[mantis] Update to 1.2.4
Gianluca Sforna
giallu at fedoraproject.org
Fri Dec 17 23:40:02 UTC 2010
commit 13b4d5383b8cf5628d2365abc7174276e753e9dc
Author: Gianluca Sforna <giallu at gmail.com>
Date: Sat Dec 18 00:39:02 2010 +0100
Update to 1.2.4
.gitignore | 1 +
mantis-1.2.1-do_not_warn_on_admin_directory.patch | 14 --------------
mantis-1.2.4-do_not_warn_on_admin_directory.patch | 18 ++++++++++++++++++
mantis.spec | 8 ++++++--
sources | 2 +-
5 files changed, 26 insertions(+), 17 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 806de12..3154b3f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
mantisbt-1.1.8.tar.gz
/mantisbt-1.2.3.tar.gz
+/mantisbt-1.2.4.tar.gz
diff --git a/mantis-1.2.4-do_not_warn_on_admin_directory.patch b/mantis-1.2.4-do_not_warn_on_admin_directory.patch
new file mode 100644
index 0000000..cbfc651
--- /dev/null
+++ b/mantis-1.2.4-do_not_warn_on_admin_directory.patch
@@ -0,0 +1,18 @@
+diff -u -r mantisbt-1.2.4.orig/login_page.php mantisbt-1.2.4/login_page.php
+--- mantisbt-1.2.4.orig/login_page.php 2010-12-15 03:26:31.000000000 +0100
++++ mantisbt-1.2.4/login_page.php 2010-12-18 00:10:50.625614162 +0100
+@@ -186,11 +186,6 @@
+
+ # Check if the admin directory is available and is readable.
+ $t_admin_dir = dirname( __FILE__ ) . DIRECTORY_SEPARATOR . 'admin' . DIRECTORY_SEPARATOR;
+- if ( is_dir( $t_admin_dir ) ) {
+- echo '<div class="warning" align="center">', "\n";
+- echo '<p><font color="red">', lang_get( 'warning_admin_directory_present' ), '</font></p>', "\n";
+- echo '</div>', "\n";
+- }
+ if ( is_dir( $t_admin_dir ) && is_readable( $t_admin_dir ) && is_executable( $t_admin_dir ) && @file_exists( "$t_admin_dir/." ) ) {
+ # since admin directory and db_upgrade lists are available check for missing db upgrades
+ # Check for db upgrade for versions < 1.0.0 using old upgrader
+Only in mantisbt-1.2.4: login_page.php.orig
+Only in mantisbt-1.2.4: login_page.php.rej
+Only in mantisbt-1.2.4: .login_page.php.swp
diff --git a/mantis.spec b/mantis.spec
index 335e1cd..d361266 100644
--- a/mantis.spec
+++ b/mantis.spec
@@ -5,7 +5,7 @@
Summary: Web-based issue tracking system
Name: mantis
-Version: 1.2.3
+Version: 1.2.4
Release: 1%{?dist}
License: GPLv2+
Group: Applications/Internet
@@ -18,7 +18,7 @@ Source1: mantis-README.Fedora
Patch0: mantis-1.2.0-install_no_write_config.patch
Patch1: mantis-1.2.0-no_example_com.patch
# We secure admin/ with httpd directives
-Patch2: mantis-1.2.1-do_not_warn_on_admin_directory.patch
+Patch2: mantis-1.2.4-do_not_warn_on_admin_directory.patch
Patch3: mantis-1.2.3-use_systems_nusoap.patch
Patch4: mantis-1.2.3-use_systems_phpmailer.patch
@@ -152,6 +152,10 @@ rm -rf "${RPM_BUILD_ROOT}"
%changelog
+* Wed Dec 14 2010 Gianluca Sforna <giallu at gmail.com> - 1.2.4-1
+- New upstream release
+- Fix CVE-2010-4348, CVE-2010-4349, CVE-2010-4350 (#663299, #663230)
+
* Fri Oct 1 2010 Gianluca Sforna <giallu at gmail.com> - 1.2.3-1
- New upstream release
- Fix CVE-2010-3763 (#640746)
diff --git a/sources b/sources
index 5b2907a..46a0695 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-2bdefcf858643d1a212b7d8dd3d3d10b mantisbt-1.2.3.tar.gz
+17cf76d2b343aa23500638405209f125 mantisbt-1.2.4.tar.gz
More information about the scm-commits
mailing list