[php-pear-CAS/el5] update to 1.3.2, security fix for CVE-2012-5583
Remi Collet
remi at fedoraproject.org
Sat Dec 29 17:08:12 UTC 2012
commit 0120271662e5ee0295b6470d7742282d3a9f64b7
Author: Remi Collet <remi at fedoraproject.org>
Date: Sat Dec 29 17:40:11 2012 +0100
update to 1.3.2, security fix for CVE-2012-5583
.gitignore | 2 ++
php-pear-CAS.spec | 25 ++++++++++++++++++-------
sources | 2 +-
3 files changed, 21 insertions(+), 8 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index a3d1e8f..d1b5232 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,5 @@
package-*.xml
/CAS-1.2.2.tgz
/CAS-1.3.0.tgz
+/CAS-1.3.1.tgz
+/CAS-1.3.2.tgz
diff --git a/php-pear-CAS.spec b/php-pear-CAS.spec
index 203dc1c..91a5cd5 100644
--- a/php-pear-CAS.spec
+++ b/php-pear-CAS.spec
@@ -1,12 +1,13 @@
%{!?__pear: %{expand: %%global __pear %{_bindir}/pear}}
+%{!?pear_metadir: %global pear_metadir %{pear_phpdir}}
%global pear_name CAS
%global channel __uri
#global prever RC7
Name: php-pear-CAS
-Version: 1.3.0
-Release: 2%{?dist}
+Version: 1.3.2
+Release: 1%{?dist}
Summary: Central Authentication Service client library in php
Group: Development/Libraries
@@ -14,8 +15,6 @@ License: ASL 2.0
URL: https://wiki.jasig.org/display/CASC/phpCAS
Source0: http://downloads.jasig.org/cas-clients/php/%{version}%{?prever}/%{pear_name}-%{version}%{?prever}.tgz
-# https://github.com/Jasig/phpCAS/issues/30
-Source1: package.xml
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: noarch
@@ -24,7 +23,14 @@ BuildRequires: php-pear >= 1:1.4.9-1.2
Requires(post): %{__pear}
Requires(postun): %{__pear}
Requires: php-pear(PEAR) >= 1.4.3
-Requires: php-pdo, php-xml >= 5.0.0
+Requires: php-curl
+Requires: php-dom
+Requires: php-pcre
+Requires: php-pdo
+Requires: php-session
+Requires: php-spl
+# Optional: php-imap (when use Proxied Imap)
+
Provides: php-pear(%{channel}/%{pear_name}) = %{version}
# this library is mostly known as phpCAS
Provides: phpCAS = %{version}-%{release}
@@ -38,7 +44,7 @@ This package is a PEAR library for using a Central Authentication Service.
%setup -q -c
cd %{pear_name}-%{version}%{?prever}
-cp %{SOURCE1} %{name}.xml
+mv ../package.xml %{name}.xml
%build
@@ -52,7 +58,7 @@ cd %{pear_name}-%{version}%{?prever}
%{__pear} install --nodeps --packagingroot %{buildroot} %{name}.xml
# Clean up unnecessary files
-rm -rf %{buildroot}%{pear_phpdir}/.??*
+rm -rf %{buildroot}%{pear_metadir}/.??*
# Install XML package description
mkdir -p %{buildroot}%{pear_xmldir}
@@ -83,6 +89,11 @@ fi
%changelog
+* Sat Dec 29 2012 Remi Collet <remi at fedoraproject.org> - 1.3.2-1
+- update to Version 1.3.2, security fix for
+ CVE-2012-5583 Missing CN validation of CAS server certificate
+- add requires for all needed php extensions
+
* Wed Mar 14 2012 Remi Collet <remi at fedoraproject.org> - 1.3.0-2
- License is ASL 2.0, https://github.com/Jasig/phpCAS/issues/32
- New sources, https://github.com/Jasig/phpCAS/issues/31
diff --git a/sources b/sources
index 748ae22..7005de2 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-6a6b125d9055ec1d9da2fdbba37be3bd CAS-1.3.0.tgz
+79f07386db2f2c267abcd26d3e7f24b2 CAS-1.3.2.tgz
More information about the scm-commits
mailing list