[php-pear-CAS/f14/master] update to 1.1.3 - security fixes
Remi Collet
remi at fedoraproject.org
Mon Oct 4 17:11:24 UTC 2010
commit dd0602850a07b481816e9cdd48b6f45c472352d9
Author: remi <fedora at famillecollet.com>
Date: Mon Oct 4 18:57:54 2010 +0200
update to 1.1.3 - security fixes
php-pear-CAS-systemlibs.patch | 40 ++++++++++++++++++++--------------------
php-pear-CAS.spec | 17 +++++++++++++----
2 files changed, 33 insertions(+), 24 deletions(-)
---
diff --git a/php-pear-CAS-systemlibs.patch b/php-pear-CAS-systemlibs.patch
index 5b18b15..0811483 100644
--- a/php-pear-CAS-systemlibs.patch
+++ b/php-pear-CAS-systemlibs.patch
@@ -1,7 +1,7 @@
-diff -up CAS-1.1.2/CAS.php.systemlib CAS-1.1.2/CAS.php
---- CAS-1.1.2/CAS.php.systemlib 2010-08-03 17:58:12.000000000 +0200
-+++ CAS-1.1.2/CAS.php 2010-08-03 18:00:12.000000000 +0200
-@@ -40,7 +40,7 @@ if (!$_SERVER['REQUEST_URI']) {
+diff -up CAS-1.1.3/CAS.php.systemlib CAS-1.1.3/CAS.php
+--- CAS-1.1.3/CAS.php.systemlib 2010-10-04 18:47:53.000000000 +0200
++++ CAS-1.1.3/CAS.php 2010-10-04 18:47:53.000000000 +0200
+@@ -40,7 +40,7 @@ if (!isset($_SERVER['REQUEST_URI'])) {
// another one by Vangelis Haniotakis also to make phpCAS work with PHP5
//
if (version_compare(PHP_VERSION, '5', '>=') && !(function_exists('domxml_new_doc'))) {
@@ -10,23 +10,23 @@ diff -up CAS-1.1.2/CAS.php.systemlib CAS-1.1.2/CAS.php
}
/**
-diff -up CAS-1.1.2/php-pear-CAS.xml.systemlib CAS-1.1.2/php-pear-CAS.xml
---- CAS-1.1.2/php-pear-CAS.xml.systemlib 1970-01-01 10:13:08.000000000 +0100
-+++ CAS-1.1.2/php-pear-CAS.xml 2010-08-03 18:02:37.000000000 +0200
-@@ -51,7 +51,6 @@ see http://www.ja-sig.org/wiki/display/C
- <file baseinstalldir="/" md5sum="9162d942d32ac8bdc01d409c07f41a0f" name="CAS/PGTStorage/pgt-file.php" role="php" />
- <file baseinstalldir="/" md5sum="4bd67b4d6d6021504c00eff90e577ac0" name="CAS/PGTStorage/pgt-main.php" role="php" />
- <file baseinstalldir="/" md5sum="5801f35b93c6bc68a3d2eedc75ad325a" name="CAS/client.php" role="php" />
-- <file baseinstalldir="/" md5sum="e9ce7e11f871d8206b0abc2f608b0277" name="CAS/domxml-php4-to-php5.php" role="php" />
- <file baseinstalldir="/" md5sum="a97168f2ce407585f975df370f3f192c" name="docs/api/annotated.html" role="doc" />
+diff -up CAS-1.1.3/php-pear-CAS.xml.systemlib CAS-1.1.3/php-pear-CAS.xml
+--- CAS-1.1.3/php-pear-CAS.xml.systemlib 1970-01-01 10:13:08.000000000 +0100
++++ CAS-1.1.3/php-pear-CAS.xml 2010-10-04 18:49:45.000000000 +0200
+@@ -50,7 +50,6 @@ see http://www.ja-sig.org/wiki/display/C
+ <file baseinstalldir="/" md5sum="26fbe36c8d383bfd116b625d87804b2a" name="CAS/PGTStorage/pgt-file.php" role="php" />
+ <file baseinstalldir="/" md5sum="d816519b8bfa2714061efb5bb72848bd" name="CAS/PGTStorage/pgt-main.php" role="php" />
+ <file baseinstalldir="/" md5sum="90b2346bdecfee11a4d766056e19cc81" name="CAS/client.php" role="php" />
+- <file baseinstalldir="/" md5sum="5d5b545ffd7310c9de5110d58b19162e" name="CAS/domxml-php4-to-php5.php" role="php" />
+ <file baseinstalldir="/" md5sum="2c9aa402b148707433b8981797f67488" name="docs/api/annotated.html" role="doc" />
<file baseinstalldir="/" md5sum="39288f88be2912de1677afe29e288d2b" name="docs/api/bc_s.png" role="doc" />
- <file baseinstalldir="/" md5sum="f5fe33865e6d29c81114cbd9341f8fb8" name="docs/api/CAS_8php.html" role="doc" />
-@@ -198,7 +197,7 @@ see http://www.ja-sig.org/wiki/display/C
- <file baseinstalldir="/" md5sum="abb6f52f3b53449eb7306094f541ead4" name="docs/ChangeLog" role="doc" />
- <file baseinstalldir="/" md5sum="8b55ff8b0efc4d70a30e3d282f4ef188" name="docs/index.html" role="doc" />
- <file baseinstalldir="/" md5sum="d153a0effa32fbccded9387ea5310df6" name="docs/README" role="doc" />
-- <file baseinstalldir="/" md5sum="9f6b5dd62d82281ae1858ef3d23b2496" name="CAS.php" role="php" />
-+ <file baseinstalldir="/" md5sum="523247e23198f31464558e4a09856d99" name="CAS.php" role="php" />
+ <file baseinstalldir="/" md5sum="ca1a2bc869744b7ddfc57a63ceb862b5" name="docs/api/CAS_8php.html" role="doc" />
+@@ -188,7 +187,7 @@ see http://www.ja-sig.org/wiki/display/C
+ <file baseinstalldir="/" md5sum="78a672b4d7987b3620a3fee3cf4390b6" name="docs/ChangeLog" role="doc" />
+ <file baseinstalldir="/" md5sum="77a484630ada5dbce5a0685942de197c" name="docs/index.html" role="doc" />
+ <file baseinstalldir="/" md5sum="f2baf0cbe0abb3fcb651bb7f6cbe8a7d" name="docs/README" role="doc" />
+- <file baseinstalldir="/" md5sum="eee09fa1185b09fdd92704b471e67453" name="CAS.php" role="php" />
++ <file baseinstalldir="/" md5sum="d89f2dba82ef8a0ce0cf59a38b54877a" name="CAS.php" role="php" />
</dir>
</contents>
<dependencies>
diff --git a/php-pear-CAS.spec b/php-pear-CAS.spec
index 4d3ca45..3f5c11d 100644
--- a/php-pear-CAS.spec
+++ b/php-pear-CAS.spec
@@ -5,7 +5,7 @@
Name: php-pear-CAS
-Version: 1.1.2
+Version: 1.1.3
Release: %{?prever:0.}1%{?prever:.}%{?prever}%{?dist}
Summary: Central Authentication Service client library in php
@@ -37,9 +37,13 @@ This package is a PEAR library for using a Central Authentication Service.
%prep
%setup -q -c
-# Package is V2
-mv package.xml %{pear_name}-%{version}%{?prever}/%{name}.xml
+# Create a "localized" php.ini to avoid build warning
+cp /etc/php.ini .
+echo "date.timezone=UTC" >>php.ini
+
cd %{pear_name}-%{version}%{?prever}
+# package.xml is V2
+mv ../package.xml %{name}.xml
# converting to unix format mandatory for old patch version
sed -i -e 's/\r//' CAS.php
@@ -54,7 +58,7 @@ cd %{pear_name}-%{version}%{?prever}
%install
rm -rf $RPM_BUILD_ROOT docdir
cd %{pear_name}-%{version}%{?prever}
-%{__pear} install --nodeps --packagingroot $RPM_BUILD_ROOT %{name}.xml
+PHPRC=../php.ini %{__pear} install --nodeps --packagingroot $RPM_BUILD_ROOT %{name}.xml
# Move documentation
@@ -95,6 +99,11 @@ fi
%changelog
+* Mon Oct 04 2010 Remi Collet <Fedora at FamilleCollet.com> - 1.1.3-1
+- update to 1.1.3
+- fix CVE-2010-3690, CVE-2010-3691, CVE-2010-3692
+- set timezone during build
+
* Tue Aug 03 2010 Remi Collet <Fedora at FamilleCollet.com> - 1.1.2-1
- update to 1.1.2
- fix CVE-2010-2795, CVE-2010-2796, #620753
More information about the scm-commits
mailing list