rpms/mantis/devel mantis-1.0.0rc2-noadmin.patch, NONE, 1.1 sources, 1.4, 1.5 mantis.spec, 1.7, 1.8 mantis-1.0.0a3-nonmysql.patch, 1.1, NONE mantis-0.19.2-noadmin.patch, 1.1, NONE

Enrico Scholz (ensc) fedora-extras-commits at redhat.com
Fri Dec 23 15:46:01 UTC 2005 

Author: ensc

Update of /cvs/extras/rpms/mantis/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27067/devel

Modified Files:
	sources mantis.spec 
Added Files:
	mantis-1.0.0rc2-noadmin.patch 
Removed Files:
	mantis-1.0.0a3-nonmysql.patch mantis-0.19.2-noadmin.patch 
Log Message:
- SECURITY: release 1.0.0rc4
- removed x-permission from most files
- rediffed


mantis-1.0.0rc2-noadmin.patch:

--- NEW FILE mantis-1.0.0rc2-noadmin.patch ---
--- mantis-1.0.0rc2/login_page.php.noadmin	2005-08-16 00:13:50.000000000 +0200
+++ mantis-1.0.0rc2/login_page.php	2005-10-27 19:56:19.000000000 +0200
@@ -141,7 +141,7 @@
 
 	# Check if the admin directory is available and is readable.
 	$t_admin_dir = dirname( __FILE__ ) . DIRECTORY_SEPARATOR . 'admin' . DIRECTORY_SEPARATOR;
-	if ( is_dir( $t_admin_dir ) && is_readable( $t_admin_dir ) ) {
+	if ( 0 && is_dir( $t_admin_dir ) && is_readable( $t_admin_dir ) ) {
 		echo '<div class="warning" align="center">', "\n";
 		echo '<p><font color="red"><strong>WARNING:</strong> Admin directory should be removed.</font></p>', "\n";
 		echo '</div>', "\n";


Index: sources
===================================================================
RCS file: /cvs/extras/rpms/mantis/devel/sources,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- sources	25 Jun 2005 14:48:48 -0000	1.4
+++ sources	23 Dec 2005 15:46:01 -0000	1.5
@@ -1 +1 @@
-b12ab13376e91313402f666f22948ded  mantis-1.0.0a3.tar.gz
+96724be25c508d2f4008dfa5535efd82  mantis-1.0.0rc4.tar.gz


Index: mantis.spec
===================================================================
RCS file: /cvs/extras/rpms/mantis/devel/mantis.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- mantis.spec	25 Jun 2005 14:45:53 -0000	1.7
+++ mantis.spec	23 Dec 2005 15:46:01 -0000	1.8
@@ -1,6 +1,6 @@
 # $Id$
 
-%global alpha		a3
+%global alpha		rc4
 
 %global pkgdir		%_datadir/%name
 %global cfgdir		%_sysconfdir/%name
@@ -19,8 +19,7 @@
 Source0:	http://download.sourceforge.net/sourceforge/mantisbt/%name-%version%{?alpha}.tar.gz
 Patch0:		mantis-1.0.0a3-iis.patch
 Patch1:		mantis-0.19.2-noexamplecom.patch
-Patch2:		mantis-0.19.2-noadmin.patch
-Patch3:		mantis-1.0.0a3-nonmysql.patch
+Patch2:		mantis-1.0.0rc2-noadmin.patch
 BuildRoot:	%_tmppath/%name-%version-%release-buildroot
 BuildRequires:	diffutils
 Requires:	php
@@ -60,7 +59,6 @@
 %patch0 -p1 -b .iis
 %patch1 -p1 -b .noexamplecom
 %patch2 -p1 -b .noadmin
-%patch3 -p1 -b .nonmysql
 
 chmod -x *.php
 rm -rf packages
@@ -85,6 +83,22 @@
 mv $RPM_BUILD_ROOT%pkgdir/mantis_offline.php.sample $RPM_BUILD_ROOT%cfgdir/
 mv $RPM_BUILD_ROOT%pkgdir/config_inc.php.sample     $RPM_BUILD_ROOT%cfgdir/config_inc.php
 
+for i in $(find $RPM_BUILD_ROOT -type f -regex '.*\.\(php\|txt\|gif\|png\|css\|htm\|dtd\|xsl\|sql\|js\|bak\|xml\|zip\)$' -perm +0111); do
+	case $i in
+		(*.php)
+			if ! sed '1p;d' "$i" | grep -q '^#!'; then
+			   chmod a-x "$i"
+			elif sed '1p;d' "$i" | grep -q '/usr/local/bin/php'; then
+			   sed -i -e '1s!/usr/local/bin/php!/usr/bin/php!' "$i"
+			fi
+			;;
+		(*.bak)		rm -f "$i";;
+		(*)		chmod a-x "$i";;
+	esac
+done
+
+chmod -x $RPM_BUILD_ROOT%pkgdir/{doc/*,core/phpmailer/{README,LICENSE}}
+
 ln -s %cfgdir/config_inc.php	 $RPM_BUILD_ROOT%pkgdir/config_inc.php
 ln -s %cfgdir/mantis_offline.php $RPM_BUILD_ROOT%pkgdir/mantis_offline.php
 
@@ -115,9 +129,7 @@
 
 %files
 %defattr(-,root,root,-)
-%doc sql
 %pkgdir
-%exclude %pkgdir/sql
 %attr(-,root,apache) %dir %cfgdir
 %attr(0640,root,apache) %config(noreplace) %cfgdir/*
 
@@ -128,6 +140,11 @@
 
 
 %changelog
+* Fri Dec 23 2005 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 1.0.0-0.1.rc4
+- SECURITY: release 1.0.0rc4
+- removed x-permission from most files
+- rediffed
+
 * Sat Jun 25 2005 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 1.0.0
 - updated to 1.0.0a3
 - removed the part which created the psql-script; upstream has now a


--- mantis-1.0.0a3-nonmysql.patch DELETED ---


--- mantis-0.19.2-noadmin.patch DELETED ---

More information about the scm-commits mailing list