SPECS: mantis.spec - patch from gentoo (debian): SQL injection and...
glen
glen at pld-linux.org
Sat Sep 24 15:29:13 CEST 2005
Author: glen Date: Sat Sep 24 13:29:13 2005 GMT
Module: SPECS Tag: HEAD
---- Log message:
- patch from gentoo (debian): SQL injection and XSS (CAN-2005-255{6-7})
---- Files affected:
SPECS:
mantis.spec (1.23 -> 1.24)
---- Diffs:
================================================================
Index: SPECS/mantis.spec
diff -u SPECS/mantis.spec:1.23 SPECS/mantis.spec:1.24
--- SPECS/mantis.spec:1.23 Sat Sep 24 15:14:26 2005
+++ SPECS/mantis.spec Sat Sep 24 15:29:07 2005
@@ -4,19 +4,20 @@
#
# TODO
# - security http://security.gentoo.org/glsa/glsa-200509-16.xml
+# - put admin/ dir to separate -setup package which can be installed only at first time install
Summary: The Mantis bug tracker
Summary(pl): Mantis - system kontroli błędów
Name: mantis
-# %%define sub_ver rc1
Version: 0.19.2
-Release: 1.4
+Release: 1.5
License: GPL
Group: Development/Tools
Source0: http://dl.sourceforge.net/mantisbt/%{name}-%{version}.tar.gz
# Source0-md5: 042c42c6de3bc536181391c1e9b25db3
Source1: %{name}-doc-PLD.tar.gz
Source2: %{name}.conf
+Patch0: %{name}-debian.patch
URL: http://mantisbt.sourceforge.net/
BuildRequires: rpmbuild(macros) >= 1.226
Requires(triggerpostun): sed >= 4.0
@@ -39,9 +40,11 @@
MySQL oraz PHP.
%prep
-%setup -q -c -a1
+%setup -q -a1
+%patch0 -p1
find . -type d -name CVS | xargs rm -rf
find . -type f -name .cvsignore | xargs rm -rf
+find '(' -name '*~' -o -name '*.orig' ')' | xargs -r rm -v
%build
@@ -49,10 +52,9 @@
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT{%{_mantisdir}/doc,%{_sysconfdir}}
-cp -af mantis-%{version}/{*.php,admin,core,css,graphs,images,javascript,lang,sql} $RPM_BUILD_ROOT%{_mantisdir}
-# cp -af mantis-%{version}/doc/faq.* $RPM_BUILD_ROOT%{_mantisdir}/doc/
+cp -af {*.php,admin,core,css,graphs,images,javascript,lang,sql} $RPM_BUILD_ROOT%{_mantisdir}
-sed -e 's/root/mysql/g' mantis-%{version}/config_inc.php.sample > $RPM_BUILD_ROOT%{_sysconfdir}/config.php
+sed -e 's/root/mysql/g' config_inc.php.sample > $RPM_BUILD_ROOT%{_sysconfdir}/config.php
ln -s %{_sysconfdir}/config.php $RPM_BUILD_ROOT%{_mantisdir}/config_inc.php
mv $RPM_BUILD_ROOT{%{_mantisdir}/config_defaults_inc.php,%{_sysconfdir}/config_defaults.php}
@@ -123,7 +125,7 @@
%files
%defattr(644,root,root,755)
-%doc mantis-%{version}/doc/{CREDITS,CUSTOMIZATION,ChangeLog,INSTALL,README,UPGRADING}
+%doc doc/{CREDITS,CUSTOMIZATION,ChangeLog,INSTALL,README,UPGRADING}
%doc PLD*
%attr(750,root,http) %dir %{_sysconfdir}
%attr(640,root,http) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/config.php
@@ -171,6 +173,9 @@
All persons listed below can be reached at <cvs_login>@pld-linux.org
$Log$
+Revision 1.24 2005/09/24 13:29:07 glen
+- patch from gentoo (debian): SQL injection and XSS (CAN-2005-255{6-7})
+
Revision 1.23 2005/09/24 13:14:26 glen
- removed unneccessary deps
- use apache config install triggers
@@ -197,7 +202,7 @@
- SECURITY note (for future upgrade...)
Revision 1.16 2004/08/20 08:15:27 troll
-- s@/etc@%%{_sysconfdir}@g
+- s@/etc@%{_sysconfdir}@g
- description cosmetics
Revision 1.15 2004/08/20 07:04:51 ciesiel
@@ -240,7 +245,7 @@
Revision 1.3 2003/06/30 11:34:15 ankry
- some fixes by Marek Ciesielski <marekc at klub.chip.pl>
- sync English description with Polish one
-- slightly modified %%post
+- slightly modified %post
Revision 1.2 2003/06/28 14:55:39 qboosh
- removed preun (customized config file shouldn't be removed!)
================================================================
---- CVS-web:
http://cvs.pld-linux.org/SPECS/mantis.spec?r1=1.23&r2=1.24&f=u
More information about the pld-cvs-commit
mailing list