[phpldapadmin/el5] upgrade to 1.2.2
Dmitry Butskoy
buc at fedoraproject.org
Tue Sep 18 13:52:30 UTC 2012
commit 64a7d28489c1eaf4f47845d6e35b6e84225640ab
Author: Dmitry Butskoy <Dmitry at Butskoy.name>
Date: Tue Sep 18 17:51:57 2012 +0400
upgrade to 1.2.2
phpldapadmin-1.0.1-masort.patch | 13 -----
phpldapadmin-1.0.2-config.patch | 48 ------------------
phpldapadmin-1.2.1.1-config.patch | 40 +++++++++++++++
phpldapadmin.spec | 97 ++++++++++++++++++++++++++++++-------
sources | 2 +-
5 files changed, 121 insertions(+), 79 deletions(-)
---
diff --git a/phpldapadmin-1.2.1.1-config.patch b/phpldapadmin-1.2.1.1-config.patch
new file mode 100644
index 0000000..b39a602
--- /dev/null
+++ b/phpldapadmin-1.2.1.1-config.patch
@@ -0,0 +1,40 @@
+diff -Nrbu phpldapadmin-1.2.1.1/config/config.php phpldapadmin-1.2.1.1-OK/config/config.php
+--- phpldapadmin-1.2.1.1/config/config.php 2011-07-22 19:48:38.000000000 +0400
++++ phpldapadmin-1.2.1.1-OK/config/config.php 2011-07-22 19:52:24.000000000 +0400
+@@ -76,6 +76,11 @@
+ 30 seconds or the setting of max_exection_time if this is null. */
+ // $config->custom->session['timelimit'] = 30;
+
++// $config->custom->appearance['show_clear_password'] = false;
++
++// $config->custom->search['size_limit'] = 50;
++# $config->custom->search['size_limit'] = 1000;
++
+ /* Our local timezone
+ This is to make sure that when we ask the system for the current time, we
+ get the right local time. If this is not set, all time() calculations will
+@@ -279,7 +284,7 @@
+
+ /* A convenient name that will appear in the tree viewer and throughout
+ phpLDAPadmin to identify this LDAP server to users. */
+-$servers->setValue('server','name','My LDAP Server');
++$servers->setValue('server','name','Local LDAP Server');
+
+ /* Examples:
+ 'ldap.example.com',
+@@ -373,6 +378,7 @@
+ /* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
+ blowfish, crypt or leave blank for now default algorithm. */
+ // $servers->setValue('appearance','password_hash','md5');
++$servers->setValue('appearance','password_hash','');
+
+ /* If you specified 'cookie' or 'session' as the auth_type above, you can
+ optionally specify here an attribute to use when logging in. If you enter
+@@ -382,6 +388,7 @@
+ your LDAP server requires you to login to perform searches, you can enter the
+ DN to use when searching in 'bind_id' and 'bind_pass' above. */
+ // $servers->setValue('login','attr','dn');
++$servers->setValue('login','attr','uid');
+
+ /* Base DNs to used for logins. If this value is not set, then the LDAP server
+ Base DNs are used. */
diff --git a/phpldapadmin.spec b/phpldapadmin.spec
index 00e0c8a..ee08269 100644
--- a/phpldapadmin.spec
+++ b/phpldapadmin.spec
@@ -1,17 +1,23 @@
+%define git_commit bbedf1
+
Name: phpldapadmin
Summary: Web-based tool for managing LDAP servers
-Version: 1.0.2
-Release: 1%{?dist}
+Version: 1.2.2
+Release: 3.git%{git_commit}%{?dist}
Group: Applications/Internet
-License: GPL
+License: GPLv2+
URL: http://phpldapadmin.sourceforge.net
-Source: http://dl.sourceforge.net/sourceforge/phpldapadmin/phpldapadmin-%{version}.tar.gz
-Patch0: phpldapadmin-1.0.2-config.patch
-Patch1: phpldapadmin-1.0.1-masort.patch
+
+# git clone git://git.code.sf.net/p/phpldapadmin/code phpldapadmin-code
+# mv phpldapadmin-code phpldapadmin-%{version}
+# tar -cvf - phpldapadmin-%{version} | gzip -c -9 >phpldapadmin-%{version}-%{git_commit}.tgz
+Source: http://dl.sourceforge.net/sourceforge/phpldapadmin/phpldapadmin-%{version}-%{git_commit}.tgz
+
+Patch0: phpldapadmin-1.2.1.1-config.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: noarch
-Requires: httpd, php >= 5.0.6, php-ldap
+Requires: webserver, php >= 5.0.6, php-ldap
%description
@@ -38,12 +44,11 @@ access by remote web-clients.
cp config/config.php.example config/config.php
%patch0 -p1
-%patch1 -p1
%build
-find . \( -name "*.orig" -o -name "*~" -o -name .cvsignore \) -print0 | \
+find . \( -name "*.orig" -o -name "*~" -o -name .gitignore \) -print0 | \
xargs -0 rm -f
find . -type f -print0 | xargs -0 chmod -x
@@ -56,7 +61,7 @@ cp -a * $RPM_BUILD_ROOT%{_datadir}/%{name}
pushd $RPM_BUILD_ROOT%{_datadir}/%{name}
-rm -rf doc/ INSTALL LICENSE
+rm -rf doc/ INSTALL LICENSE config/config.php.example
rm -rf tools/
find locale -name "*.po" -print0 | xargs -0 rm -f
popd
@@ -67,7 +72,9 @@ install -d -m755 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}
mv $RPM_BUILD_ROOT%{_datadir}/%{name}/config/* \
$RPM_BUILD_ROOT%{_sysconfdir}/%{name}
rmdir $RPM_BUILD_ROOT%{_datadir}/%{name}/config
-ln -s ../../../..%{_sysconfdir}/%{name} \
+
+UPS=$(echo %{_datadir}/%{name} | sed -e 's,^/,,' -e 's,[^/]*,..,g')
+ln -s $UPS%{_sysconfdir}/%{name} \
$RPM_BUILD_ROOT%{_datadir}/%{name}/config
cat <<EOF >%{name}.conf
@@ -82,6 +89,7 @@ Alias /ldapadmin %{_datadir}/%{name}/htdocs
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
+ Allow from ::1
</Directory>
EOF
@@ -97,7 +105,10 @@ rm -rf $RPM_BUILD_ROOT
%post
if [ $1 -eq 1 ]; then
set @@@ `dd bs=128 count=1 </dev/urandom 2>/dev/null | md5sum`
- sed -i -e "/session\['blowfish'\] = '';/ s/'';/'$2'; # Autogenerated for `uname -n`/" %{_sysconfdir}/%{name}/config.php
+ sed -i "/session\['blowfish'\] = null;/ {
+ s/^[^\$]*\\\$/\$/
+ s/null;/'$2'; # Autogenerated for `uname -n`/
+ }" %{_sysconfdir}/%{name}/config.php
fi
@@ -105,16 +116,68 @@ fi
%defattr(-,root,root,-)
%config %dir %{_sysconfdir}/%{name}
%attr(640,root,apache) %config(noreplace) %{_sysconfdir}/%{name}/*.php
-%{_sysconfdir}/%{name}/*.example
%config(noreplace) %{_sysconfdir}/httpd/conf.d/*.conf
%{_datadir}/%{name}
-%doc INSTALL LICENSE
+%doc INSTALL LICENSE config/config.php.example
%changelog
-* Wed Oct 26 2011 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.0.2-1
-- fix #748539 (CVE-2011-4075)
-- update to 1.0.2
+* Tue Sep 18 2012 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.2-3.gitbbedf1
+- update to latest git source (CVE-2012-1114, CVE-2012-1115, #799873)
+
+* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Thu Feb 2 2012 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.2-1
+- update to 1.2.2
+- fix CVE-2012-0834 (#786821, patch from upstream)
+
+* Sat Jan 14 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.1.1-3.20111006git
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Tue Oct 25 2011 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.1.1-2.20111006git
+- update to the latest git #cddf783 to fix security issues
+ (XSS and code injection vulnerabilities, #748538)
+
+* Fri Jul 22 2011 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.1.1-1
+- update to 1.2.1.1
+
+* Wed Feb 09 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.0.5-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Thu Sep 23 2010 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.0.5-2
+- add patches from Patrick Monnerat <pm at datasphere.ch>:
+ * fix typo (close comment) in config file (#628067)
+ * avoid php-5.3 deprecation errors (#628061)
+ * fix add of parent class attributes (#628060)
+
+* Mon Mar 29 2010 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.0.5-1
+- update to 1.2.0.5
+
+* Fri Nov 20 2009 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.0.4-1
+- update to 1.2.0.4
+- allow local IPv6 address by default as well (#539272)
+
+* Wed Sep 16 2009 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.0.3-1
+- Upgrade to 1.2.0.3 (#523477)
+
+* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.1.0.7-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Thu Apr 9 2009 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.1.0.7-1
+- update to 1.1.0.7
+
+* Fri Sep 26 2008 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.1.0.5-2
+- update config patch
+
+* Wed Feb 13 2008 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.1.0.5-1
+- upgrade to 1.1.0.5
+
+* Fri Aug 17 2007 Dmitry Butskoy <Dmitry at Butskoy.name>
+- Change License tag to GPLv2+
+ (Note: most files do not specify any license information at all,
+ which could lead just to "GPL+", but some lib/ files specify
+ "GPLv2 or any later" explicitly, hence GPLv2+ wins).
* Tue Sep 19 2006 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.0.1-1
- upgrade to 1.0.1
diff --git a/sources b/sources
index 33ea7dc..eaea0e3 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-316b917d8abe1b37603c49b61b068bd0 phpldapadmin-1.0.2.tar.gz
+5cc3844ad158c195b3f5a6a4f7e31b4d phpldapadmin-1.2.2-bbedf1.tgz
More information about the scm-commits
mailing list