[php-pear-CAS/el5] update to 1.3.2, security fix for CVE-2012-5583

Remi Collet remi at fedoraproject.org
Sat Dec 29 17:08:12 UTC 2012 

commit 0120271662e5ee0295b6470d7742282d3a9f64b7
Author: Remi Collet <remi at fedoraproject.org>
Date:   Sat Dec 29 17:40:11 2012 +0100

    update to 1.3.2, security fix for CVE-2012-5583

 .gitignore        |    2 ++
 php-pear-CAS.spec |   25 ++++++++++++++++++-------
 sources           |    2 +-
 3 files changed, 21 insertions(+), 8 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index a3d1e8f..d1b5232 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,5 @@
 package-*.xml
 /CAS-1.2.2.tgz
 /CAS-1.3.0.tgz
+/CAS-1.3.1.tgz
+/CAS-1.3.2.tgz
diff --git a/php-pear-CAS.spec b/php-pear-CAS.spec
index 203dc1c..91a5cd5 100644
--- a/php-pear-CAS.spec
+++ b/php-pear-CAS.spec
@@ -1,12 +1,13 @@
 %{!?__pear: %{expand: %%global __pear %{_bindir}/pear}}
+%{!?pear_metadir: %global pear_metadir %{pear_phpdir}}
 %global pear_name CAS
 %global channel   __uri
 #global prever    RC7
 
 
 Name:           php-pear-CAS
-Version:        1.3.0
-Release:        2%{?dist}
+Version:        1.3.2
+Release:        1%{?dist}
 Summary:        Central Authentication Service client library in php
 
 Group:          Development/Libraries
@@ -14,8 +15,6 @@ License:        ASL 2.0
 URL:            https://wiki.jasig.org/display/CASC/phpCAS
 
 Source0:        http://downloads.jasig.org/cas-clients/php/%{version}%{?prever}/%{pear_name}-%{version}%{?prever}.tgz
-# https://github.com/Jasig/phpCAS/issues/30
-Source1:        package.xml
 
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildArch:      noarch
@@ -24,7 +23,14 @@ BuildRequires:  php-pear >= 1:1.4.9-1.2
 Requires(post): %{__pear}
 Requires(postun): %{__pear}
 Requires:       php-pear(PEAR) >= 1.4.3
-Requires:       php-pdo, php-xml >= 5.0.0
+Requires:       php-curl
+Requires:       php-dom
+Requires:       php-pcre
+Requires:       php-pdo
+Requires:       php-session
+Requires:       php-spl
+# Optional: php-imap (when use Proxied Imap)
+
 Provides:       php-pear(%{channel}/%{pear_name}) = %{version}
 # this library is mostly known as phpCAS
 Provides:       phpCAS = %{version}-%{release}
@@ -38,7 +44,7 @@ This package is a PEAR library for using a Central Authentication Service.
 %setup -q -c
 
 cd %{pear_name}-%{version}%{?prever}
-cp %{SOURCE1} %{name}.xml
+mv ../package.xml %{name}.xml
 
 
 %build
@@ -52,7 +58,7 @@ cd %{pear_name}-%{version}%{?prever}
 %{__pear} install --nodeps --packagingroot %{buildroot} %{name}.xml
 
 # Clean up unnecessary files
-rm -rf %{buildroot}%{pear_phpdir}/.??*
+rm -rf %{buildroot}%{pear_metadir}/.??*
 
 # Install XML package description
 mkdir -p %{buildroot}%{pear_xmldir}
@@ -83,6 +89,11 @@ fi
 
 
 %changelog
+* Sat Dec 29 2012 Remi Collet <remi at fedoraproject.org> - 1.3.2-1
+- update to Version 1.3.2, security fix for
+  CVE-2012-5583 Missing CN validation of CAS server certificate
+- add requires for all needed php extensions
+
 * Wed Mar 14 2012 Remi Collet <remi at fedoraproject.org> - 1.3.0-2
 - License is ASL 2.0, https://github.com/Jasig/phpCAS/issues/32
 - New sources,        https://github.com/Jasig/phpCAS/issues/31
diff --git a/sources b/sources
index 748ae22..7005de2 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-6a6b125d9055ec1d9da2fdbba37be3bd  CAS-1.3.0.tgz
+79f07386db2f2c267abcd26d3e7f24b2  CAS-1.3.2.tgz

More information about the scm-commits mailing list