rpms/mantis/devel mantis-1.0.0rc2-noadmin.patch, NONE, 1.1 sources, 1.4, 1.5 mantis.spec, 1.7, 1.8 mantis-1.0.0a3-nonmysql.patch, 1.1, NONE mantis-0.19.2-noadmin.patch, 1.1, NONE
Enrico Scholz (ensc)
fedora-extras-commits at redhat.com
Fri Dec 23 15:46:01 UTC 2005
Author: ensc
Update of /cvs/extras/rpms/mantis/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27067/devel
Modified Files:
sources mantis.spec
Added Files:
mantis-1.0.0rc2-noadmin.patch
Removed Files:
mantis-1.0.0a3-nonmysql.patch mantis-0.19.2-noadmin.patch
Log Message:
- SECURITY: release 1.0.0rc4
- removed x-permission from most files
- rediffed
mantis-1.0.0rc2-noadmin.patch:
--- NEW FILE mantis-1.0.0rc2-noadmin.patch ---
--- mantis-1.0.0rc2/login_page.php.noadmin 2005-08-16 00:13:50.000000000 +0200
+++ mantis-1.0.0rc2/login_page.php 2005-10-27 19:56:19.000000000 +0200
@@ -141,7 +141,7 @@
# Check if the admin directory is available and is readable.
$t_admin_dir = dirname( __FILE__ ) . DIRECTORY_SEPARATOR . 'admin' . DIRECTORY_SEPARATOR;
- if ( is_dir( $t_admin_dir ) && is_readable( $t_admin_dir ) ) {
+ if ( 0 && is_dir( $t_admin_dir ) && is_readable( $t_admin_dir ) ) {
echo '<div class="warning" align="center">', "\n";
echo '<p><font color="red"><strong>WARNING:</strong> Admin directory should be removed.</font></p>', "\n";
echo '</div>', "\n";
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/mantis/devel/sources,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- sources 25 Jun 2005 14:48:48 -0000 1.4
+++ sources 23 Dec 2005 15:46:01 -0000 1.5
@@ -1 +1 @@
-b12ab13376e91313402f666f22948ded mantis-1.0.0a3.tar.gz
+96724be25c508d2f4008dfa5535efd82 mantis-1.0.0rc4.tar.gz
Index: mantis.spec
===================================================================
RCS file: /cvs/extras/rpms/mantis/devel/mantis.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- mantis.spec 25 Jun 2005 14:45:53 -0000 1.7
+++ mantis.spec 23 Dec 2005 15:46:01 -0000 1.8
@@ -1,6 +1,6 @@
# $Id$
-%global alpha a3
+%global alpha rc4
%global pkgdir %_datadir/%name
%global cfgdir %_sysconfdir/%name
@@ -19,8 +19,7 @@
Source0: http://download.sourceforge.net/sourceforge/mantisbt/%name-%version%{?alpha}.tar.gz
Patch0: mantis-1.0.0a3-iis.patch
Patch1: mantis-0.19.2-noexamplecom.patch
-Patch2: mantis-0.19.2-noadmin.patch
-Patch3: mantis-1.0.0a3-nonmysql.patch
+Patch2: mantis-1.0.0rc2-noadmin.patch
BuildRoot: %_tmppath/%name-%version-%release-buildroot
BuildRequires: diffutils
Requires: php
@@ -60,7 +59,6 @@
%patch0 -p1 -b .iis
%patch1 -p1 -b .noexamplecom
%patch2 -p1 -b .noadmin
-%patch3 -p1 -b .nonmysql
chmod -x *.php
rm -rf packages
@@ -85,6 +83,22 @@
mv $RPM_BUILD_ROOT%pkgdir/mantis_offline.php.sample $RPM_BUILD_ROOT%cfgdir/
mv $RPM_BUILD_ROOT%pkgdir/config_inc.php.sample $RPM_BUILD_ROOT%cfgdir/config_inc.php
+for i in $(find $RPM_BUILD_ROOT -type f -regex '.*\.\(php\|txt\|gif\|png\|css\|htm\|dtd\|xsl\|sql\|js\|bak\|xml\|zip\)$' -perm +0111); do
+ case $i in
+ (*.php)
+ if ! sed '1p;d' "$i" | grep -q '^#!'; then
+ chmod a-x "$i"
+ elif sed '1p;d' "$i" | grep -q '/usr/local/bin/php'; then
+ sed -i -e '1s!/usr/local/bin/php!/usr/bin/php!' "$i"
+ fi
+ ;;
+ (*.bak) rm -f "$i";;
+ (*) chmod a-x "$i";;
+ esac
+done
+
+chmod -x $RPM_BUILD_ROOT%pkgdir/{doc/*,core/phpmailer/{README,LICENSE}}
+
ln -s %cfgdir/config_inc.php $RPM_BUILD_ROOT%pkgdir/config_inc.php
ln -s %cfgdir/mantis_offline.php $RPM_BUILD_ROOT%pkgdir/mantis_offline.php
@@ -115,9 +129,7 @@
%files
%defattr(-,root,root,-)
-%doc sql
%pkgdir
-%exclude %pkgdir/sql
%attr(-,root,apache) %dir %cfgdir
%attr(0640,root,apache) %config(noreplace) %cfgdir/*
@@ -128,6 +140,11 @@
%changelog
+* Fri Dec 23 2005 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 1.0.0-0.1.rc4
+- SECURITY: release 1.0.0rc4
+- removed x-permission from most files
+- rediffed
+
* Sat Jun 25 2005 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 1.0.0
- updated to 1.0.0a3
- removed the part which created the psql-script; upstream has now a
--- mantis-1.0.0a3-nonmysql.patch DELETED ---
--- mantis-0.19.2-noadmin.patch DELETED ---
More information about the scm-commits
mailing list