SPECS: drupal.spec - 4.6.8; resolves SA-2006-007, SA-2006-008

glen glen at pld-linux.org
Fri Jun 2 14:06:11 CEST 2006


Author: glen                         Date: Fri Jun  2 12:06:11 2006 GMT
Module: SPECS                         Tag: HEAD
---- Log message:
- 4.6.8; resolves SA-2006-007, SA-2006-008

---- Files affected:
SPECS:
   drupal.spec (1.61 -> 1.62) 

---- Diffs:

================================================================
Index: SPECS/drupal.spec
diff -u SPECS/drupal.spec:1.61 SPECS/drupal.spec:1.62
--- SPECS/drupal.spec:1.61	Mon May 29 22:16:07 2006
+++ SPECS/drupal.spec	Fri Jun  2 14:06:06 2006
@@ -1,15 +1,15 @@
 # $Revision$, $Date$
 %define		_ver		4.6
-%define		_patchlevel	7
+%define		_patchlevel	8
 Summary:	Open source content management platform
 Summary(pl):	Platforma do zarządzania treścią o otwartych źródłach
 Name:		drupal
 Version:	%{_ver}.%{_patchlevel}
-Release:	3
+Release:	1
 License:	GPL
 Group:		Applications/WWW
 Source0:	http://drupal.org/files/projects/%{name}-%{version}.tar.gz
-# Source0-md5:	8c15ded4450a1afcf0c5b6593dc74541
+# Source0-md5:	ffc5bf145f7cb6bb56fb50396cc76dd2
 Source1:	%{name}.conf
 Source2:	%{name}.cron
 Source3:	%{name}.PLD
@@ -312,14 +312,31 @@
 	%service -q apache reload
 fi
 
-%triggerpostun -- %{name} < 4.6.7-2.6
-grep -c This_is_a_Drupal_security_line_do_not_remove \
+%triggerpostun -- %{name} < 4.6.8-0.5
+grep -l 'This_is_a_Drupal_security_line_do_not_remove' \
+%{_sysconfdir}/apache.conf %{_sysconfdir}/httpd.conf \
+| xargs -r \
+sed -i -e '
+/This_is_a_Drupal_security_line_do_not_remove/{
+	d
+	n
+	a\	SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
+	a\	Options None
+	a\	<IfModule mod_rewrite.c>
+	a\	\	RewriteEngine off
+	a\	</IfModule>
+}'
+egrep -c 'Drupal_Security_Do_Not_Remove_See_SA_2006_006' \
 %{_sysconfdir}/apache.conf %{_sysconfdir}/httpd.conf \
 | awk -F: '/:0/{print $1}' | xargs -r \
 sed -i -e '
 /<Directory \/var\/lib\/drupal>/{
 	n
-	a\	SetHandler This_is_a_Drupal_security_line_do_not_remove
+	a\	SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
+	a\	Options None
+	a\	<IfModule mod_rewrite.c>
+	a\	\	RewriteEngine off
+	a\	</IfModule>
 }'
 [ ! -L /etc/httpd/webapps.d/drupal.conf ] || %service -q httpd reload
 [ ! -L /etc/apache/webapps.d/drupal.conf ] || %service -q apache reload
@@ -393,6 +410,9 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.62  2006/06/02 12:06:06  glen
+- 4.6.8; resolves SA-2006-007, SA-2006-008
+
 Revision 1.61  2006/05/29 20:16:07  glen
 - add trigger for DRUPAL-SA-2006-006 (suggested by blues); rel 3
 
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/SPECS/drupal.spec?r1=1.61&r2=1.62&f=u



More information about the pld-cvs-commit mailing list