rpms/BackupPC/devel BackupPC.spec,1.12,1.13

Johan Cwiklinski trasher at fedoraproject.org
Fri Sep 25 14:10:13 UTC 2009


Author: trasher

Update of /cvs/extras/rpms/BackupPC/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv21924

Modified Files:
	BackupPC.spec 
Log Message:
Remove ClientNameAlias directive from CgiUserConfigEdit list to avoid security hole (bug #518412)


Index: BackupPC.spec
===================================================================
RCS file: /cvs/extras/rpms/BackupPC/devel/BackupPC.spec,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -p -r1.12 -r1.13
--- BackupPC.spec	23 Sep 2009 16:07:49 -0000	1.12
+++ BackupPC.spec	25 Sep 2009 14:10:13 -0000	1.13
@@ -6,7 +6,7 @@
 
 Name:           BackupPC
 Version:        3.1.0
-Release:        8%{?dist}
+Release:        9%{?dist}
 Summary:        High-performance backup system
 
 Group:          Applications/System
@@ -150,6 +150,7 @@ sed -i s,$LOGNAME,backuppc,g init.d/linu
 
 sed -i 's/^\$Conf{XferMethod}\ =.*/$Conf{XferMethod} = "rsync";/' $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/config.pl
 sed -i 's|^\$Conf{CgiURL}\ =.*|$Conf{CgiURL} = "http://localhost/BackupPC";|' $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/config.pl
+sed -i 's|ClientNameAlias           => 1,|ClientNameAlias           => 0,|' $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/config.pl
 
 %if %{useselinux}
      # SElinux 
@@ -226,6 +227,9 @@ fi
 %endif
 
 %changelog
+* Fri Sep 25 2009 Johan Cwiklinski <johan AT x-tnd DOT be> 3.1.0-9
+- Fix security bug (bug #518412)
+
 * Wed Sep 23 2009 Johan Cwiklinski <johan AT x-tnd DOT be> 3.1.0-8
 - Rebuild with latest SELinux policy (bug #524630)
 




More information about the scm-commits mailing list