[php-pear-CAS/el5/master] update to 1.1.3 - security fixes

Remi Collet remi at fedoraproject.org
Mon Oct 4 17:28:21 UTC 2010


commit 0894cf16fdea904d1d7b4b67ff995f1421a699d7
Author: remi <fedora at famillecollet.com>
Date:   Mon Oct 4 18:57:54 2010 +0200

    update to 1.1.3 - security fixes

 php-pear-CAS-systemlibs.patch |   40 ++++++++++++++++++++--------------------
 php-pear-CAS.spec             |   17 +++++++++++++----
 2 files changed, 33 insertions(+), 24 deletions(-)
---
diff --git a/php-pear-CAS-systemlibs.patch b/php-pear-CAS-systemlibs.patch
index 5b18b15..0811483 100644
--- a/php-pear-CAS-systemlibs.patch
+++ b/php-pear-CAS-systemlibs.patch
@@ -1,7 +1,7 @@
-diff -up CAS-1.1.2/CAS.php.systemlib CAS-1.1.2/CAS.php
---- CAS-1.1.2/CAS.php.systemlib	2010-08-03 17:58:12.000000000 +0200
-+++ CAS-1.1.2/CAS.php	2010-08-03 18:00:12.000000000 +0200
-@@ -40,7 +40,7 @@ if (!$_SERVER['REQUEST_URI']) {
+diff -up CAS-1.1.3/CAS.php.systemlib CAS-1.1.3/CAS.php
+--- CAS-1.1.3/CAS.php.systemlib	2010-10-04 18:47:53.000000000 +0200
++++ CAS-1.1.3/CAS.php	2010-10-04 18:47:53.000000000 +0200
+@@ -40,7 +40,7 @@ if (!isset($_SERVER['REQUEST_URI'])) {
  // another one by Vangelis Haniotakis also to make phpCAS work with PHP5
  //
  if (version_compare(PHP_VERSION, '5', '>=') && !(function_exists('domxml_new_doc'))) {
@@ -10,23 +10,23 @@ diff -up CAS-1.1.2/CAS.php.systemlib CAS-1.1.2/CAS.php
  }
  
  /**
-diff -up CAS-1.1.2/php-pear-CAS.xml.systemlib CAS-1.1.2/php-pear-CAS.xml
---- CAS-1.1.2/php-pear-CAS.xml.systemlib	1970-01-01 10:13:08.000000000 +0100
-+++ CAS-1.1.2/php-pear-CAS.xml	2010-08-03 18:02:37.000000000 +0200
-@@ -51,7 +51,6 @@ see http://www.ja-sig.org/wiki/display/C
-    <file baseinstalldir="/" md5sum="9162d942d32ac8bdc01d409c07f41a0f" name="CAS/PGTStorage/pgt-file.php" role="php" />
-    <file baseinstalldir="/" md5sum="4bd67b4d6d6021504c00eff90e577ac0" name="CAS/PGTStorage/pgt-main.php" role="php" />
-    <file baseinstalldir="/" md5sum="5801f35b93c6bc68a3d2eedc75ad325a" name="CAS/client.php" role="php" />
--   <file baseinstalldir="/" md5sum="e9ce7e11f871d8206b0abc2f608b0277" name="CAS/domxml-php4-to-php5.php" role="php" />
-    <file baseinstalldir="/" md5sum="a97168f2ce407585f975df370f3f192c" name="docs/api/annotated.html" role="doc" />
+diff -up CAS-1.1.3/php-pear-CAS.xml.systemlib CAS-1.1.3/php-pear-CAS.xml
+--- CAS-1.1.3/php-pear-CAS.xml.systemlib	1970-01-01 10:13:08.000000000 +0100
++++ CAS-1.1.3/php-pear-CAS.xml	2010-10-04 18:49:45.000000000 +0200
+@@ -50,7 +50,6 @@ see http://www.ja-sig.org/wiki/display/C
+    <file baseinstalldir="/" md5sum="26fbe36c8d383bfd116b625d87804b2a" name="CAS/PGTStorage/pgt-file.php" role="php" />
+    <file baseinstalldir="/" md5sum="d816519b8bfa2714061efb5bb72848bd" name="CAS/PGTStorage/pgt-main.php" role="php" />
+    <file baseinstalldir="/" md5sum="90b2346bdecfee11a4d766056e19cc81" name="CAS/client.php" role="php" />
+-   <file baseinstalldir="/" md5sum="5d5b545ffd7310c9de5110d58b19162e" name="CAS/domxml-php4-to-php5.php" role="php" />
+    <file baseinstalldir="/" md5sum="2c9aa402b148707433b8981797f67488" name="docs/api/annotated.html" role="doc" />
     <file baseinstalldir="/" md5sum="39288f88be2912de1677afe29e288d2b" name="docs/api/bc_s.png" role="doc" />
-    <file baseinstalldir="/" md5sum="f5fe33865e6d29c81114cbd9341f8fb8" name="docs/api/CAS_8php.html" role="doc" />
-@@ -198,7 +197,7 @@ see http://www.ja-sig.org/wiki/display/C
-    <file baseinstalldir="/" md5sum="abb6f52f3b53449eb7306094f541ead4" name="docs/ChangeLog" role="doc" />
-    <file baseinstalldir="/" md5sum="8b55ff8b0efc4d70a30e3d282f4ef188" name="docs/index.html" role="doc" />
-    <file baseinstalldir="/" md5sum="d153a0effa32fbccded9387ea5310df6" name="docs/README" role="doc" />
--   <file baseinstalldir="/" md5sum="9f6b5dd62d82281ae1858ef3d23b2496" name="CAS.php" role="php" />
-+   <file baseinstalldir="/" md5sum="523247e23198f31464558e4a09856d99" name="CAS.php" role="php" />
+    <file baseinstalldir="/" md5sum="ca1a2bc869744b7ddfc57a63ceb862b5" name="docs/api/CAS_8php.html" role="doc" />
+@@ -188,7 +187,7 @@ see http://www.ja-sig.org/wiki/display/C
+    <file baseinstalldir="/" md5sum="78a672b4d7987b3620a3fee3cf4390b6" name="docs/ChangeLog" role="doc" />
+    <file baseinstalldir="/" md5sum="77a484630ada5dbce5a0685942de197c" name="docs/index.html" role="doc" />
+    <file baseinstalldir="/" md5sum="f2baf0cbe0abb3fcb651bb7f6cbe8a7d" name="docs/README" role="doc" />
+-   <file baseinstalldir="/" md5sum="eee09fa1185b09fdd92704b471e67453" name="CAS.php" role="php" />
++   <file baseinstalldir="/" md5sum="d89f2dba82ef8a0ce0cf59a38b54877a" name="CAS.php" role="php" />
    </dir>
   </contents>
   <dependencies>
diff --git a/php-pear-CAS.spec b/php-pear-CAS.spec
index 4d3ca45..3f5c11d 100644
--- a/php-pear-CAS.spec
+++ b/php-pear-CAS.spec
@@ -5,7 +5,7 @@
 
 
 Name:           php-pear-CAS
-Version:        1.1.2
+Version:        1.1.3
 Release:        %{?prever:0.}1%{?prever:.}%{?prever}%{?dist}
 Summary:        Central Authentication Service client library in php
 
@@ -37,9 +37,13 @@ This package is a PEAR library for using a Central Authentication Service.
 %prep
 %setup -q -c
 
-# Package is V2
-mv package.xml %{pear_name}-%{version}%{?prever}/%{name}.xml
+# Create a "localized" php.ini to avoid build warning
+cp /etc/php.ini .
+echo "date.timezone=UTC" >>php.ini
+
 cd %{pear_name}-%{version}%{?prever}
+# package.xml is V2
+mv ../package.xml %{name}.xml
 
 # converting to unix format mandatory for old patch version
 sed -i -e 's/\r//' CAS.php
@@ -54,7 +58,7 @@ cd %{pear_name}-%{version}%{?prever}
 %install
 rm -rf $RPM_BUILD_ROOT docdir
 cd %{pear_name}-%{version}%{?prever}
-%{__pear} install --nodeps --packagingroot $RPM_BUILD_ROOT %{name}.xml
+PHPRC=../php.ini %{__pear} install --nodeps --packagingroot $RPM_BUILD_ROOT %{name}.xml
 
 
 # Move documentation
@@ -95,6 +99,11 @@ fi
 
 
 %changelog
+* Mon Oct 04 2010 Remi Collet <Fedora at FamilleCollet.com> - 1.1.3-1
+- update to 1.1.3
+- fix CVE-2010-3690, CVE-2010-3691, CVE-2010-3692
+- set timezone during build
+
 * Tue Aug 03 2010 Remi Collet <Fedora at FamilleCollet.com> - 1.1.2-1
 - update to 1.1.2
 - fix  CVE-2010-2795, CVE-2010-2796, #620753


More information about the scm-commits mailing list