SPECS: gallery.spec - updated to 1.5.2, fixes cross-site scripting...

glen glen at pld-linux.org
Fri Jan 27 01:22:05 CET 2006 

Author: glen                         Date: Fri Jan 27 00:22:05 2006 GMT
Module: SPECS                         Tag: HEAD
---- Log message:
- updated to 1.5.2, fixes cross-site scripting vulnerability
- webapps support
- created -setup subpackage
- STBR

---- Files affected:
SPECS:
   gallery.spec (1.32 -> 1.33) 

---- Diffs:

================================================================
Index: SPECS/gallery.spec
diff -u SPECS/gallery.spec:1.32 SPECS/gallery.spec:1.33
--- SPECS/gallery.spec:1.32	Wed Dec 21 11:53:57 2005
+++ SPECS/gallery.spec	Fri Jan 27 01:22:00 2006
@@ -1,22 +1,32 @@
 # $Revision$, $Date$
-
-Summary:	Web based photo album viewer and creator.
+Summary:	Web based photo album viewer and creator
 Summary(pl):	Przeglądarka i generator albumów zdjęć w postaci stron WWW
 Name:		gallery
-Version:	1.5.1
+Version:	1.5.2
 Release:	1
 License:	GPL
 Group:		Applications/Publishing
-Source0:	http://dl.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
-# Source0-md5:	18a5115456406b6c56726242aadd45cc
-Source1:	http://dl.sourceforge.net/%{name}/pl_PL-%{version}.tar.gz
+Source0:	http://dl.sourceforge.net/gallery/%{name}-%{version}.tar.gz
+# Source0-md5:	6156b335a712d5515c3cc84c6bcd77da
+Source1:	http://dl.sourceforge.net/gallery/pl_PL-1.5.1.tar.gz
 # Source1-md5:	efe8e359041c2c07463132ad0f7a8bea
+Source2:	%{name}-apache.conf
+Patch0:		%{name}-PLD.patch
 URL:		http://gallery.sourceforge.net/
+BuildRequires:	rpmbuild(macros) >= 1.268
+Requires:	webapps
+Requires:	php-gettext
+Requires:	php >= 3:4.1.0
+#Suggests:	apache(mod_rewrite)
+#Suggests:	jhead
+#Suggests:	jpegtran
 BuildArch:	noarch
-Requires:	webserver
 BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 
-%define	gallerydir	/home/services/httpd/html/gallery
+%define		_webapps	/etc/webapps
+%define		_webapp		%{name}
+%define		_sysconfdir	%{_webapps}/%{_webapp}
+%define		_appdir	%{_datadir}/%{_webapp}
 
 %description
 Gallery is a photo album that includes a config wizard and lets users
@@ -32,47 +42,112 @@
 miniatur, zmianę wielkości obrazów, obrót, zmianę kolejności
 wyświetlania, itp. Albumy mogą posiadać indywidualne uprawnienia.
 
+%package setup
+Summary:	Gallery setup package
+Summary(pl):	Pakiet do wstępnej konfiguracji Gallery
+Group:		Applications/WWW
+Requires:	%{name} = %{version}-%{release}
+
+%description setup
+Install this package to configure initial Gallery installation. You
+should uninstall this package when you're done, as it considered
+insecure to keep the setup files in place.
+
+%description setup -l pl
+Ten pakiet należy zainstalować w celu wstępnej konfiguracGallery Eventum po
+pierwszej instalacji. Potem należy go odinstalować, jako że
+pozostawienie plików instalacyjnych mogłoby być niebezpieczne.
+
 %prep
-%setup -q -a1 -n %{name}
+%setup -q -n %{name}
+%patch0 -p1
+
+tar zxf %{SOURCE1} -C locale
+rm -f LICENSE.txt *.bat
+cat > config.conf <<'EOF'
+Alias /gallery %{_appdir}
+<Directory %{_appdir}>
+	allow from all
+</Directory>
+EOF
 
 %install
 rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT%{gallerydir}
+install -d $RPM_BUILD_ROOT{%{_appdir},%{_sysconfdir},/var/lib/gallery/albums}
 
-rm -f LICENSE.txt *.bat
-mv pl_PL locale
-cp -R * $RPM_BUILD_ROOT%{gallerydir}
+cp -a *.{php,inc,sh} $RPM_BUILD_ROOT%{_appdir}
+cp -a classes contrib css docs help html html_wrap images $RPM_BUILD_ROOT%{_appdir}
+cp -a includes java js layout lib locale platform po skins tools $RPM_BUILD_ROOT%{_appdir}
+# in /var because of setup/resetadmin file
+cp -a setup $RPM_BUILD_ROOT/var/lib/gallery
+ln -s /var/lib/gallery/setup $RPM_BUILD_ROOT%{_appdir}
+rm -f $RPM_BUILD_ROOT%{_appdir}/{AUTHORS,ChangeLog*,README}
+
+install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/apache.conf
+install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/httpd.conf
+touch $RPM_BUILD_ROOT%{_sysconfdir}/config.php
+touch $RPM_BUILD_ROOT%{_sysconfdir}/htaccess
+ln -s %{_sysconfdir}/htaccess $RPM_BUILD_ROOT%{_appdir}/.htaccess
 
 %clean
 rm -rf $RPM_BUILD_ROOT
 
+%triggerin -- apache1
+%webapp_register apache %{_webapp}
+
+%triggerun -- apache1
+%webapp_unregister apache %{_webapp}
+
+%triggerin -- apache >= 2.0.0
+%webapp_register httpd %{_webapp}
+
+%triggerun -- apache >= 2.0.0
+%webapp_unregister httpd %{_webapp}
+
+%triggerpostun -- %{name} < 1.5.2-0.13
+/usr/sbin/webapp register httpd %{_webapp}
+%service -q httpd reload
+
 %files
 %defattr(644,root,root,755)
-%doc AUTHORS ChangeLog README
-%dir %{gallerydir}
-%attr(755,root,root) %{gallerydir}/*.sh
-%{gallerydir}/*.php
-%{gallerydir}/*.inc
-%{gallerydir}/classes
-%{gallerydir}/contrib
-%{gallerydir}/css
-%{gallerydir}/docs
-%{gallerydir}/html*
-%{gallerydir}/images
-%{gallerydir}/includes
-%{gallerydir}/java
-%{gallerydir}/js
-%{gallerydir}/layout
-%{gallerydir}/lib
-%{gallerydir}/platform
-%{gallerydir}/po
-%{gallerydir}/setup
-%{gallerydir}/skins
-%{gallerydir}/tools
-
-%dir %{gallerydir}/locale
-%{gallerydir}/locale/en_US
-%lang(pl) %{gallerydir}/locale/pl_PL
+%doc AUTHORS ChangeLog* README
+%dir %attr(750,root,http) %{_sysconfdir}
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/apache.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/httpd.conf
+%attr(640,root,http) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/config.php
+%attr(640,root,http) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/htaccess
+%dir %{_appdir}
+%dir /var/lib/gallery
+%dir %attr(770,root,http) /var/lib/gallery/albums
+%{_appdir}/.htaccess
+%{_appdir}/*.php
+%{_appdir}/*.inc
+%{_appdir}/classes
+%{_appdir}/contrib
+%{_appdir}/css
+%{_appdir}/docs
+%{_appdir}/html*
+%{_appdir}/help
+%{_appdir}/images
+%{_appdir}/includes
+%{_appdir}/java
+%{_appdir}/js
+%{_appdir}/layout
+%{_appdir}/lib
+%{_appdir}/platform
+%{_appdir}/po
+%{_appdir}/skins
+%{_appdir}/tools
+
+%dir %{_appdir}/locale
+%{_appdir}/locale/en_US
+%lang(pl) %{_appdir}/locale/pl_PL
+
+%files setup
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_appdir}/*.sh
+%{_appdir}/setup
+/var/lib/gallery/setup
 
 %define date	%(echo `LC_ALL="C" date +"%a %b %d %Y"`)
 %changelog
@@ -80,6 +155,12 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.33  2006/01/27 00:22:00  glen
+- updated to 1.5.2, fixes cross-site scripting vulnerability
+- webapps support
+- created -setup subpackage
+- STBR
+
 Revision 1.32  2005/12/21 10:53:57  blekot
 - up to 1.5.1
 - TODO done (bug seems to be fixed in this version)
@@ -117,4 +198,3 @@
 
 Revision 1.23  2003/12/22 18:25:10  grzegol
 - photo album instead of image viewer (dead project)
-
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/SPECS/gallery.spec?r1=1.32&r2=1.33&f=u

More information about the pld-cvs-commit mailing list