From 84ee33d6b6a20df69f2d98d442192bc678a83bcd Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Wed, 14 Nov 2012 17:23:18 +0100 Subject: [PATCH 1/8] Update to 4.2.4 --- .gitignore | 1 + bugzilla.spec | 5 ++++- sources | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index e3204fc..0068daa 100644 --- a/.gitignore +++ b/.gitignore @@ -13,3 +13,4 @@ bugzilla-3.6.1.tar.gz /bugzilla-4.2.1.tar.gz /bugzilla-4.2.2.tar.gz /bugzilla-4.2.3.tar.gz +/bugzilla-4.2.4.tar.gz diff --git a/bugzilla.spec b/bugzilla.spec index e86739e..32a5e89 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,7 +4,7 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 4.2.3 +Version: 4.2.4 Group: Applications/Publishing Release: 1%{?dist} License: MPLv1.1 @@ -220,6 +220,9 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib/syncLDAP.pl %changelog +* Wed Nov 14 2012 Emmanuel Seyman - 4.2.4-1 +- Update to 4.2.4 + * Sun Sep 02 2012 Emmanuel Seyman - 4.2.3-1 - Update to 4.2.3 diff --git a/sources b/sources index 9df9753..e12bcb4 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -d3f9690ebd41cd084c4b6be9c7d63523 bugzilla-4.2.3.tar.gz +b2cd55bfbc0b42ce16cdec6383cc702e bugzilla-4.2.4.tar.gz From 52c3fc6746522df658b0f818a50ae6403ce886eb Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Wed, 6 Feb 2013 00:12:20 +0100 Subject: [PATCH 2/8] Update httpd configuration file --- bugzilla-httpd-conf | 5 +++++ bugzilla.spec | 5 ++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/bugzilla-httpd-conf b/bugzilla-httpd-conf index be0987f..9193e44 100644 --- a/bugzilla-httpd-conf +++ b/bugzilla-httpd-conf @@ -2,6 +2,11 @@ Alias /var/lib/bugzilla/data/webdot /var/lib/bugzilla/data/webdot Alias /bugzilla /usr/share/bugzilla + + + Require local + + AddHandler cgi-script .cgi Options +Indexes +ExecCGI +FollowSymLinks DirectoryIndex index.cgi index.html diff --git a/bugzilla.spec b/bugzilla.spec index 32a5e89..de2925c 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -6,7 +6,7 @@ URL: http://www.bugzilla.org/ Name: bugzilla Version: 4.2.4 Group: Applications/Publishing -Release: 1%{?dist} +Release: 2%{?dist} License: MPLv1.1 Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar.gz Source1: bugzilla-httpd-conf @@ -220,6 +220,9 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib/syncLDAP.pl %changelog +* Wed Feb 06 2013 Emmanuel Seyman - 4.2.4-2 +- Update httpd configuration file for Apache 2.4 + * Wed Nov 14 2012 Emmanuel Seyman - 4.2.4-1 - Update to 4.2.4 From 920ea3efc2c13d5c4d9f5cbb0ef57b6dc597177b Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Wed, 20 Feb 2013 23:20:44 +0100 Subject: [PATCH 3/8] Update to 4.2.5 (fixes CVE-2013-0785) --- .gitignore | 1 + bugzilla.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 0068daa..0bdf1af 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,4 @@ bugzilla-3.6.1.tar.gz /bugzilla-4.2.2.tar.gz /bugzilla-4.2.3.tar.gz /bugzilla-4.2.4.tar.gz +/bugzilla-4.2.5.tar.gz diff --git a/bugzilla.spec b/bugzilla.spec index de2925c..2d0eeec 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,9 +4,9 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 4.2.4 +Version: 4.2.5 Group: Applications/Publishing -Release: 2%{?dist} +Release: 1%{?dist} License: MPLv1.1 Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar.gz Source1: bugzilla-httpd-conf @@ -220,6 +220,9 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib/syncLDAP.pl %changelog +* Wed Feb 20 2013 Emmanuel Seyman - 4.2.5-1 +- Update to 4.2.5 (fixes CVE-2013-0785) + * Wed Feb 06 2013 Emmanuel Seyman - 4.2.4-2 - Update httpd configuration file for Apache 2.4 diff --git a/sources b/sources index e12bcb4..9afe565 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -b2cd55bfbc0b42ce16cdec6383cc702e bugzilla-4.2.4.tar.gz +070c2d9eee81b2ba621c45d1d3849f66 bugzilla-4.2.5.tar.gz From 755035f9531018f734024151ba8e0d3498fe567f Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Sun, 26 May 2013 11:45:13 +0200 Subject: [PATCH 4/8] Update to 4.2.6 --- .gitignore | 1 + bugzilla.spec | 5 ++++- sources | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 0bdf1af..cc6785d 100644 --- a/.gitignore +++ b/.gitignore @@ -15,3 +15,4 @@ bugzilla-3.6.1.tar.gz /bugzilla-4.2.3.tar.gz /bugzilla-4.2.4.tar.gz /bugzilla-4.2.5.tar.gz +/bugzilla-4.2.6.tar.gz diff --git a/bugzilla.spec b/bugzilla.spec index 2d0eeec..4efebe3 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,7 +4,7 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 4.2.5 +Version: 4.2.6 Group: Applications/Publishing Release: 1%{?dist} License: MPLv1.1 @@ -220,6 +220,9 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib/syncLDAP.pl %changelog +* Sun May 26 2013 Emmanuel Seyman - 4.2.6-1 +- Update to 4.2.6 + * Wed Feb 20 2013 Emmanuel Seyman - 4.2.5-1 - Update to 4.2.5 (fixes CVE-2013-0785) diff --git a/sources b/sources index 9afe565..0e07eb9 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -070c2d9eee81b2ba621c45d1d3849f66 bugzilla-4.2.5.tar.gz +65d0c7f1f281c37aa17a3ec5724251d6 bugzilla-4.2.6.tar.gz From a146a5e3a5834f27a3daed3d431067e32e48413b Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Sun, 4 Aug 2013 16:22:11 +0200 Subject: [PATCH 5/8] Make bugzilla accessible from everywhere by default --- bugzilla-httpd-conf | 5 ++++- bugzilla.spec | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/bugzilla-httpd-conf b/bugzilla-httpd-conf index 9193e44..9d0d97b 100644 --- a/bugzilla-httpd-conf +++ b/bugzilla-httpd-conf @@ -4,7 +4,10 @@ Alias /bugzilla /usr/share/bugzilla - Require local + # Bugzilla will be accessible to all machines in your network + # Replace with "Require local" if you want access to be restricted + # to this machine. + Require all granted AddHandler cgi-script .cgi diff --git a/bugzilla.spec b/bugzilla.spec index 4efebe3..3a4d90f 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -6,7 +6,7 @@ URL: http://www.bugzilla.org/ Name: bugzilla Version: 4.2.6 Group: Applications/Publishing -Release: 1%{?dist} +Release: 2%{?dist} License: MPLv1.1 Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar.gz Source1: bugzilla-httpd-conf @@ -220,6 +220,9 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib/syncLDAP.pl %changelog +* Sun Aug 04 2013 Emmanuel Seyman - 4.2.6-2 +- Change apache conf to enable access to all machines + * Sun May 26 2013 Emmanuel Seyman - 4.2.6-1 - Update to 4.2.6 From 1ee350aa870396cc68c6ff039d1a9d169b3b23f7 Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Fri, 18 Oct 2013 00:28:35 +0200 Subject: [PATCH 6/8] Update to 4.2.7 (security updates) Patch bugzilla to write compiled templates under /var (#949130) --- .gitignore | 1 + bugzilla-rw-paths.patch | 12 ++++++++---- bugzilla.spec | 8 ++++++-- sources | 2 +- 4 files changed, 16 insertions(+), 7 deletions(-) diff --git a/.gitignore b/.gitignore index cc6785d..ecdb3a0 100644 --- a/.gitignore +++ b/.gitignore @@ -16,3 +16,4 @@ bugzilla-3.6.1.tar.gz /bugzilla-4.2.4.tar.gz /bugzilla-4.2.5.tar.gz /bugzilla-4.2.6.tar.gz +/bugzilla-4.2.7.tar.gz diff --git a/bugzilla-rw-paths.patch b/bugzilla-rw-paths.patch index 66b0d87..f2f342b 100644 --- a/bugzilla-rw-paths.patch +++ b/bugzilla-rw-paths.patch @@ -1,8 +1,12 @@ ---- bugzilla-4.2/Bugzilla/Constants.pm 2012-02-26 22:39:30.161462858 +0100 -+++ bugzilla-4.2-rw/Bugzilla/Constants.pm 2012-02-26 22:41:55.185107179 +0100 -@@ -629,18 +629,18 @@ +diff -up ./Bugzilla/Constants.pm.orig ./Bugzilla/Constants.pm +--- ./Bugzilla/Constants.pm.orig 2013-09-02 22:51:11.831245853 +0200 ++++ ./Bugzilla/Constants.pm 2013-09-02 22:53:27.733416972 +0200 +@@ -627,20 +627,20 @@ sub bz_locations { + # make sure this still points to the CGIs. + 'cgi_path' => $libpath, 'templatedir' => "$libpath/template", - 'template_cache' => "$datadir/template", +- 'template_cache' => "$datadir/template", ++ 'template_cache' => "/var/lib/bugzilla/$datadir/template", 'project' => $project, - 'localconfig' => "$libpath/$localconfig", - 'datadir' => $datadir, diff --git a/bugzilla.spec b/bugzilla.spec index 3a4d90f..f5048ca 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,9 +4,9 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 4.2.6 +Version: 4.2.7 Group: Applications/Publishing -Release: 2%{?dist} +Release: 1%{?dist} License: MPLv1.1 Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar.gz Source1: bugzilla-httpd-conf @@ -220,6 +220,10 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib/syncLDAP.pl %changelog +* Fri Oct 18 2013 Emmanuel Seyman - 4.2.7-1 +- Update to 4.2.7 (security updates) +- Patch bugzilla to write compiled templates under /var (#949130) + * Sun Aug 04 2013 Emmanuel Seyman - 4.2.6-2 - Change apache conf to enable access to all machines diff --git a/sources b/sources index 0e07eb9..ff6e8d0 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -65d0c7f1f281c37aa17a3ec5724251d6 bugzilla-4.2.6.tar.gz +ebf0a75d1037f09994660d3958fc66fb bugzilla-4.2.7.tar.gz From 2cc07694781d8d5bdc663ba3e10f396e8bf6475a Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Fri, 15 Nov 2013 00:46:33 +0100 Subject: [PATCH 7/8] Patch bugzilla so that it will cache bz_locations() and not memorize it. Clean up our own patch to Bugzilla/Constants.pm so that the PROJECT environment variable can be used. --- bugzilla-project-mod_perl.patch | 41 +++++++++++++++++++++++++++++++++ bugzilla.spec | 8 ++++++- 2 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 bugzilla-project-mod_perl.patch diff --git a/bugzilla-project-mod_perl.patch b/bugzilla-project-mod_perl.patch new file mode 100644 index 0000000..a29632a --- /dev/null +++ b/bugzilla-project-mod_perl.patch @@ -0,0 +1,41 @@ +diff -up ./Bugzilla/Constants.pm.orig ./Bugzilla/Constants.pm +--- ./Bugzilla/Constants.pm.orig 2013-11-14 23:21:44.947050044 +0100 ++++ ./Bugzilla/Constants.pm 2013-11-14 23:23:55.873245730 +0100 +@@ -591,6 +591,13 @@ use constant AUDIT_CREATE => '__create__ + use constant AUDIT_REMOVE => '__remove__'; + + sub bz_locations { ++ # Force memoize() to re-compute data per project, to avoid ++ # sharing the same data across different installations. ++ return _bz_locations($ENV{'PROJECT'}); ++} ++ ++sub _bz_locations { ++ my $project = shift; + # We know that Bugzilla/Constants.pm must be in %INC at this point. + # So the only question is, what's the name of the directory + # above it? This is the most reliable way to get our current working +@@ -607,12 +614,13 @@ sub bz_locations { + $libpath =~ /(.*)/; + $libpath = $1; + +- my ($project, $localconfig, $datadir); +- if ($ENV{'PROJECT'} && $ENV{'PROJECT'} =~ /^(\w+)$/) { ++ my ($localconfig, $datadir); ++ if ($project && $project =~ /^(\w+)$/) { + $project = $1; + $localconfig = "localconfig.$project"; + $datadir = "data/$project"; + } else { ++ $project = undef; + $localconfig = "localconfig"; + $datadir = "data"; + } +@@ -647,6 +655,6 @@ sub bz_locations { + + # This makes us not re-compute all the bz_locations data every time it's + # called. +-BEGIN { memoize('bz_locations') }; ++BEGIN { memoize('_bz_locations') }; + + 1; diff --git a/bugzilla.spec b/bugzilla.spec index f5048ca..7dbc0d1 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -6,7 +6,7 @@ URL: http://www.bugzilla.org/ Name: bugzilla Version: 4.2.7 Group: Applications/Publishing -Release: 1%{?dist} +Release: 2%{?dist} License: MPLv1.1 Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar.gz Source1: bugzilla-httpd-conf @@ -14,6 +14,7 @@ Source2: README.fedora.bugzilla Source3: bugzilla.cron-daily Patch0: bugzilla-rw-paths.patch Patch1: bugzilla-yum.patch +Patch1: bugzilla-project-mod_perl.patch BuildArch: noarch Requires: webserver, patchutils, perl(SOAP::Lite), which @@ -104,6 +105,7 @@ Contributed scripts and functions for Bugzilla %setup -q -n %{name}-%{version} %patch0 -p1 %patch1 -p1 +%patch2 -p1 rm -f Bugzilla/Constants.pm.orig rm -f Bugzilla/Install/Requirements.pm.orig # Remove bundled libs @@ -220,6 +222,10 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib/syncLDAP.pl %changelog +* Fri Nov 15 2013 Emmanuel Seyman - 4.2.7-2 +- Add patch to cache bz_locations() (bmo #843457) +- Fix constants patch to honor the PROJECT environment variable (#911943) + * Fri Oct 18 2013 Emmanuel Seyman - 4.2.7-1 - Update to 4.2.7 (security updates) - Patch bugzilla to write compiled templates under /var (#949130) From 9db2594cfbd558c6ec48ef407349898739de86d2 Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Fri, 15 Nov 2013 00:48:05 +0100 Subject: [PATCH 8/8] Patch1 -> Patch2 --- bugzilla.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bugzilla.spec b/bugzilla.spec index 7dbc0d1..a0e7e40 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -14,7 +14,7 @@ Source2: README.fedora.bugzilla Source3: bugzilla.cron-daily Patch0: bugzilla-rw-paths.patch Patch1: bugzilla-yum.patch -Patch1: bugzilla-project-mod_perl.patch +Patch2: bugzilla-project-mod_perl.patch BuildArch: noarch Requires: webserver, patchutils, perl(SOAP::Lite), which