************/
-#pagecell1{
- position:absolute;
+
+#pagecell1 {
+ position: absolute;
top: 2%;
left: 2%;
right: 2%;
width: 96%;
background-color: #ffffff;
-
}

#tl {
- position:absolute;
+ position: absolute;
top: -1px;
left: -1px;
margin: 0px;
@@ -114,7 +118,7 @@
}

#tr {
- position:absolute;
+ position: absolute;
top: -1px;
right: -1px;
margin: 0px;
@@ -122,43 +126,43 @@
z-index: 100;
}

-#masthead{
+#masthead {
position: absolute;
top: 0px;
left: 2%;
right: 2%;
- width:95.6%;
-
+ width: 95.6%;
}

-#pageNav{
+#pageNav {
float: right;
- width:178px;
+ width: 178px;
padding: 0px;
background-color: #F5f7f7;
border-left: 1px solid #cccccc;
font: small Verdana,sans-serif;
}

-#content{
+#content {
padding: 0px 10px 0px 0px;
- margin:0px 178px 0px 0px;
+ margin: 0px 178px 0px 0px;
}


/***********************************************/
/* Component Divs */
/***********************************************/
-#siteName{
+#siteName {
margin: 0px;
padding: 16px 0px 8px 0px;
color: #ffffff;
font-weight: normal;
}

+
/************** utility styles *****************/

-#utility{
+#utility {
font: 75% Verdana,sans-serif;
position: absolute;
top: 16px;
@@ -166,7 +170,7 @@
color: #919999;
}

-#utility a{
+#utility a {
color: #ffffff;
}

@@ -174,46 +178,48 @@
text-decoration: underline;
}

+
/************** pageName styles ****************/

-#pageName{
+#pageName {
padding: 0px 0px 14px 10px;
margin: 0px;
- border-bottom:1px solid #ccd2d2;
+ border-bottom: 1px solid #ccd2d2;
z-index: 2;
}

-#pageName h2{
+#pageName h2 {
font: bold 175% Arial,sans-serif;
color: #000000;
- margin:0px;
+ margin: 0px;
padding: 0px;
}
+
/*
#pageLogo {
- position: absolute;
- top: 8px;
- left: 10px;
- z-index: 5;
+ position: absolute;
+ top: 8px;
+ left: 10px;
+ z-index: 5;
}
*/

+
/************* globalNav styles ****************/

-#globalNav{
-position: relative;
-width: 100%;
-min-width: 640px;
-height: 32px;
-color: #cccccc;
-padding: 0px;
-margin: 0px;
-background-image: url("siteimages/glbnav_background.gif");
+#globalNav {
+ position: relative;
+ width: 100%;
+ min-width: 640px;
+ height: 32px;
+ color: #cccccc;
+ padding: 0px;
+ margin: 0px;
+ background-image: url("siteimages/glbnav_background.gif");
}

-#globalNav img{
- margin-bottom: -4px;
-
+#globalNav img {
+ margin-bottom: -4px;
}

#gnl {
@@ -228,7 +234,7 @@
right:0px;
}

-#globalLink{
+#globalLink {
position: absolute;
top: 6px;
height: 22px;
@@ -241,24 +247,27 @@


a.glink, a.glink:visited {
- font-size: small;
- color: #000000;
+ font-size: small;
+ color: #000000;
font-weight: bold;
margin: 0px;
padding: 2px 5px 4px 5px;
- border-right: 1px solid #8FB8BC;
+ border-right: 1px solid #8fb8bc;
}

a.glink:hover {
- background-image: url("siteimages/glblnav_selected.gif");
+ background-image: url("siteimages/glblnav_selected.gif");
text-decoration: none;
}

-.skipLinks {display: none;}
+.skipLinks {
+ display: none;
+}
+

/************ subglobalNav styles **************/

-.subglobalNav{
+.subglobalNav {
position: absolute;
top: 84px;
left: 0px;
@@ -279,13 +288,15 @@
color: #cccccc;
}

+
/*************** search styles *****************/
/*
#listshow {
z-order: 101;
}
*/
-#search{
+
+#search {
position: absolute;
top: 125px;
right: 0px;
@@ -300,46 +311,46 @@
font-size: 11px;
}

-#search1{
+#search1 {
position: absolute;
top: 85px;
right: 300px;
}

-#search2{
+#search2 {
position: absolute;
top: 100px;
right: 300px;
}

-#search3{
+#search3 {
position: absolute;
top: 85px;
right: 240px;
}

-#search4{
+#search4 {
position: absolute;
top: 100px;
right: 226px;
}

-#googlead{
+#googlead {
position: absolute;
top: 5px;
right: 0px;
z-index: -10;
}

-#search input{
- font-size: 70%;
- margin: 0px 0px 0px 10px;
+#search input {
+ font-size: 70%;
+ margin: 0px 0px 0px 10px;
}
-
+
#search a:link, #search a:visited {
font-size: 80%;
font-weight: bold;
-
+
}

#search a:hover {
@@ -349,40 +360,42 @@

/************* breadCrumb styles ***************/

-#breadCrumb{
+#breadCrumb {
padding: 5px 0px 5px 10px;
font: small Verdana,sans-serif;
- color: #AAAAAA;
+ color: #aaaaaa;
}

-#breadCrumb a{
- color: #AAAAAA;
+#breadCrumb a {
+ color: #aaaaaa;
}

#breadCrumb a:hover {
- color: #005FA9;
+ color: #005fa9;
text-decoration: underline;
}


/************** feature styles *****************/

-.feature{
+.feature {
padding: 0px 0px 10px 10px;
font-size: 80%;
min-height: 200px;
height: 200px;
}

-.feature {height: auto;}
+.feature {
+ height: auto;
+}

-.feature h3{
+.feature h3 {
font: bold 175% Arial,sans-serif;
color: #000000;
padding: 30px 0px 5px 0px;
}

-.feature img{
+.feature img {
float: left;
padding: 0px 10px 0px 0px;
}
@@ -396,7 +409,7 @@
min-height: 450px;
}

-.story h3{
+.story h3 {
font: bold 125% Arial,sans-serif;
color: #000000;
}
@@ -405,10 +418,10 @@
padding: 0px 0px 10px 0px;
}

-.story a.capsule{
+.story a.capsule {
font: bold 1em Arial,sans-serif;
color: #005FA9;
- display:block;
+ display: block;
padding-bottom: 5px;
}

@@ -416,14 +429,14 @@
text-decoration: underline;
}

-td.storyLeft{
+td.storyLeft {
padding-right: 12px;
}


/************** siteInfo styles ****************/

-#siteInfo{
+#siteInfo {
clear: both;
border-top: 1px solid #cccccc;
font-size: small;
@@ -431,15 +444,15 @@
padding: 10px 10px 10px 10px;
}

+
/************ sectionLinks styles **************/

-#sectionLinks{
+#sectionLinks {
margin: 0px;
padding: 0px;
-
}

-#sectionLinks h3{
+#sectionLinks h3 {
padding: 10px 0px 2px 10px;
border-bottom: 1px solid #cccccc;
}
@@ -448,7 +461,7 @@
display: block;
border-top: 1px solid #ffffff;
border-bottom: 1px solid #cccccc;
- background-image: url("siteimages/bg_nav.jpg");
+ background-image: url("siteimages/bg_nav.jpg");
font-weight: bold;
padding: 3px 0px 3px 10px;
color: #21536A;
@@ -465,83 +478,84 @@

/************* relatedLinks styles **************/

-.relatedLinks{
+.relatedLinks {
margin: 0px;
padding: 0px 0px 10px 10px;
border-bottom: 1px solid #cccccc;
}

-.relatedLinks h3{
+.relatedLinks h3 {
padding: 10px 0px 2px 0px;
}

-.relatedLinks a{
- display: block;
+.relatedLinks a {
+ display: block;
}


/**************** advert styles *****************/

-#advert{
+#advert {
padding: 10px;
}

-#advert img{
+#advert img {
display: block;
}

+
/********************* end **********************/

.DataTD input, .DataTD textarea {
- FONT-SIZE: 92%;
+ font-size: 92%;
}

.DataTD select, .DataTD option {
- FONT-SIZE: 92%;
+ font-size: 92%;
}

.DataTD {
- background-color: #E2E2E2;
+ background-color: #e2e2e2;
border-style: inset;
border-width: 1px;
- FONT-SIZE: 8pt;
- COLOR: #000000;
- FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif;
+ font-size: 8pt;
+ color: #000000;
+ font-family: Arial, Tahoma, Verdana, Helvetica, sans-serif;

background: #ffffff;
padding: 1px 5px 1px 5px;
- border: 1px #CFCFCF solid;
- border-left: 1px #CFCFCF dotted;
- border-right: 1px #CFCFCF dotted;
+ border: 1px #cfcfcf solid;
+ border-left: 1px #cfcfcf dotted;
+ border-right: 1px #cfcfcf dotted;
}

.DataTDGrey {
background-color: #EFEDED;
border-style: inset;
border-width: 1px;
- FONT-SIZE: 8pt;
- COLOR: #000000;
- FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif;
+ font-size: 8pt;
+ color: #000000;
+ font-family: Arial, Tahoma, Verdana, Helvetica, sans-serif;

padding: 1px 5px 1px 5px;
border: 1px #CFCFCF solid;
- border-left: 1px #CFCFCF dotted;
- border-right: 1px #CFCFCF dotted;
+ border-left: 1px #cfcfcf dotted;
+ border-right: 1px #cfcfcf dotted;
}

.DataTDNotDotted {
- background-color: #E2E2E2;
+ background-color: #e2e2e2;
border-style: inset;
border-width: 1px;
- FONT-SIZE: 8pt;
- COLOR: #000000;
- FONT-FAMILY: Arial, Tahoma, Verdana, Helvetica, sans-serif;
+ font-size: 8pt;
+ color: #000000;
+ font-family: Arial, Tahoma, Verdana, Helvetica, sans-serif;

background: #ffffff;
padding: 1px 5px 1px 5px;
border: 1px #CFCFCF solid;
- border-left: 1px #CFCFCF solid;
- border-right: 1px #CFCFCF solid;
+ border-left: 1px #cfcfcf solid;
+ border-right: 1px #cfcfcf solid;
}

.wrapper {
@@ -552,104 +566,142 @@
}

td.greytxt {
- color: #CCCCCC;
+ color: #cccccc;
font-size: smaller;
text-align: right;
vertical-align: bottom;
}

.title {
- background: #E2E2E2;
- font-weight:BOLD;
+ background: #e2e2e2;
+ font-weight: bold;
padding: 1px 5px 1px 5px;
- border: 1px solid #CFCFCF;
- border-bottom: 3px double #CFCFCF;
+ border: 1px solid #cfcfcf;
+ border-bottom: 3px double #cfcfcf;
border-top: 1px solid #656565;
text-align: center;
}

.errmsg {
- font-weight: BOLD;
+ font-weight: bold;
color: #FF0000;
}

-.ac_menu
-{
- border:1px solid black
-}
-.ac_normal
-{
- background-color:#ffffff;
- cursor:pointer;
-}
-.ac_highlight
-{
- background-color:#3366cc;
- color:white;
- cursor:pointer;
-}
-.ac_normal .a
-{
- font-size:13px;
- color:black;
-}
-.ac_highlight .a
-{
- font-size:13px;
-}
-.ac_normal .d
-{
- float:right;
- font-size:10px;
- color:green;
-}
-.ac_highlight .d
-{
- float:right;
- font-size:10px;
+.ac_menu {
+ border: 1px solid black
+}
+
+.ac_normal {
+ background-color: #ffffff;
+ cursor: pointer;
+}
+
+.ac_highlight {
+ background-color: #3366cc;
+ color: white;
+ cursor: pointer;
+}
+
+.ac_normal .a {
+ font-size: 13px;
+ color: black;
+}
+
+.ac_highlight .a {
+ font-size: 13px;
+}
+
+.ac_normal .d {
+ float: right;
+ font-size: 10px;
+ color: green;
}

+.ac_highlight .d {
+ float: right;
+ font-size: 10px;
+}
+
+
/************** sponsorInfo styles ****************/

div.sponsorinfo {
- clear: both;
- border-top: 1px solid #cccccc;
- font-size: small;
- color: #000000;
- padding: 10px 10px 10px 10px;
+ clear: both;
+ border-top: 1px solid #cccccc;
+ font-size: small;
+ color: #000000;
+ padding: 10px 10px 10px 10px;
}

img.sponsorlogo {
- margin-left: 10px;
- margin-right: 10px;
- border: 0px none;
- vertical-align: middle;
+ margin-left: 10px;
+ margin-right: 10px;
+ border: 0px none;
+ vertical-align: middle;
}

+
/************ Newsbox *************/

-#lnews { /* class for the text "Latest News" */
- font-size: small;
- font-variant: small-caps;
+#lnews { /* class for the text "Latest News" */
+ font-size: small;
+ font-variant: small-caps;
}

div.newsbox {
- border-top: 1px solid #cccccc;
- color: #101010;
- padding: 10px 10px 10px 10px;
+ border-top: 1px solid #cccccc;
+ color: #101010;
+ padding: 10px 10px 10px 10px;
}

+
/************ SQL Performance ***********/

div.footerbar {
- clear: both;
- border-top: 1px solid #cccccc;
- font-size: small;
- color: black;
- padding: 10px 10px 10px 10px;
+ clear: both;
+ border-top: 1px solid #cccccc;
+ font-size: small;
+ color: black;
+ padding: 10px 10px 10px 10px;
}

+
/************ Honeypot ***********/

-.robotic { display: none; }
+.robotic {
+ display: none;
+}
+
+
+/************ unicode fallbacks ***********/
+
+/* Some embedding of font */
+@font-face {
+ font-family: 'Source Code Pro';
+ src: local('Source Code Pro');
+/* src: url(/res/fonts/SourceCodePro-Medium.ttf); */
+}

+@font-face {
+ font-family: 'Last Resort';
+ src: local('LastResort');
+/* src: url(/res/fonts/LastResort.ttf); */
+}
+
+.accountdetail {
+ font-family: 'Source Code Pro', 'Lucida Console', 'Arial Unicode MS',
monospace, 'Last Resort';
+ font-size: 1.1em;
+}
+
+.accountdetail.fname {
+}
+
+.accountdetail.mname {
+}
+
+.accountdetail.lname {
+ font-weight: bold;
+}
+
+.accountdetail.suffix {
+}

--- End Message ---

Attachment: smime.p7s
Description: S/MIME-cryptografische ondertekening

--- End Message ---

--- Begin Message ---

• From: Wytze van der Raay <wytze AT cacert.org>
• To: cacert-systemlog AT lists.cacert.org
• Subject: Fwd: cvs.cacert.org checkin notification
• Date: Wed, 16 Oct 2013 12:47:09 +0200
• Organization: CAcert

Fix for http://bugs.cacert.org/view.php?id=1182
"Fix Deprecation messages sqldump.php"

In conjunction with the attached CVS changes a new tarball has been
made available incorporating all updates. The new tarball is available
through http://www.cacert.org/src-lic.php

-- end

--- Begin Message ---

• From: "root" <root AT cvs.cacert.org>
• To: critical-admin AT cacert.org
• Subject: cvs.cacert.org checkin notification
• Date: Wed, 16 Oct 2013 12:42:36 +0200 (CEST)

uid=0(root) gid=0(root) groups=0(root)
sqldump.php 1.5 1.6
Wed Oct 16 12:42:36 CEST 2013
Update of /var/lib/cvs/cacert/www
In directory webdb:/home/cacert/www/www

Modified Files:
sqldump.php
Log Message:
Fix for http://bugs.cacert.org/view.php?id=1182
"Fix Deprecation messages sqldump.php"

===================================================================
RCS file: /var/lib/cvs/cacert/www/sqldump.php,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- sqldump.php 2008/04/06 19:45:02 1.5
+++ sqldump.php 2013/10/16 10:42:36 1.6
@@ -15,24 +15,24 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
02110-1301 USA
*/
- header("content-type: text/plain");
+ header("content-type: text/plain");
?>
# CAcert SQL Dump
-# version 0.0.2
+# version 0.0.3
#
# Generation Time: <?=date('r')?>
#
# Database: `cacert`
#
<?
- $tables = mysql_list_tables('cacert');
- while(list($table_name) = mysql_fetch_array($tables))
- {
- echo "#
--------------------------------------------------------\n\n";
- echo "#\n# Table structure for table `$table_name`\n#\n\n";
+ $tables = mysql_query("SHOW TABLES");
+ while(list($table_name) = mysql_fetch_array($tables))
+ {
+ echo "#
--------------------------------------------------------\n\n";
+ echo "#\n# Table structure for table `$table_name`\n#\n\n";

- echo "DROP TABLE IF EXISTS `$table_name`;\n";
- $create = mysql_fetch_assoc(mysql_query("SHOW CREATE TABLE
`cacert`.`$table_name`"));
- echo $create['Create Table'].";\n\n";
- }
+ echo "DROP TABLE IF EXISTS `$table_name`;\n";
+ $create = mysql_fetch_assoc(mysql_query("SHOW CREATE TABLE
`$table_name`"));
+ echo $create['Create Table'].";\n\n";
+ }
?>

--- End Message ---

Attachment: smime.p7s
Description: S/MIME-cryptografische ondertekening

--- End Message ---

--- Begin Message ---

• From: Wytze van der Raay <wytze AT cacert.org>
• To: cacert-systemlog AT lists.cacert.org
• Subject: Fwd: cvs.cacert.org checkin notification
• Date: Wed, 16 Oct 2013 12:48:09 +0200
• Organization: CAcert

Fix for http://bugs.cacert.org/view.php?id=1199
"arbitrary code injection"

In conjunction with the attached CVS changes a new tarball has been
made available incorporating all updates. The new tarball is available
through http://www.cacert.org/src-lic.php

-- end

--- Begin Message ---

• From: "root" <root AT cvs.cacert.org>
• To: critical-admin AT cacert.org
• Subject: cvs.cacert.org checkin notification
• Date: Wed, 16 Oct 2013 12:43:35 +0200 (CEST)

uid=0(root) gid=0(root) groups=0(root)
gpg.php 1.34 1.35
Wed Oct 16 12:43:35 CEST 2013
Update of /var/lib/cvs/cacert/www
In directory webdb:/home/cacert/www/www

Modified Files:
gpg.php
Log Message:
Fix for http://bugs.cacert.org/view.php?id=1199
"arbitrary code injection"

===================================================================
RCS file: /var/lib/cvs/cacert/www/gpg.php,v
retrieving revision 1.34
retrieving revision 1.35
diff -u -r1.34 -r1.35
--- gpg.php 2013/09/06 15:20:45 1.34
+++ gpg.php 2013/10/16 10:43:34 1.35
@@ -319,10 +319,10 @@

`keyid`='".mysql_real_escape_string($keyid)."',

`description`='".mysql_real_escape_string($description)."'";
mysql_query($query);
- $id = mysql_insert_id();
+ $insert_id = mysql_insert_id();


- $cwd = '/tmp/gpgspace'.$id;
+ $cwd = '/tmp/gpgspace'.$insert_id;
mkdir($cwd,0755);

$fp = fopen("$cwd/gpg.csr", "w");
@@ -333,7 +333,8 @@
system("gpg --homedir $cwd --import $cwd/gpg.csr");


- $gpg = trim(`gpg --homedir $cwd --with-colons
--fixed-list-mode --list-keys $keyid 2>&1`);
+ $cmd_keyid = escapeshellarg($keyid);
+ $gpg = trim(`gpg --homedir $cwd --with-colons
--fixed-list-mode --list-keys $cmd_keyid 2>&1`);
$lines = "";
$gpgarr = explode("\n", $gpg);
foreach($gpgarr as $line)
@@ -433,7 +434,8 @@

//echo "Keyid: $keyid\n";

- $process = proc_open("/usr/bin/gpg --homedir $cwd
--no-tty --command-fd 0 --status-fd 1 --logger-fd 2 --edit-key $keyid",
$descriptorspec, $pipes);
+ $cmd_keyid = escapeshellarg($keyid);
+ $process = proc_open("/usr/bin/gpg --homedir $cwd
--no-tty --command-fd 0 --status-fd 1 --logger-fd 2 --edit-key $cmd_keyid",
$descriptorspec, $pipes);

//echo "Process: $process\n";
//fputs($stderr,"Process: $process\n");
@@ -515,15 +517,16 @@
}


- $csrname=generatecertpath("csr","gpg",$id);
- $do=`gpg --homedir $cwd --batch --export-options
export-minimal --export $keyid >$csrname`;
+ $csrname=generatecertpath("csr","gpg",$insert_id);
+ $cmd_keyid = escapeshellarg($keyid);
+ $do=`gpg --homedir $cwd --batch --export-options
export-minimal --export $cmd_keyid >$csrname`;

- mysql_query("update `gpg` set `csr`='$csrname' where
`id`='$id'");
- waitForResult('gpg', $id);
+ mysql_query("update `gpg` set `csr`='$csrname' where
`id`='$insert_id'");
+ waitForResult('gpg', $insert_id);

showheader(_("Welcome to CAcert.org"));
echo $resulttable;
- $query = "select * from `gpg` where `id`='$id' and `crt`!=''";
+ $query = "select * from `gpg` where `id`='$insert_id' and
`crt`!=''";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0)
{
@@ -531,7 +534,7 @@
echo _("If this is a re-occuring problem, please send
a copy of the key you are trying to signed to
support AT cacert.org.
Thank you.");
} else {
echo "<pre>";
- readfile(generatecertpath("crt","gpg",$id));
+ readfile(generatecertpath("crt","gpg",$insert_id));
echo "</pre>";
}


--- End Message ---

Attachment: smime.p7s
Description: S/MIME-cryptografische ondertekening

--- End Message ---

--- Begin Message ---

• From: Wytze van der Raay <wytze AT cacert.org>
• To: cacert-systemlog AT lists.cacert.org
• Subject: Fwd: cvs.cacert.org checkin notification
• Date: Wed, 16 Oct 2013 12:48:50 +0200
• Organization: CAcert

Fix for http://bugs.cacert.org/view.php?id=918
"Weak keys in certificates"

In conjunction with the attached CVS changes a new tarball has been
made available incorporating all updates. The new tarball is available
through http://www.cacert.org/src-lic.php

-- end

--- Begin Message ---

• From: "root" <root AT cvs.cacert.org>
• To: critical-admin AT cacert.org
• Subject: cvs.cacert.org checkin notification
• Date: Wed, 16 Oct 2013 12:44:26 +0200 (CEST)

uid=0(root) gid=0(root) groups=0(root)
check_weak_key.php 1.1 1.2
Wed Oct 16 12:44:26 CEST 2013
Update of /var/lib/cvs/cacert/includes/lib
In directory webdb:/home/cacert/www/includes/lib

Modified Files:
check_weak_key.php
Log Message:
Fix for http://bugs.cacert.org/view.php?id=918
"Weak keys in certificates"

===================================================================
RCS file: /var/lib/cvs/cacert/includes/lib/check_weak_key.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- check_weak_key.php 2012/10/31 10:03:10 1.1
+++ check_weak_key.php 2013/10/16 10:44:26 1.2
@@ -137,7 +137,7 @@
$keysize = intval($keysize[1]);
}

- if ($keysize < 1024)
+ if ($keysize < 2048)
{
return sprintf(_("The keys that you use are very
small ".
"and therefore insecure.
Please generate stronger ".
@@ -145,11 +145,6 @@
"found in %sthe wiki%s"),
"<a
href='//wiki.cacert.org/WeakKeys#SmallKey'>",
"</a>");
- } elseif ($keysize < 2048) {
- // not critical but log so we have some statistics
about
- // affected users
- trigger_error("checkWeakKeyText(): Certificate for
small ".
- "key (< 2048 bit) requested",
E_USER_NOTICE);
}



--- End Message ---

--- Begin Message ---

• From: "root" <root AT cvs.cacert.org>
• To: critical-admin AT cacert.org
• Subject: cvs.cacert.org checkin notification
• Date: Wed, 16 Oct 2013 12:44:30 +0200 (CEST)

uid=0(root) gid=0(root) groups=0(root)
keygen.php 1.1 1.2
Wed Oct 16 12:44:30 CEST 2013
Update of /var/lib/cvs/cacert/includes
In directory webdb:/home/cacert/www/includes

Modified Files:
keygen.php
Log Message:
Fix for http://bugs.cacert.org/view.php?id=918
"Weak keys in certificates"

===================================================================
RCS file: /var/lib/cvs/cacert/includes/keygen.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- keygen.php 2013/02/27 10:30:41 1.1
+++ keygen.php 2013/10/16 10:44:30 1.2
@@ -75,7 +75,7 @@
<p style="color:red"><?php
printf(_('Please note that RSA key sizes
smaller than %d bit '.
'will not be accepted by CAcert.'),
- 1024)?>
+ 2048)?>
</p>
</fieldset>


--- End Message ---

Attachment: smime.p7s
Description: S/MIME-cryptografische ondertekening

--- End Message ---

Attachment: smime.p7s
Description: S/MIME-cryptografische ondertekening