rpms/mediawiki/F-13 mediawiki-1.15.3-commoncode.patch, NONE, 1.1 .cvsignore, 1.22, 1.23 mediawiki.spec, 1.36, 1.37 sources, 1.23, 1.24 mediawiki-1.15.0-commoncode.patch, 1.1, NONE
athimm
athimm at fedoraproject.org
Wed Apr 7 17:22:17 UTC 2010
- Previous message: rpms/mediawiki/F-12 mediawiki-1.15.3-commoncode.patch, NONE, 1.1 .cvsignore, 1.23, 1.24 mediawiki.spec, 1.37, 1.38 sources, 1.24, 1.25 mediawiki-1.15.0-commoncode.patch, 1.1, NONE
- Next message: rpms/mediawiki/devel mediawiki-1.15.3-commoncode.patch, NONE, 1.1 .cvsignore, 1.23, 1.24 mediawiki.spec, 1.37, 1.38 sources, 1.24, 1.25 mediawiki-1.15.0-commoncode.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: athimm
Update of /cvs/pkgs/rpms/mediawiki/F-13
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv19359/F-13
Modified Files:
.cvsignore mediawiki.spec sources
Added Files:
mediawiki-1.15.3-commoncode.patch
Removed Files:
mediawiki-1.15.0-commoncode.patch
Log Message:
Update to 1.15.3.
mediawiki-1.15.3-commoncode.patch:
api.php | 5 ++++-
config/index.php | 15 +++++++++------
includes/Setup.php | 2 +-
includes/WebStart.php | 4 ++--
includes/templates/NoLocalSettings.php | 2 +-
index.php | 4 +++-
maintenance/archives/upgradeWatchlist.php | 2 +-
maintenance/commandLine.inc | 6 ++++--
maintenance/update.php | 3 +++
9 files changed, 28 insertions(+), 15 deletions(-)
--- NEW FILE mediawiki-1.15.3-commoncode.patch ---
/usr/src/at/work/BUILD.flocki /usr/src/at/work/SRC/mediawiki
--- mediawiki-1.15.3/includes/Setup.php.commoncode 2009-01-27 20:58:26.000000000 +0100
+++ mediawiki-1.15.3/includes/Setup.php 2010-04-07 18:42:58.396563698 +0200
@@ -45,7 +45,7 @@
if( $wgLogo === false ) $wgLogo = "$wgStylePath/common/images/wiki.png";
if( $wgUploadPath === false ) $wgUploadPath = "$wgScriptPath/images";
-if( $wgUploadDirectory === false ) $wgUploadDirectory = "$IP/images";
+if( $wgUploadDirectory === false ) $wgUploadDirectory = "$DIR/images";
if( $wgMathPath === false ) $wgMathPath = "{$wgUploadPath}/math";
if( $wgMathDirectory === false ) $wgMathDirectory = "{$wgUploadDirectory}/math";
--- mediawiki-1.15.3/includes/WebStart.php.commoncode 2008-11-07 17:38:01.000000000 +0100
+++ mediawiki-1.15.3/includes/WebStart.php 2010-04-07 18:42:58.397562562 +0200
@@ -103,14 +103,14 @@
# LocalSettings.php is the per site customization file. If it does not exit
# the wiki installer need to be launched or the generated file moved from
# ./config/ to ./
- if( !file_exists( "$IP/LocalSettings.php" ) ) {
+ if( !file_exists( "$DIR/LocalSettings.php" ) ) {
require_once( "$IP/includes/DefaultSettings.php" ); # used for printing the version
require_once( "$IP/includes/templates/NoLocalSettings.php" );
die();
}
# Include site settings. $IP may be changed (hopefully before the AutoLoader is invoked)
- require_once( "$IP/LocalSettings.php" );
+ require_once( "$DIR/LocalSettings.php" );
}
wfProfileOut( 'WebStart.php-conf' );
--- mediawiki-1.15.3/includes/templates/NoLocalSettings.php.commoncode 2009-02-20 14:56:57.000000000 +0100
+++ mediawiki-1.15.3/includes/templates/NoLocalSettings.php 2010-04-07 18:42:58.397562562 +0200
@@ -58,7 +58,7 @@
<h1>MediaWiki <?php echo htmlspecialchars( $wgVersion ) ?></h1>
<div class='error'>
<?php
- if ( file_exists( 'config/LocalSettings.php' ) ) {
+ if ( file_exists( $DIR . 'config/LocalSettings.php' ) ) {
echo( 'To complete the installation, move <tt>config/LocalSettings.php</tt> to the parent directory.' );
} else {
echo( "Please <a href=\"" . htmlspecialchars( $path ) . "config/index." . htmlspecialchars( $ext ) . "\" title='setup'> set up the wiki</a> first." );
--- mediawiki-1.15.3/maintenance/archives/upgradeWatchlist.php.commoncode 2008-07-11 00:00:04.000000000 +0200
+++ mediawiki-1.15.3/maintenance/archives/upgradeWatchlist.php 2010-04-07 18:42:58.398561985 +0200
@@ -15,7 +15,7 @@
# Convert watchlists to new format
global $IP;
-require_once( "../LocalSettings.php" );
+require_once( "$DIR/LocalSettings.php" );
require_once( "$IP/Setup.php" );
$wgTitle = Title::newFromText( "Rebuild links script" );
--- mediawiki-1.15.3/maintenance/commandLine.inc.commoncode 2009-02-23 13:37:33.000000000 +0100
+++ mediawiki-1.15.3/maintenance/commandLine.inc 2010-04-07 18:44:40.780312313 +0200
@@ -6,6 +6,8 @@
* @defgroup Maintenance Maintenance
*/
+if (! isset($DIR)) $DIR=getcwd();
+
$wgRequestTime = microtime(true);
/** */
@@ -175,7 +177,7 @@
if ( isset( $options['conf'] ) ) {
$settingsFile = $options['conf'];
} else {
- $settingsFile = "$IP/LocalSettings.php";
+ $settingsFile = "$DIR/LocalSettings.php";
}
if ( isset( $options['wiki'] ) ) {
$bits = explode( '-', $options['wiki'] );
@@ -201,7 +203,7 @@
$adminSettings = isset( $options['aconf'] )
? $options['aconf']
- : "{$IP}/AdminSettings.php";
+ : "{$DIR}/AdminSettings.php";
if( is_readable( $adminSettings ) )
require_once( $adminSettings );
--- mediawiki-1.15.3/maintenance/update.php.commoncode 2008-07-19 14:15:07.000000000 +0200
+++ mediawiki-1.15.3/maintenance/update.php 2010-04-07 18:42:58.399562246 +0200
@@ -10,6 +10,9 @@
* @ingroup Maintenance
*/
+$DIR=getcwd();
+chdir('/usr/share/mediawiki');
+
/** */
$wgUseMasterForMaintenance = true;
$options = array( 'quick', 'nopurge' );
--- mediawiki-1.15.3/config/index.php.commoncode 2009-05-08 07:51:15.000000000 +0200
+++ mediawiki-1.15.3/config/index.php 2010-04-07 18:42:58.402562471 +0200
@@ -19,6 +19,9 @@
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
# http://www.gnu.org/copyleft/gpl.html
+$DIR=dirname( getcwd() );
+chdir('/usr/share/mediawiki/config');
+
error_reporting( E_ALL );
header( "Content-type: text/html; charset=utf-8" );
@ini_set( "display_errors", true );
@@ -27,7 +30,7 @@
$wgRequestTime = microtime( true );
# Attempt to set up the include path, to fix problems with relative includes
-$IP = dirname( dirname( __FILE__ ) );
+$IP = '/usr/share/mediawiki';
define( 'MW_INSTALL_PATH', $IP );
# Define an entry point and include some files
@@ -218,18 +221,18 @@
/* Check for existing configurations and bug out! */
-if( file_exists( "../LocalSettings.php" ) ) {
+if( file_exists( "$DIR/LocalSettings.php" ) ) {
$script = defined('MW_INSTALL_PHP5_EXT') ? 'index.php5' : 'index.php';
dieout( "<p><strong>Setup has completed, <a href='../$script'>your wiki</a> is configured.</strong></p>
<p>Please delete the /config directory for extra security.</p>" );
}
-if( file_exists( "./LocalSettings.php" ) ) {
+if( file_exists( "$DIR/LocalSettings.php" ) ) {
writeSuccessMessage();
dieout( '' );
}
-if( !is_writable( "." ) ) {
+if( !is_writable( $DIR . "/config" ) ) {
dieout( "<h2>Can't write config file, aborting</h2>
<p>In order to configure the wiki you have to make the <tt>config</tt> subdirectory
@@ -1213,7 +1216,7 @@
$localSettings = "<" . "?php$endl$local";
// Fix up a common line-ending problem (due to CVS on Windows)
$localSettings = str_replace( "\r\n", "\n", $localSettings );
- $f = fopen( "LocalSettings.php", 'xt' );
+ $f = fopen( $DIR . "/config/LocalSettings.php", 'xt' );
if( $f == false ) {
print( "</li>\n" );
@@ -1776,7 +1779,7 @@
if( defined( 'MW_INSTALL_PATH' ) ) {
\$IP = MW_INSTALL_PATH;
} else {
- \$IP = dirname( __FILE__ );
+ \$IP = '/usr/share/mediawiki';
}
\$path = array( \$IP, \"\$IP/includes\", \"\$IP/languages\" );
--- mediawiki-1.15.3/index.php.commoncode 2009-03-20 13:00:38.000000000 +0100
+++ mediawiki-1.15.3/index.php 2010-04-07 18:42:58.402562471 +0200
@@ -36,9 +36,11 @@
* @file
*/
+$DIR=getcwd();
+chdir('/usr/share/mediawiki');
# Initialise common code
-$preIP = dirname( __FILE__ );
+$preIP = '/usr/share/mediawiki';
require_once( "$preIP/includes/WebStart.php" );
# Initialize MediaWiki base class
--- mediawiki-1.15.3/api.php.commoncode 2009-05-05 16:07:59.000000000 +0200
+++ mediawiki-1.15.3/api.php 2010-04-07 18:42:58.403562173 +0200
@@ -34,8 +34,11 @@
* in the URL.
*/
+$DIR=getcwd();
+chdir('/usr/share/mediawiki');
+
// Initialise common code
-require (dirname(__FILE__) . '/includes/WebStart.php');
+require ('/usr/share/mediawiki' . '/includes/WebStart.php');
wfProfileIn('api.php');
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/mediawiki/F-13/.cvsignore,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -p -r1.22 -r1.23
--- .cvsignore 13 Jul 2009 20:33:45 -0000 1.22
+++ .cvsignore 7 Apr 2010 17:22:15 -0000 1.23
@@ -1 +1 @@
-mediawiki-1.15.1.tar.gz
+mediawiki-1.15.3.tar.gz
Index: mediawiki.spec
===================================================================
RCS file: /cvs/pkgs/rpms/mediawiki/F-13/mediawiki.spec,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -p -r1.36 -r1.37
--- mediawiki.spec 25 Jul 2009 11:58:00 -0000 1.36
+++ mediawiki.spec 7 Apr 2010 17:22:16 -0000 1.37
@@ -1,11 +1,11 @@
Summary: A wiki engine
Name: mediawiki
-Version: 1.15.1
-Release: 51%{?dist}
+Version: 1.15.3
+Release: 52%{?dist}
License: GPLv2+
Group: Development/Tools
URL: http://www.mediawiki.org/
-Source0: http://download.wikimedia.org/mediawiki/1.15/%{name}-%{version}.tar.gz
+Source0: http://download.wikimedia.org/mediawiki/1.15/mediawiki-%{version}.tar.gz
Source1: mediawiki.conf
Source2: README.RPM
Patch0: mediawiki-1.15.0-commoncode.patch
@@ -127,8 +127,12 @@ rm -rf %{buildroot}
%changelog
-* Sat Jul 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.15.1-51
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+* Wed Apr 7 2010 Axel Thimm <Axel.Thimm at ATrpms.net> - 1.15.3-52
+- Update to 1.15.3 (Fixes login CSRF vulnerability).
+
+* Wed Mar 31 2010 Axel Thimm <Axel.Thimm at ATrpms.net> - 1.15.2-51
+- Update to 1.15.2 (Fixes CSS validation issue and data leakage
+ vulnerability).
* Fri Jul 24 2009 Axel Thimm <Axel.Thimm at ATrpms.net> - 1.15.1-50
- Add a README.RPM and a sample apache mediawiki.conf file.
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/mediawiki/F-13/sources,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -p -r1.23 -r1.24
--- sources 13 Jul 2009 20:33:45 -0000 1.23
+++ sources 7 Apr 2010 17:22:16 -0000 1.24
@@ -1 +1 @@
-834cef60ef3fd47162420fa25abf2dff mediawiki-1.15.1.tar.gz
+6bf89504a3192d4641de5404d39ac50a mediawiki-1.15.3.tar.gz
--- mediawiki-1.15.0-commoncode.patch DELETED ---
- Previous message: rpms/mediawiki/F-12 mediawiki-1.15.3-commoncode.patch, NONE, 1.1 .cvsignore, 1.23, 1.24 mediawiki.spec, 1.37, 1.38 sources, 1.24, 1.25 mediawiki-1.15.0-commoncode.patch, 1.1, NONE
- Next message: rpms/mediawiki/devel mediawiki-1.15.3-commoncode.patch, NONE, 1.1 .cvsignore, 1.23, 1.24 mediawiki.spec, 1.37, 1.38 sources, 1.24, 1.25 mediawiki-1.15.0-commoncode.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list