[rt3/el5/master] Update to 3.6.11 (CVE-2011-1685)

Xavier Bachelot xavierb at fedoraproject.org
Sun Apr 17 20:06:46 UTC 2011 

commit bd20c47787068b772b314d9309349f40c0cb06e2
Author: Xavier Bachelot <xavier at bachelot.org>
Date:   Sun Apr 17 22:02:14 2011 +0200

    Update to 3.6.11 (CVE-2011-1685)

 ...ords.patch => rt3-3.6.11-salted_passwords.patch |   38 ++++++++++----------
 rt3.spec                                           |    9 +++--
 2 files changed, 25 insertions(+), 22 deletions(-)
---
diff --git a/rt3-3.6.10-salted_passwords.patch b/rt3-3.6.11-salted_passwords.patch
similarity index 84%
rename from rt3-3.6.10-salted_passwords.patch
rename to rt3-3.6.11-salted_passwords.patch
index f826269..13f2c1c 100644
--- a/rt3-3.6.10-salted_passwords.patch
+++ b/rt3-3.6.11-salted_passwords.patch
@@ -1,7 +1,7 @@
-diff -Naur rt-3.6.10.orig/configure rt-3.6.10/configure
---- rt-3.6.10.orig/configure	2009-11-30 19:47:53.000000000 +0100
-+++ rt-3.6.10/configure	2011-01-27 00:15:25.000000000 +0100
-@@ -2646,6 +2646,8 @@
+diff -Naur rt-3.6.11/configure rt-3.6.11.patched/configure
+--- rt-3.6.11/configure	2011-04-14 02:08:14.000000000 +0200
++++ rt-3.6.11.patched/configure	2011-04-17 21:32:49.000000000 +0200
+@@ -2665,6 +2665,8 @@
  
  ac_config_files="$ac_config_files Makefile etc/RT_Config.pm lib/RT.pm bin/mason_handler.svc bin/webmux.pl"
  
@@ -10,15 +10,15 @@ diff -Naur rt-3.6.10.orig/configure rt-3.6.10/configure
  cat >confcache <<\_ACEOF
  # This file is a shell script that caches the results of configure
  # tests run on this system so they can be shared between configure
-@@ -3356,6 +3358,7 @@
+@@ -3398,6 +3400,7 @@
      "lib/RT.pm") CONFIG_FILES="$CONFIG_FILES lib/RT.pm" ;;
      "bin/mason_handler.svc") CONFIG_FILES="$CONFIG_FILES bin/mason_handler.svc" ;;
      "bin/webmux.pl") CONFIG_FILES="$CONFIG_FILES bin/webmux.pl" ;;
 +    "etc/upgrade/vulnerable-passwords") CONFIG_FILES="$CONFIG_FILES etc/upgrade/vulnerable-passwords" ;;
  
-   *) as_fn_error "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
+   *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
    esac
-@@ -3783,7 +3786,8 @@
+@@ -3836,7 +3839,8 @@
                  ;;
      "bin/rt":F) chmod ug+x $ac_file
                  ;;
@@ -28,9 +28,9 @@ diff -Naur rt-3.6.10.orig/configure rt-3.6.10/configure
    esac
  done # for ac_tag
  
-diff -Naur rt-3.6.10.orig/etc/upgrade/vulnerable-passwords.in rt-3.6.10/etc/upgrade/vulnerable-passwords.in
---- rt-3.6.10.orig/etc/upgrade/vulnerable-passwords.in	1970-01-01 01:00:00.000000000 +0100
-+++ rt-3.6.10/etc/upgrade/vulnerable-passwords.in	2011-01-27 00:15:25.000000000 +0100
+diff -Naur rt-3.6.11/etc/upgrade/vulnerable-passwords.in rt-3.6.11.patched/etc/upgrade/vulnerable-passwords.in
+--- rt-3.6.11/etc/upgrade/vulnerable-passwords.in	1970-01-01 01:00:00.000000000 +0100
++++ rt-3.6.11.patched/etc/upgrade/vulnerable-passwords.in	2011-01-27 00:15:25.000000000 +0100
 @@ -0,0 +1,93 @@
 +#!@PERL@
 +
@@ -125,9 +125,9 @@ diff -Naur rt-3.6.10.orig/etc/upgrade/vulnerable-passwords.in rt-3.6.10/etc/upgr
 +    print "\n", "Run again with --fix to upgrade.\n";
 +    exit 1;
 +}
-diff -Naur rt-3.6.10.orig/lib/RT/User_Overlay.pm rt-3.6.10/lib/RT/User_Overlay.pm
---- rt-3.6.10.orig/lib/RT/User_Overlay.pm	2009-11-30 19:45:26.000000000 +0100
-+++ rt-3.6.10/lib/RT/User_Overlay.pm	2011-01-27 00:15:25.000000000 +0100
+diff -Naur rt-3.6.11/lib/RT/User_Overlay.pm rt-3.6.11.patched/lib/RT/User_Overlay.pm
+--- rt-3.6.11/lib/RT/User_Overlay.pm	2011-04-14 02:08:03.000000000 +0200
++++ rt-3.6.11.patched/lib/RT/User_Overlay.pm	2011-04-17 21:32:49.000000000 +0200
 @@ -77,6 +77,7 @@
  
  %_USERS_KEY_CACHE = ();
@@ -219,9 +219,9 @@ diff -Naur rt-3.6.10.orig/lib/RT/User_Overlay.pm rt-3.6.10/lib/RT/User_Overlay.p
  }
  
  # }}}
-diff -Naur rt-3.6.10.orig/sbin/rt-test-dependencies.in rt-3.6.10/sbin/rt-test-dependencies.in
---- rt-3.6.10.orig/sbin/rt-test-dependencies.in	2009-11-30 19:45:26.000000000 +0100
-+++ rt-3.6.10/sbin/rt-test-dependencies.in	2011-01-27 00:15:25.000000000 +0100
+diff -Naur rt-3.6.11/sbin/rt-test-dependencies.in rt-3.6.11.patched/sbin/rt-test-dependencies.in
+--- rt-3.6.11/sbin/rt-test-dependencies.in	2011-04-14 02:08:03.000000000 +0200
++++ rt-3.6.11.patched/sbin/rt-test-dependencies.in	2011-04-17 21:32:49.000000000 +0200
 @@ -173,6 +173,7 @@
  $deps{'CORE'} = [ text_to_hash( << '.') ];
  Digest::base
@@ -230,9 +230,9 @@ diff -Naur rt-3.6.10.orig/sbin/rt-test-dependencies.in rt-3.6.10/sbin/rt-test-de
  DBI 1.37
  Class::ReturnValue 0.40
  Date::Format
-diff -Naur rt-3.6.10.orig/UPGRADING rt-3.6.10/UPGRADING
---- rt-3.6.10.orig/UPGRADING	2009-11-30 19:45:26.000000000 +0100
-+++ rt-3.6.10/UPGRADING	2011-01-27 00:17:19.000000000 +0100
+diff -Naur rt-3.6.11/UPGRADING rt-3.6.11.patched/UPGRADING
+--- rt-3.6.11/UPGRADING	2011-04-14 02:08:03.000000000 +0200
++++ rt-3.6.11.patched/UPGRADING	2011-04-17 21:32:49.000000000 +0200
 @@ -16,6 +16,18 @@
  
  *******
diff --git a/rt3.spec b/rt3.spec
index 6f73833..e479e9d 100644
--- a/rt3.spec
+++ b/rt3.spec
@@ -12,8 +12,8 @@
 %define RT3_LOCALSTATEDIR	%{_localstatedir}/lib/rt3
 
 Name:		rt3
-Version:	3.6.10
-Release:	2%{?dist}
+Version:	3.6.11
+Release:	1%{?dist}
 Summary:	Request tracker 3
 
 Group:		Applications/Internet
@@ -27,7 +27,7 @@ Source5:	rt3.logrotate.in
 Patch0:		rt-3.6.1-config.diff
 Patch1:		rt-3.4.1-I18N.diff
 Patch2:		rt-3.6.0-Makefile.diff
-Patch3:		rt3-3.6.10-salted_passwords.patch
+Patch3:		rt3-3.6.11-salted_passwords.patch
 
 BuildArch:	noarch
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -283,6 +283,9 @@ fi
 %{_mandir}/man1/rt-mailgate*
 
 %changelog
+* Sun Apr 17 2011 Xavier Bachelot <xavier at bachelot.org> - 3.6.11-1
+- Update to 3.6.11 (CVE-2011-1685).
+
 * Wed Jan 26 2011 Xavier Bachelot <xavier at bachelot.org> - 3.6.10-2
 - Add patch for CVE-2011-0009.

More information about the scm-commits mailing list