[phpldapadmin/el5] upgrade to 1.2.2

Dmitry Butskoy buc at fedoraproject.org
Tue Sep 18 13:52:30 UTC 2012 

commit 64a7d28489c1eaf4f47845d6e35b6e84225640ab
Author: Dmitry Butskoy <Dmitry at Butskoy.name>
Date:   Tue Sep 18 17:51:57 2012 +0400

    upgrade to 1.2.2

 phpldapadmin-1.0.1-masort.patch   |   13 -----
 phpldapadmin-1.0.2-config.patch   |   48 ------------------
 phpldapadmin-1.2.1.1-config.patch |   40 +++++++++++++++
 phpldapadmin.spec                 |   97 ++++++++++++++++++++++++++++++-------
 sources                           |    2 +-
 5 files changed, 121 insertions(+), 79 deletions(-)
---
diff --git a/phpldapadmin-1.2.1.1-config.patch b/phpldapadmin-1.2.1.1-config.patch
new file mode 100644
index 0000000..b39a602
--- /dev/null
+++ b/phpldapadmin-1.2.1.1-config.patch
@@ -0,0 +1,40 @@
+diff -Nrbu phpldapadmin-1.2.1.1/config/config.php phpldapadmin-1.2.1.1-OK/config/config.php
+--- phpldapadmin-1.2.1.1/config/config.php	2011-07-22 19:48:38.000000000 +0400
++++ phpldapadmin-1.2.1.1-OK/config/config.php	2011-07-22 19:52:24.000000000 +0400
+@@ -76,6 +76,11 @@
+    30 seconds or the setting of max_exection_time if this is null. */
+ // $config->custom->session['timelimit'] = 30;
+ 
++// $config->custom->appearance['show_clear_password'] = false;
++
++// $config->custom->search['size_limit'] = 50;
++#  $config->custom->search['size_limit'] = 1000;
++
+ /* Our local timezone
+    This is to make sure that when we ask the system for the current time, we
+    get the right local time. If this is not set, all time() calculations will
+@@ -279,7 +284,7 @@
+ 
+ /* A convenient name that will appear in the tree viewer and throughout
+    phpLDAPadmin to identify this LDAP server to users. */
+-$servers->setValue('server','name','My LDAP Server');
++$servers->setValue('server','name','Local LDAP Server');
+ 
+ /* Examples:
+    'ldap.example.com',
+@@ -373,6 +378,7 @@
+ /* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
+    blowfish, crypt or leave blank for now default algorithm. */
+ // $servers->setValue('appearance','password_hash','md5');
++$servers->setValue('appearance','password_hash','');
+ 
+ /* If you specified 'cookie' or 'session' as the auth_type above, you can
+    optionally specify here an attribute to use when logging in. If you enter
+@@ -382,6 +388,7 @@
+    your LDAP server requires you to login to perform searches, you can enter the
+    DN to use when searching in 'bind_id' and 'bind_pass' above. */
+ // $servers->setValue('login','attr','dn');
++$servers->setValue('login','attr','uid');
+ 
+ /* Base DNs to used for logins. If this value is not set, then the LDAP server
+    Base DNs are used. */
diff --git a/phpldapadmin.spec b/phpldapadmin.spec
index 00e0c8a..ee08269 100644
--- a/phpldapadmin.spec
+++ b/phpldapadmin.spec
@@ -1,17 +1,23 @@
+%define git_commit	bbedf1
+
 Name: phpldapadmin
 Summary: Web-based tool for managing LDAP servers
-Version: 1.0.2
-Release: 1%{?dist}
+Version: 1.2.2
+Release: 3.git%{git_commit}%{?dist}
 Group: Applications/Internet
-License: GPL
+License: GPLv2+
 URL: http://phpldapadmin.sourceforge.net
-Source: http://dl.sourceforge.net/sourceforge/phpldapadmin/phpldapadmin-%{version}.tar.gz
-Patch0: phpldapadmin-1.0.2-config.patch
-Patch1: phpldapadmin-1.0.1-masort.patch
+
+# git clone git://git.code.sf.net/p/phpldapadmin/code phpldapadmin-code
+# mv phpldapadmin-code phpldapadmin-%{version}
+# tar -cvf - phpldapadmin-%{version} | gzip -c -9 >phpldapadmin-%{version}-%{git_commit}.tgz
+Source: http://dl.sourceforge.net/sourceforge/phpldapadmin/phpldapadmin-%{version}-%{git_commit}.tgz
+
+Patch0: phpldapadmin-1.2.1.1-config.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildArch: noarch
-Requires: httpd, php >= 5.0.6, php-ldap
+Requires: webserver, php >= 5.0.6, php-ldap
 
 
 %description
@@ -38,12 +44,11 @@ access by remote web-clients.
 cp config/config.php.example config/config.php
 
 %patch0 -p1
-%patch1 -p1
 
 
 %build
 
-find . \( -name "*.orig" -o -name "*~" -o -name .cvsignore \) -print0 | \
+find . \( -name "*.orig" -o -name "*~" -o -name .gitignore \) -print0 | \
 								xargs -0 rm -f
 find . -type f -print0 | xargs -0 chmod -x
 
@@ -56,7 +61,7 @@ cp -a * $RPM_BUILD_ROOT%{_datadir}/%{name}
 
 
 pushd $RPM_BUILD_ROOT%{_datadir}/%{name}
-rm -rf doc/ INSTALL LICENSE
+rm -rf doc/ INSTALL LICENSE config/config.php.example
 rm -rf tools/
 find locale -name "*.po" -print0 | xargs -0 rm -f
 popd
@@ -67,7 +72,9 @@ install -d -m755 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}
 mv $RPM_BUILD_ROOT%{_datadir}/%{name}/config/* \
 	$RPM_BUILD_ROOT%{_sysconfdir}/%{name}
 rmdir $RPM_BUILD_ROOT%{_datadir}/%{name}/config
-ln -s ../../../..%{_sysconfdir}/%{name} \
+
+UPS=$(echo %{_datadir}/%{name} | sed -e 's,^/,,' -e 's,[^/]*,..,g')
+ln -s $UPS%{_sysconfdir}/%{name} \
 	$RPM_BUILD_ROOT%{_datadir}/%{name}/config
 
 cat <<EOF >%{name}.conf
@@ -82,6 +89,7 @@ Alias /ldapadmin %{_datadir}/%{name}/htdocs
   Order Deny,Allow
   Deny from all
   Allow from 127.0.0.1
+  Allow from ::1
 </Directory>
 
 EOF
@@ -97,7 +105,10 @@ rm -rf $RPM_BUILD_ROOT
 %post
 if [ $1 -eq 1 ]; then
     set @@@ `dd bs=128 count=1 </dev/urandom 2>/dev/null | md5sum`
-    sed -i -e "/session\['blowfish'\] = '';/ s/'';/'$2';  # Autogenerated for `uname -n`/"  %{_sysconfdir}/%{name}/config.php
+    sed -i "/session\['blowfish'\] = null;/ {
+	s/^[^\$]*\\\$/\$/
+	s/null;/'$2';  # Autogenerated for `uname -n`/
+    }"  %{_sysconfdir}/%{name}/config.php
 fi
 
 
@@ -105,16 +116,68 @@ fi
 %defattr(-,root,root,-)
 %config %dir %{_sysconfdir}/%{name}
 %attr(640,root,apache) %config(noreplace) %{_sysconfdir}/%{name}/*.php
-%{_sysconfdir}/%{name}/*.example
 %config(noreplace) %{_sysconfdir}/httpd/conf.d/*.conf
 %{_datadir}/%{name}
-%doc INSTALL LICENSE
+%doc INSTALL LICENSE config/config.php.example
 
 
 %changelog
-* Wed Oct 26 2011 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.0.2-1
-- fix #748539 (CVE-2011-4075)
-- update to 1.0.2
+* Tue Sep 18 2012 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.2-3.gitbbedf1
+- update to latest git source (CVE-2012-1114, CVE-2012-1115, #799873)
+
+* Sat Jul 21 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Thu Feb  2 2012 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.2-1
+- update to 1.2.2
+- fix CVE-2012-0834 (#786821, patch from upstream)
+
+* Sat Jan 14 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.1.1-3.20111006git
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Tue Oct 25 2011 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.1.1-2.20111006git
+- update to the latest git #cddf783 to fix security issues
+  (XSS and code injection vulnerabilities, #748538)
+
+* Fri Jul 22 2011 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.1.1-1
+- update to 1.2.1.1
+
+* Wed Feb 09 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.0.5-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Thu Sep 23 2010 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.0.5-2
+- add patches from Patrick Monnerat <pm at datasphere.ch>:
+  * fix typo (close comment) in config file (#628067)
+  * avoid php-5.3 deprecation errors (#628061)
+  * fix add of parent class attributes (#628060)
+
+* Mon Mar 29 2010 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.0.5-1
+- update to 1.2.0.5
+
+* Fri Nov 20 2009 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.0.4-1
+- update to 1.2.0.4
+- allow local IPv6 address by default as well (#539272)
+
+* Wed Sep 16 2009 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.2.0.3-1
+- Upgrade to 1.2.0.3 (#523477)
+
+* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.1.0.7-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Thu Apr  9 2009 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.1.0.7-1
+- update to 1.1.0.7
+
+* Fri Sep 26 2008 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.1.0.5-2
+- update config patch
+
+* Wed Feb 13 2008 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.1.0.5-1
+- upgrade to 1.1.0.5
+
+* Fri Aug 17 2007 Dmitry Butskoy <Dmitry at Butskoy.name>
+- Change License tag to GPLv2+
+  (Note: most files do not specify any license information at all,
+  which could lead just to "GPL+", but some lib/ files specify
+  "GPLv2 or any later" explicitly, hence GPLv2+ wins).
 
 * Tue Sep 19 2006 Dmitry Butskoy <Dmitry at Butskoy.name> - 1.0.1-1
 - upgrade to 1.0.1
diff --git a/sources b/sources
index 33ea7dc..eaea0e3 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-316b917d8abe1b37603c49b61b068bd0  phpldapadmin-1.0.2.tar.gz
+5cc3844ad158c195b3f5a6a4f7e31b4d  phpldapadmin-1.2.2-bbedf1.tgz

More information about the scm-commits mailing list