packages: viewvc/viewvc.spec, viewvc/viewvc-httpd.conf (NEW) - up to 1.1.5 ...

Fri Apr 30 21:37:54 CEST 2010

Author: zawadaa                      Date: Fri Apr 30 19:37:54 2010 GMT
Module: packages                      Tag: HEAD
---- Log message:
- up to 1.1.5 security fix: - XSS attack
- ci forgotten http config file

---- Files affected:
packages/viewvc:
   viewvc.spec (1.19 -> 1.20) , viewvc-httpd.conf (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/viewvc/viewvc.spec
diff -u packages/viewvc/viewvc.spec:1.19 packages/viewvc/viewvc.spec:1.20

--- packages/viewvc/viewvc.spec:1.19	Fri Mar 19 00:17:10 2010
+++ packages/viewvc/viewvc.spec	Fri Apr 30 21:37:48 2010
@@ -2,12 +2,12 @@
 Summary:	Browser interface for CVS and Subversion version control repositories
 Summary(pl.UTF-8):	Interfejs przeglądarki do repozytoriów systemów kontroli wersji CVS i Subversion
 Name:		viewvc
-Version:	1.1.4
+Version:	1.1.5
 Release:	0.1
 License:	BSD
 Group:		Applications/WWW
 Source0:	http://www.viewvc.org/%{name}-%{version}.tar.gz
-# Source0-md5:	af1057d9128b983f4e905615b84486a3
+# Source0-md5:	da7bbcf6800383ebb23405a064c6faf8
 Source1:	%{name}-httpd.conf
 URL:		http://www.viewvc.org/
 BuildRequires:	python-modules
@@ -299,6 +299,10 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.20  2010/04/30 19:37:48  zawadaa
+- up to 1.1.5 security fix: - XSS attack
+- ci forgotten http config file
+
 Revision 1.19  2010/03/18 23:17:10  zawadaa
 - up to 1.1.4
 - security fix: escape user-provided query form input to avoid XSS attack.

================================================================
Index: packages/viewvc/viewvc-httpd.conf
diff -u /dev/null packages/viewvc/viewvc-httpd.conf:1.1
--- /dev/null	Fri Apr 30 21:37:54 2010
+++ packages/viewvc/viewvc-httpd.conf	Fri Apr 30 21:37:49 2010
@@ -0,0 +1,34 @@
+<Directory /usr/share/viewvc>
+    AllowOverride None
+    Options +FollowSymlinks
+    Allow from all
+</Directory>
+
+# Version1 (default): under /cgi-bin/viewvc.cgi address
+ScriptAlias /cgi-bin/viewvc.cgi /usr/share/viewvc/bin/cgi/viewvc.cgi
+ScriptAlias /cgi-bin/viewvc-query.cgi /usr/share/viewvc/bin/cgi/query.cgi
+
+# if using apache2 mod_python:
+# Alias /viewvc	/usr/share/viewvc/bin/mod_python
+# <Location /viewvc>
+#    Allow from all
+#	<IfModule mod_python.c>
+#		AddHandler mod_python .py
+#		PythonPath "sys.path+['/usr/share/viewvc/bin/mod_python']"
+#		PythonHandler handler
+#		PythonDebug Off
+#	</IfModule>
+# </Location>
+
+# Version 2: viewvc as handler to whole vhost:
+#<VirtualHost *:80>
+#   ServerName cvs
+#
+#   Alias /viewvc/ /usr/share/viewvc
+#   DocumentRoot /usr/share/viewvc/bin/cgi/viewvc.cgi
+#   <Location />
+#       Options ExecCGI
+#       Allow from all
+#   </Location>
+#</VirtualHost>
+
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/viewvc/viewvc.spec?r1=1.19&r2=1.20&f=u

