[mantis] New upstream release Fixes several security issues CVE-2011-2938 (#731777) Rebase Patch0
Gianluca Sforna
giallu at fedoraproject.org
Wed Sep 7 14:42:28 UTC 2011
commit a5e78ede691c7540b8848cf74e84c1784ed1a455
Author: Gianluca Sforna <giallu at gmail.com>
Date: Wed Sep 7 16:42:06 2011 +0200
New upstream release
Fixes several security issues CVE-2011-2938 (#731777)
Rebase Patch0
.gitignore | 1 +
...h => mantis-1.2.8-install_no_write_config.patch | 20 +++++++++-----------
mantis.spec | 12 +++++++++---
sources | 2 +-
4 files changed, 20 insertions(+), 15 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 3154b3f..f8b711c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
mantisbt-1.1.8.tar.gz
/mantisbt-1.2.3.tar.gz
/mantisbt-1.2.4.tar.gz
+/mantisbt-1.2.8.tar.gz
diff --git a/mantis-1.2.0-install_no_write_config.patch b/mantis-1.2.8-install_no_write_config.patch
similarity index 89%
rename from mantis-1.2.0-install_no_write_config.patch
rename to mantis-1.2.8-install_no_write_config.patch
index b3ec741..cd49ca2 100644
--- a/mantis-1.2.0-install_no_write_config.patch
+++ b/mantis-1.2.8-install_no_write_config.patch
@@ -1,8 +1,6 @@
-diff --git a/admin/install.php b/admin/install.php
-index f3ea11a..120d17b 100644
---- a/admin/install.php
-+++ b/admin/install.php
-@@ -398,10 +398,18 @@ if( 1 == $t_install_state ) {
+--- mantisbt-1.2.8.orig/admin/install.php 2011-09-06 16:23:10.000000000 +0200
++++ mantisbt-1.2.8/admin/install.php 2011-09-07 12:07:59.139218945 +0200
+@@ -398,10 +398,18 @@
<?php if( !$g_database_upgrade ) {?>
<tr>
<td>
@@ -21,8 +19,8 @@ index f3ea11a..120d17b 100644
+ <select disabled="true" name="db_type">
<?php
if( $f_db_type == 'mysql' ) {
- echo '<option value="mysql" selected="selected">MySql (default)</option>';
-@@ -451,7 +459,7 @@ if( !$g_database_upgrade ) {?>
+ echo '<option value="mysql" selected="selected">MySQL (default)</option>';
+@@ -451,7 +459,7 @@
Hostname (for Database Server)
</td>
<td>
@@ -31,7 +29,7 @@ index f3ea11a..120d17b 100644
</td>
</tr>
<?php
-@@ -463,7 +471,7 @@ if( !$g_database_upgrade ) {?>
+@@ -463,7 +471,7 @@
Username (for Database)
</td>
<td>
@@ -40,7 +38,7 @@ index f3ea11a..120d17b 100644
</td>
</tr>
<?php
-@@ -475,7 +483,7 @@ if( !$g_database_upgrade ) {?>
+@@ -475,7 +483,7 @@
Password (for Database)
</td>
<td>
@@ -49,7 +47,7 @@ index f3ea11a..120d17b 100644
</td>
</tr>
<?php
-@@ -487,7 +495,7 @@ if( !$g_database_upgrade ) {?>
+@@ -487,7 +495,7 @@
Database name (for Database)
</td>
<td>
@@ -58,7 +56,7 @@ index f3ea11a..120d17b 100644
</td>
</tr>
<?php
-@@ -809,79 +817,9 @@ if( 4 == $t_install_state ) {
+@@ -780,79 +788,9 @@
if( 5 == $t_install_state ) {
$t_config_filename = $g_absolute_path . 'config_inc.php';
$t_config_exists = file_exists( $t_config_filename );
diff --git a/mantis.spec b/mantis.spec
index 9b2458d..53c434a 100644
--- a/mantis.spec
+++ b/mantis.spec
@@ -5,8 +5,8 @@
Summary: Web-based issue tracking system
Name: mantis
-Version: 1.2.4
-Release: 2%{?dist}
+Version: 1.2.8
+Release: 1%{?dist}
License: GPLv2+
Group: Applications/Internet
URL: http://www.mantisbt.org/
@@ -15,7 +15,8 @@ Source0: http://downloads.sourceforge.net/mantisbt/mantisbt-%{version}.tar.gz
Source1: mantis-README.Fedora
# Admin is supposed to edit /etc/mantis/config_inc.php
-Patch0: mantis-1.2.0-install_no_write_config.patch
+Patch0: mantis-1.2.8-install_no_write_config.patch
+
Patch1: mantis-1.2.0-no_example_com.patch
# We secure admin/ with httpd directives
Patch2: mantis-1.2.4-do_not_warn_on_admin_directory.patch
@@ -152,6 +153,11 @@ rm -rf "${RPM_BUILD_ROOT}"
%changelog
+* Wed Sep 7 2011 Gianluca Sforna <giallu at gmail.com> - 1.2.8-1
+- New upstream release
+- Fixes several security issues CVE-2011-2938 (#731777)
+- Rebase Patch0
+
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
diff --git a/sources b/sources
index 46a0695..e1cb1e7 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-17cf76d2b343aa23500638405209f125 mantisbt-1.2.4.tar.gz
+054035ba0ebfc8997e10e2bc75d39483 mantisbt-1.2.8.tar.gz
More information about the scm-commits
mailing list