[rt3/el5/master] Update to 3.6.11 (CVE-2011-1685)
Xavier Bachelot
xavierb at fedoraproject.org
Sun Apr 17 20:06:46 UTC 2011
commit bd20c47787068b772b314d9309349f40c0cb06e2
Author: Xavier Bachelot <xavier at bachelot.org>
Date: Sun Apr 17 22:02:14 2011 +0200
Update to 3.6.11 (CVE-2011-1685)
...ords.patch => rt3-3.6.11-salted_passwords.patch | 38 ++++++++++----------
rt3.spec | 9 +++--
2 files changed, 25 insertions(+), 22 deletions(-)
---
diff --git a/rt3-3.6.10-salted_passwords.patch b/rt3-3.6.11-salted_passwords.patch
similarity index 84%
rename from rt3-3.6.10-salted_passwords.patch
rename to rt3-3.6.11-salted_passwords.patch
index f826269..13f2c1c 100644
--- a/rt3-3.6.10-salted_passwords.patch
+++ b/rt3-3.6.11-salted_passwords.patch
@@ -1,7 +1,7 @@
-diff -Naur rt-3.6.10.orig/configure rt-3.6.10/configure
---- rt-3.6.10.orig/configure 2009-11-30 19:47:53.000000000 +0100
-+++ rt-3.6.10/configure 2011-01-27 00:15:25.000000000 +0100
-@@ -2646,6 +2646,8 @@
+diff -Naur rt-3.6.11/configure rt-3.6.11.patched/configure
+--- rt-3.6.11/configure 2011-04-14 02:08:14.000000000 +0200
++++ rt-3.6.11.patched/configure 2011-04-17 21:32:49.000000000 +0200
+@@ -2665,6 +2665,8 @@
ac_config_files="$ac_config_files Makefile etc/RT_Config.pm lib/RT.pm bin/mason_handler.svc bin/webmux.pl"
@@ -10,15 +10,15 @@ diff -Naur rt-3.6.10.orig/configure rt-3.6.10/configure
cat >confcache <<\_ACEOF
# This file is a shell script that caches the results of configure
# tests run on this system so they can be shared between configure
-@@ -3356,6 +3358,7 @@
+@@ -3398,6 +3400,7 @@
"lib/RT.pm") CONFIG_FILES="$CONFIG_FILES lib/RT.pm" ;;
"bin/mason_handler.svc") CONFIG_FILES="$CONFIG_FILES bin/mason_handler.svc" ;;
"bin/webmux.pl") CONFIG_FILES="$CONFIG_FILES bin/webmux.pl" ;;
+ "etc/upgrade/vulnerable-passwords") CONFIG_FILES="$CONFIG_FILES etc/upgrade/vulnerable-passwords" ;;
- *) as_fn_error "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
+ *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
esac
-@@ -3783,7 +3786,8 @@
+@@ -3836,7 +3839,8 @@
;;
"bin/rt":F) chmod ug+x $ac_file
;;
@@ -28,9 +28,9 @@ diff -Naur rt-3.6.10.orig/configure rt-3.6.10/configure
esac
done # for ac_tag
-diff -Naur rt-3.6.10.orig/etc/upgrade/vulnerable-passwords.in rt-3.6.10/etc/upgrade/vulnerable-passwords.in
---- rt-3.6.10.orig/etc/upgrade/vulnerable-passwords.in 1970-01-01 01:00:00.000000000 +0100
-+++ rt-3.6.10/etc/upgrade/vulnerable-passwords.in 2011-01-27 00:15:25.000000000 +0100
+diff -Naur rt-3.6.11/etc/upgrade/vulnerable-passwords.in rt-3.6.11.patched/etc/upgrade/vulnerable-passwords.in
+--- rt-3.6.11/etc/upgrade/vulnerable-passwords.in 1970-01-01 01:00:00.000000000 +0100
++++ rt-3.6.11.patched/etc/upgrade/vulnerable-passwords.in 2011-01-27 00:15:25.000000000 +0100
@@ -0,0 +1,93 @@
+#!@PERL@
+
@@ -125,9 +125,9 @@ diff -Naur rt-3.6.10.orig/etc/upgrade/vulnerable-passwords.in rt-3.6.10/etc/upgr
+ print "\n", "Run again with --fix to upgrade.\n";
+ exit 1;
+}
-diff -Naur rt-3.6.10.orig/lib/RT/User_Overlay.pm rt-3.6.10/lib/RT/User_Overlay.pm
---- rt-3.6.10.orig/lib/RT/User_Overlay.pm 2009-11-30 19:45:26.000000000 +0100
-+++ rt-3.6.10/lib/RT/User_Overlay.pm 2011-01-27 00:15:25.000000000 +0100
+diff -Naur rt-3.6.11/lib/RT/User_Overlay.pm rt-3.6.11.patched/lib/RT/User_Overlay.pm
+--- rt-3.6.11/lib/RT/User_Overlay.pm 2011-04-14 02:08:03.000000000 +0200
++++ rt-3.6.11.patched/lib/RT/User_Overlay.pm 2011-04-17 21:32:49.000000000 +0200
@@ -77,6 +77,7 @@
%_USERS_KEY_CACHE = ();
@@ -219,9 +219,9 @@ diff -Naur rt-3.6.10.orig/lib/RT/User_Overlay.pm rt-3.6.10/lib/RT/User_Overlay.p
}
# }}}
-diff -Naur rt-3.6.10.orig/sbin/rt-test-dependencies.in rt-3.6.10/sbin/rt-test-dependencies.in
---- rt-3.6.10.orig/sbin/rt-test-dependencies.in 2009-11-30 19:45:26.000000000 +0100
-+++ rt-3.6.10/sbin/rt-test-dependencies.in 2011-01-27 00:15:25.000000000 +0100
+diff -Naur rt-3.6.11/sbin/rt-test-dependencies.in rt-3.6.11.patched/sbin/rt-test-dependencies.in
+--- rt-3.6.11/sbin/rt-test-dependencies.in 2011-04-14 02:08:03.000000000 +0200
++++ rt-3.6.11.patched/sbin/rt-test-dependencies.in 2011-04-17 21:32:49.000000000 +0200
@@ -173,6 +173,7 @@
$deps{'CORE'} = [ text_to_hash( << '.') ];
Digest::base
@@ -230,9 +230,9 @@ diff -Naur rt-3.6.10.orig/sbin/rt-test-dependencies.in rt-3.6.10/sbin/rt-test-de
DBI 1.37
Class::ReturnValue 0.40
Date::Format
-diff -Naur rt-3.6.10.orig/UPGRADING rt-3.6.10/UPGRADING
---- rt-3.6.10.orig/UPGRADING 2009-11-30 19:45:26.000000000 +0100
-+++ rt-3.6.10/UPGRADING 2011-01-27 00:17:19.000000000 +0100
+diff -Naur rt-3.6.11/UPGRADING rt-3.6.11.patched/UPGRADING
+--- rt-3.6.11/UPGRADING 2011-04-14 02:08:03.000000000 +0200
++++ rt-3.6.11.patched/UPGRADING 2011-04-17 21:32:49.000000000 +0200
@@ -16,6 +16,18 @@
*******
diff --git a/rt3.spec b/rt3.spec
index 6f73833..e479e9d 100644
--- a/rt3.spec
+++ b/rt3.spec
@@ -12,8 +12,8 @@
%define RT3_LOCALSTATEDIR %{_localstatedir}/lib/rt3
Name: rt3
-Version: 3.6.10
-Release: 2%{?dist}
+Version: 3.6.11
+Release: 1%{?dist}
Summary: Request tracker 3
Group: Applications/Internet
@@ -27,7 +27,7 @@ Source5: rt3.logrotate.in
Patch0: rt-3.6.1-config.diff
Patch1: rt-3.4.1-I18N.diff
Patch2: rt-3.6.0-Makefile.diff
-Patch3: rt3-3.6.10-salted_passwords.patch
+Patch3: rt3-3.6.11-salted_passwords.patch
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -283,6 +283,9 @@ fi
%{_mandir}/man1/rt-mailgate*
%changelog
+* Sun Apr 17 2011 Xavier Bachelot <xavier at bachelot.org> - 3.6.11-1
+- Update to 3.6.11 (CVE-2011-1685).
+
* Wed Jan 26 2011 Xavier Bachelot <xavier at bachelot.org> - 3.6.10-2
- Add patch for CVE-2011-0009.
More information about the scm-commits
mailing list