From ea333eb535c599084092bd18ee1ecfd0b7e24a36 Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Wed, 18 Nov 2009 02:54:13 +0000 Subject: [PATCH 01/25] Fix all remaining bugs --- .cvsignore | 2 +- bugzilla-httpd-conf | 1 + bugzilla.spec | 20 ++++++++++++++++++-- sources | 2 +- 4 files changed, 21 insertions(+), 4 deletions(-) diff --git a/.cvsignore b/.cvsignore index 31f2c23..e721459 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -bugzilla-3.4.2.tar.gz +bugzilla-3.4.3.tar.gz diff --git a/bugzilla-httpd-conf b/bugzilla-httpd-conf index e8fbb38..bf195de 100644 --- a/bugzilla-httpd-conf +++ b/bugzilla-httpd-conf @@ -1,3 +1,4 @@ +Alias /bugzilla/var/lib/bugzilla/data/webdot /var/lib/bugzilla/data/webdot Alias /bugzilla /usr/share/bugzilla diff --git a/bugzilla.spec b/bugzilla.spec index d92fb6d..dec2137 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,7 +4,7 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 3.4.2 +Version: 3.4.3 Group: Applications/Publishing Release: 1%{?dist} License: MPLv1.1 @@ -16,7 +16,17 @@ Patch1: bugzilla-EL5-perl-versions.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch -Requires: webserver, patchutils, mod_perl, perl(SOAP::Lite), which +Requires: webserver, patchutils, mod_perl, perl(SOAP::Lite), perl(Digest::SHA), which +Requires: perl(CGI) >= 3.33 +Requires: perl(Date::Format) >= 2.21 +Requires: perl(DateTime) >= 0.28 +Requires: perl(DateTime::TimeZone) >= 0.71 +Requires: perl(DBI) >= 1.41 +Requires: perl(Template) >= 2.22 +Requires: perl(Email::Send) >= 2.00 +Requires: perl(Email::MIME) >= 1.859 +Requires: perl(Email::MIME::Encodings) >= 1.313 +Requires: perl(Email::MIME::Modifier) >= 1.441 %package doc Summary: Bugzilla documentation @@ -155,6 +165,12 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib %changelog +* Wed Nov 11 2009 Emmanuel Seyman - 3.4.3-1 +- Update to 3.4.3 (fixes memory leak issues) +- Add perl(Digest::SHA) in the Requires +- Specify Perl module versions in the Requires (fixes #524309) +- Add an alias to make $webdotdir a working path (fixes #458848) + * Fri Sep 11 2009 Emmanuel Seyman - 3.4.2-1 - Update to 3.4.2 (CVE-2009-3125, CVE-2009-3165 and CVE-2009-3166) diff --git a/sources b/sources index 7dbbefc..eb56f67 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -db35a67b7470f46f208b9ecb1abc561b bugzilla-3.4.2.tar.gz +99a3fec50673489d8c8f7fee5d7cb0a3 bugzilla-3.4.3.tar.gz From ff71893abf61c9624c4c395dc3b71c512b44ce19 Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Thu, 19 Nov 2009 11:17:27 +0000 Subject: [PATCH 02/25] Update to 3.4.4 --- .cvsignore | 2 +- bugzilla.spec | 9 ++++++--- sources | 2 +- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/.cvsignore b/.cvsignore index e721459..851a37e 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -bugzilla-3.4.3.tar.gz +bugzilla-3.4.4.tar.gz diff --git a/bugzilla.spec b/bugzilla.spec index dec2137..7e9c441 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,7 +4,7 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 3.4.3 +Version: 3.4.4 Group: Applications/Publishing Release: 1%{?dist} License: MPLv1.1 @@ -24,9 +24,9 @@ Requires: perl(DateTime::TimeZone) >= 0.71 Requires: perl(DBI) >= 1.41 Requires: perl(Template) >= 2.22 Requires: perl(Email::Send) >= 2.00 -Requires: perl(Email::MIME) >= 1.859 +Requires: perl(Email::MIME) >= 1.861 Requires: perl(Email::MIME::Encodings) >= 1.313 -Requires: perl(Email::MIME::Modifier) >= 1.441 +Requires: perl(Email::MIME::Modifier) >= 1.442 %package doc Summary: Bugzilla documentation @@ -165,6 +165,9 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib %changelog +* Thu Nov 19 2009 Emmanuel Seyman - 3.4.4-1 +- Update to 3.4.4 (CVE-2009-3386) + * Wed Nov 11 2009 Emmanuel Seyman - 3.4.3-1 - Update to 3.4.3 (fixes memory leak issues) - Add perl(Digest::SHA) in the Requires diff --git a/sources b/sources index eb56f67..40c7b89 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -99a3fec50673489d8c8f7fee5d7cb0a3 bugzilla-3.4.3.tar.gz +a59031c15fb79e9096c0a350c2382cfe bugzilla-3.4.4.tar.gz From 169230ddd90ec6ae3598c268440b51223a846520 Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Wed, 25 Nov 2009 22:46:08 +0000 Subject: [PATCH 03/25] Fix typo that causes a failure to update the common directory. (releng #2781) --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index c2b3080..8518ff4 100644 --- a/Makefile +++ b/Makefile @@ -4,7 +4,7 @@ NAME := bugzilla SPECFILE = $(firstword $(wildcard *.spec)) define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done +for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done endef MAKEFILE_COMMON := $(shell $(find-makefile-common)) From f5872fd3eadd440c18c26e1f03d9fafa23320620 Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Thu, 26 Nov 2009 01:23:55 +0000 Subject: [PATCH 04/25] Fix typo that causes a failure to update the common directory. (releng #2781) --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index c2b3080..8518ff4 100644 --- a/Makefile +++ b/Makefile @@ -4,7 +4,7 @@ NAME := bugzilla SPECFILE = $(firstword $(wildcard *.spec)) define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done +for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done endef MAKEFILE_COMMON := $(shell $(find-makefile-common)) From 25cc98b264d294e178584016adb00a413b58ca76 Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Mon, 1 Feb 2010 11:01:52 +0000 Subject: [PATCH 05/25] Update to 3.4.5 --- .cvsignore | 2 +- bugzilla-EL5-perl-versions.patch | 33 -------------------------------- bugzilla.spec | 8 +++++--- sources | 2 +- 4 files changed, 7 insertions(+), 38 deletions(-) delete mode 100644 bugzilla-EL5-perl-versions.patch diff --git a/.cvsignore b/.cvsignore index 851a37e..b5354fa 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -bugzilla-3.4.4.tar.gz +bugzilla-3.4.5.tar.gz diff --git a/bugzilla-EL5-perl-versions.patch b/bugzilla-EL5-perl-versions.patch deleted file mode 100644 index 4ca70e3..0000000 --- a/bugzilla-EL5-perl-versions.patch +++ /dev/null @@ -1,33 +0,0 @@ -diff -ruNp a/bugzilla-3.4.1/Bugzilla/Constants.pm b/bugzilla-3.4.1/Bugzilla/Constants.pm ---- a/bugzilla-3.4.1/Bugzilla/Constants.pm 2009-08-01 11:28:41.000000000 -0300 -+++ b/bugzilla-3.4.1/Bugzilla/Constants.pm 2009-08-04 01:26:18.761892048 -0300 -@@ -400,7 +400,7 @@ use constant DB_MODULE => { - # Disallow development versions - blacklist => ['_'], - # For UTF-8 support -- version => '4.00', -+ version => '3.00', - }, - name => 'MySQL'}, - 'pg' => {db => 'Bugzilla::DB::Pg', db_version => '8.00.0000', -diff -ruNp a/bugzilla-3.4.1/Bugzilla/Install/Requirements.pm b/bugzilla-3.4.1/Bugzilla/Install/Requirements.pm ---- a/bugzilla-3.4.1/Bugzilla/Install/Requirements.pm 2009-07-24 15:58:46.000000000 -0300 -+++ b/bugzilla-3.4.1/Bugzilla/Install/Requirements.pm 2009-08-04 01:27:02.852909164 -0300 -@@ -118,7 +118,7 @@ sub REQUIRED_MODULES { - { - package => 'Email-MIME', - module => 'Email::MIME', -- version => '1.861' -+ version => '1.859' - }, - { - package => 'Email-MIME-Encodings', -@@ -129,7 +129,7 @@ sub REQUIRED_MODULES { - { - package => 'Email-MIME-Modifier', - module => 'Email::MIME::Modifier', -- version => '1.442' -+ version => '1.441' - }, - { - package => 'URI', diff --git a/bugzilla.spec b/bugzilla.spec index 7e9c441..31e4474 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,7 +4,7 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 3.4.4 +Version: 3.4.5 Group: Applications/Publishing Release: 1%{?dist} License: MPLv1.1 @@ -12,7 +12,6 @@ Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar Source1: bugzilla-httpd-conf Source2: README.fedora.bugzilla Patch0: bugzilla-rw-paths.patch -Patch1: bugzilla-EL5-perl-versions.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch @@ -59,7 +58,6 @@ Contributed scripts and functions for Bugzilla %prep %setup -q -n %{name}-%{version} %patch0 -p1 -%patch1 -p2 # Filter unwanted Requires found by /usr/lib/rpm/perldeps.pl: # create a wrapper script which runs the original perl_requires @@ -165,6 +163,10 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib %changelog +* Mon Feb 01 2010 Emmanuel Seyman - 3.4.5-1 +- Update to 3.4.5 (CVE-2009-3989, CVE-2009-3387) +- Remove bugzilla-EL5-perl-versions.patch which is EPEL-specific + * Thu Nov 19 2009 Emmanuel Seyman - 3.4.4-1 - Update to 3.4.4 (CVE-2009-3386) diff --git a/sources b/sources index 40c7b89..31fb27a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -a59031c15fb79e9096c0a350c2382cfe bugzilla-3.4.4.tar.gz +42c7f6bf31be3198cbf1f55fffaff441 bugzilla-3.4.5.tar.gz From d8b106d0c7db94a1c818ed6afd3df779d081bf0e Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Mon, 1 Feb 2010 11:14:51 +0000 Subject: [PATCH 06/25] Update to 3.4.5 --- .cvsignore | 2 +- bugzilla-EL5-perl-versions.patch | 33 -------------------------------- bugzilla.spec | 8 +++++--- sources | 2 +- 4 files changed, 7 insertions(+), 38 deletions(-) delete mode 100644 bugzilla-EL5-perl-versions.patch diff --git a/.cvsignore b/.cvsignore index 851a37e..b5354fa 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -bugzilla-3.4.4.tar.gz +bugzilla-3.4.5.tar.gz diff --git a/bugzilla-EL5-perl-versions.patch b/bugzilla-EL5-perl-versions.patch deleted file mode 100644 index 4ca70e3..0000000 --- a/bugzilla-EL5-perl-versions.patch +++ /dev/null @@ -1,33 +0,0 @@ -diff -ruNp a/bugzilla-3.4.1/Bugzilla/Constants.pm b/bugzilla-3.4.1/Bugzilla/Constants.pm ---- a/bugzilla-3.4.1/Bugzilla/Constants.pm 2009-08-01 11:28:41.000000000 -0300 -+++ b/bugzilla-3.4.1/Bugzilla/Constants.pm 2009-08-04 01:26:18.761892048 -0300 -@@ -400,7 +400,7 @@ use constant DB_MODULE => { - # Disallow development versions - blacklist => ['_'], - # For UTF-8 support -- version => '4.00', -+ version => '3.00', - }, - name => 'MySQL'}, - 'pg' => {db => 'Bugzilla::DB::Pg', db_version => '8.00.0000', -diff -ruNp a/bugzilla-3.4.1/Bugzilla/Install/Requirements.pm b/bugzilla-3.4.1/Bugzilla/Install/Requirements.pm ---- a/bugzilla-3.4.1/Bugzilla/Install/Requirements.pm 2009-07-24 15:58:46.000000000 -0300 -+++ b/bugzilla-3.4.1/Bugzilla/Install/Requirements.pm 2009-08-04 01:27:02.852909164 -0300 -@@ -118,7 +118,7 @@ sub REQUIRED_MODULES { - { - package => 'Email-MIME', - module => 'Email::MIME', -- version => '1.861' -+ version => '1.859' - }, - { - package => 'Email-MIME-Encodings', -@@ -129,7 +129,7 @@ sub REQUIRED_MODULES { - { - package => 'Email-MIME-Modifier', - module => 'Email::MIME::Modifier', -- version => '1.442' -+ version => '1.441' - }, - { - package => 'URI', diff --git a/bugzilla.spec b/bugzilla.spec index 7e9c441..31e4474 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,7 +4,7 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 3.4.4 +Version: 3.4.5 Group: Applications/Publishing Release: 1%{?dist} License: MPLv1.1 @@ -12,7 +12,6 @@ Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar Source1: bugzilla-httpd-conf Source2: README.fedora.bugzilla Patch0: bugzilla-rw-paths.patch -Patch1: bugzilla-EL5-perl-versions.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch @@ -59,7 +58,6 @@ Contributed scripts and functions for Bugzilla %prep %setup -q -n %{name}-%{version} %patch0 -p1 -%patch1 -p2 # Filter unwanted Requires found by /usr/lib/rpm/perldeps.pl: # create a wrapper script which runs the original perl_requires @@ -165,6 +163,10 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib %changelog +* Mon Feb 01 2010 Emmanuel Seyman - 3.4.5-1 +- Update to 3.4.5 (CVE-2009-3989, CVE-2009-3387) +- Remove bugzilla-EL5-perl-versions.patch which is EPEL-specific + * Thu Nov 19 2009 Emmanuel Seyman - 3.4.4-1 - Update to 3.4.4 (CVE-2009-3386) diff --git a/sources b/sources index 40c7b89..31fb27a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -a59031c15fb79e9096c0a350c2382cfe bugzilla-3.4.4.tar.gz +42c7f6bf31be3198cbf1f55fffaff441 bugzilla-3.4.5.tar.gz From 4c397a9a744594b214396af62c5e81e1fca36c14 Mon Sep 17 00:00:00 2001 From: Jesse Keating Date: Wed, 17 Feb 2010 01:00:02 +0000 Subject: [PATCH 07/25] Initialize branch F-13 for bugzilla --- branch | 1 + 1 file changed, 1 insertion(+) create mode 100644 branch diff --git a/branch b/branch new file mode 100644 index 0000000..baa94ef --- /dev/null +++ b/branch @@ -0,0 +1 @@ +F-13 From c1513c53dc1d53b45276b3dda310c8a2805a51e7 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Sat, 8 May 2010 01:44:18 +0000 Subject: [PATCH 08/25] Initialize branch EL-6 for bugzilla --- branch | 1 + 1 file changed, 1 insertion(+) create mode 100644 branch diff --git a/branch b/branch new file mode 100644 index 0000000..46381b9 --- /dev/null +++ b/branch @@ -0,0 +1 @@ +EL-6 From 71331e32ae870b188f98e6f66ac0d9cca9131f42 Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Thu, 24 Jun 2010 23:56:34 +0000 Subject: [PATCH 09/25] Update to 3.4.7 --- .cvsignore | 2 +- bugzilla.spec | 5 ++++- sources | 2 +- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.cvsignore b/.cvsignore index b5354fa..d44a18a 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -bugzilla-3.4.5.tar.gz +bugzilla-3.4.7.tar.gz diff --git a/bugzilla.spec b/bugzilla.spec index 31e4474..ee3d7a1 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,7 +4,7 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 3.4.5 +Version: 3.4.7 Group: Applications/Publishing Release: 1%{?dist} License: MPLv1.1 @@ -163,6 +163,9 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib %changelog +* Fri Jun 25 2010 Emmanuel Seyman - 3.4.7-1 +- Update to 3.4.7 (CVE-2010-1204) + * Mon Feb 01 2010 Emmanuel Seyman - 3.4.5-1 - Update to 3.4.5 (CVE-2009-3989, CVE-2009-3387) - Remove bugzilla-EL5-perl-versions.patch which is EPEL-specific diff --git a/sources b/sources index 31fb27a..b423207 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -42c7f6bf31be3198cbf1f55fffaff441 bugzilla-3.4.5.tar.gz +093368cea8c487cce24b23156329a0ab bugzilla-3.4.7.tar.gz From 148bceaa6f8d6e7a76b7eaf6dc91080c074bb412 Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Wed, 30 Jun 2010 15:50:02 +0000 Subject: [PATCH 10/25] Remove mod_perl from the requirements --- bugzilla.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/bugzilla.spec b/bugzilla.spec index ee3d7a1..4ed22bb 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -6,7 +6,7 @@ URL: http://www.bugzilla.org/ Name: bugzilla Version: 3.4.7 Group: Applications/Publishing -Release: 1%{?dist} +Release: 2%{?dist} License: MPLv1.1 Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar.gz Source1: bugzilla-httpd-conf @@ -15,7 +15,7 @@ Patch0: bugzilla-rw-paths.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch -Requires: webserver, patchutils, mod_perl, perl(SOAP::Lite), perl(Digest::SHA), which +Requires: webserver, patchutils, perl(SOAP::Lite), perl(Digest::SHA), which Requires: perl(CGI) >= 3.33 Requires: perl(Date::Format) >= 2.21 Requires: perl(DateTime) >= 0.28 @@ -163,6 +163,9 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib %changelog +* Wed Jun 30 2010 Emmanuel Seyman - 3.4.7-2 +- Remove mod_perl from the requirements (#600924) + * Fri Jun 25 2010 Emmanuel Seyman - 3.4.7-1 - Update to 3.4.7 (CVE-2010-1204) From 0f49212bad216d24d38425863a9ce58698661104 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 28 Jul 2010 11:18:51 +0000 Subject: [PATCH 11/25] dist-git conversion --- .cvsignore => .gitignore | 0 Makefile | 21 --------------------- branch | 1 - import.log | 5 ----- 4 files changed, 27 deletions(-) rename .cvsignore => .gitignore (100%) delete mode 100644 Makefile delete mode 100644 branch delete mode 100644 import.log diff --git a/.cvsignore b/.gitignore similarity index 100% rename from .cvsignore rename to .gitignore diff --git a/Makefile b/Makefile deleted file mode 100644 index 8518ff4..0000000 --- a/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# Makefile for source rpm: bugzilla -# $Id$ -NAME := bugzilla -SPECFILE = $(firstword $(wildcard *.spec)) - -define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done -endef - -MAKEFILE_COMMON := $(shell $(find-makefile-common)) - -ifeq ($(MAKEFILE_COMMON),) -# attept a checkout -define checkout-makefile-common -test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 -endef - -MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) -endif - -include $(MAKEFILE_COMMON) diff --git a/branch b/branch deleted file mode 100644 index baa94ef..0000000 --- a/branch +++ /dev/null @@ -1 +0,0 @@ -F-13 diff --git a/import.log b/import.log deleted file mode 100644 index 691275c..0000000 --- a/import.log +++ /dev/null @@ -1,5 +0,0 @@ -bugzilla-3_0_8-1_fc11:HEAD:bugzilla-3.0.8-1.fc11.src.rpm:1235878106 -bugzilla-3_2_2-2_fc10:HEAD:bugzilla-3.2.2-2.fc10.src.rpm:1236265998 -bugzilla-3_2_3-1_fc11:HEAD:bugzilla-3.2.3-1.fc11.src.rpm:1239059931 -bugzilla-3_2_4-1_fc11:HEAD:bugzilla-3.2.4-1.fc11.src.rpm:1247080670 -bugzilla-3_4_1-2_fc12:HEAD:bugzilla-3.4.1-2.fc12.src.rpm:1249360212 From 0a9e3b1feb72f7d629a5b14fc65730c886a8d3ea Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 28 Jul 2010 11:19:04 +0000 Subject: [PATCH 12/25] dist-git conversion --- .cvsignore => .gitignore | 0 Makefile | 21 --------------------- branch | 1 - import.log | 5 ----- 4 files changed, 27 deletions(-) rename .cvsignore => .gitignore (100%) delete mode 100644 Makefile delete mode 100644 branch delete mode 100644 import.log diff --git a/.cvsignore b/.gitignore similarity index 100% rename from .cvsignore rename to .gitignore diff --git a/Makefile b/Makefile deleted file mode 100644 index 8518ff4..0000000 --- a/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# Makefile for source rpm: bugzilla -# $Id$ -NAME := bugzilla -SPECFILE = $(firstword $(wildcard *.spec)) - -define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done -endef - -MAKEFILE_COMMON := $(shell $(find-makefile-common)) - -ifeq ($(MAKEFILE_COMMON),) -# attept a checkout -define checkout-makefile-common -test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 -endef - -MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) -endif - -include $(MAKEFILE_COMMON) diff --git a/branch b/branch deleted file mode 100644 index 46381b9..0000000 --- a/branch +++ /dev/null @@ -1 +0,0 @@ -EL-6 diff --git a/import.log b/import.log deleted file mode 100644 index 691275c..0000000 --- a/import.log +++ /dev/null @@ -1,5 +0,0 @@ -bugzilla-3_0_8-1_fc11:HEAD:bugzilla-3.0.8-1.fc11.src.rpm:1235878106 -bugzilla-3_2_2-2_fc10:HEAD:bugzilla-3.2.2-2.fc10.src.rpm:1236265998 -bugzilla-3_2_3-1_fc11:HEAD:bugzilla-3.2.3-1.fc11.src.rpm:1239059931 -bugzilla-3_2_4-1_fc11:HEAD:bugzilla-3.2.4-1.fc11.src.rpm:1247080670 -bugzilla-3_4_1-2_fc12:HEAD:bugzilla-3.4.1-2.fc12.src.rpm:1249360212 From f36469548fead4926521e5415cdc33d9881ffa62 Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Wed, 18 Aug 2010 23:55:58 +0200 Subject: [PATCH 13/25] * Update to 3.4.8 (#623426, #615331) * Only run checksetup if /etc/bugzilla/localconfig does not exist (#610210) * Add bugzilla-contrib to Requires (#610198) --- .gitignore | 1 + bugzilla.spec | 12 +++++++++--- sources | 2 +- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index d44a18a..4ae8851 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ bugzilla-3.4.7.tar.gz +/bugzilla-3.4.8.tar.gz diff --git a/bugzilla.spec b/bugzilla.spec index 4ed22bb..240c368 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,9 +4,9 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 3.4.7 +Version: 3.4.8 Group: Applications/Publishing -Release: 2%{?dist} +Release: 1%{?dist} License: MPLv1.1 Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar.gz Source1: bugzilla-httpd-conf @@ -26,6 +26,7 @@ Requires: perl(Email::Send) >= 2.00 Requires: perl(Email::MIME) >= 1.861 Requires: perl(Email::MIME::Encodings) >= 1.313 Requires: perl(Email::MIME::Modifier) >= 1.442 +Requires: bugzilla-contrib %package doc Summary: Bugzilla documentation @@ -117,7 +118,7 @@ rm -rf ${RPM_BUILD_ROOT} %post (pushd %{bzinstallprefix}/bugzilla > /dev/null -./checksetup.pl > /dev/null +[ -f /etc/bugzilla/localconfig ] || ./checksetup.pl > /dev/null popd > /dev/null) %files @@ -163,6 +164,11 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib %changelog +* Wed Aug 18 2010 Emmanuel Seyman - 3.6.2-1 +- Update to 3.4.8 (#623426, #615331) +- Only run checksetup if /etc/bugzilla/localconfig does not exist (#610210) +- Add bugzilla-contrib to Requires (#610198) + * Wed Jun 30 2010 Emmanuel Seyman - 3.4.7-2 - Remove mod_perl from the requirements (#600924) diff --git a/sources b/sources index b423207..4442e1f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -093368cea8c487cce24b23156329a0ab bugzilla-3.4.7.tar.gz +1b045455035e10094f57a2e160abe121 bugzilla-3.4.8.tar.gz From d3ccf068006f01534612628348328c6da9eabf7f Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Thu, 19 Aug 2010 00:02:48 +0200 Subject: [PATCH 14/25] Bump to correct changelog version --- bugzilla.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/bugzilla.spec b/bugzilla.spec index 240c368..6d2bfb5 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -6,7 +6,7 @@ URL: http://www.bugzilla.org/ Name: bugzilla Version: 3.4.8 Group: Applications/Publishing -Release: 1%{?dist} +Release: 2%{?dist} License: MPLv1.1 Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar.gz Source1: bugzilla-httpd-conf @@ -164,7 +164,10 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib %changelog -* Wed Aug 18 2010 Emmanuel Seyman - 3.6.2-1 +* Thu Aug 19 2010 Emmanuel Seyman - 3.4.8-2 +- Bump to correct changelog version + +* Wed Aug 18 2010 Emmanuel Seyman - 3.4.8-1 - Update to 3.4.8 (#623426, #615331) - Only run checksetup if /etc/bugzilla/localconfig does not exist (#610210) - Add bugzilla-contrib to Requires (#610198) From 3db463aedb9f4efb077d194ea096036ba1a4e41a Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Thu, 4 Nov 2010 00:09:07 +0100 Subject: [PATCH 15/25] Update to 3.4.9 --- .gitignore | 1 + bugzilla-rw-paths.patch | 10 +++++----- bugzilla.spec | 7 +++++-- sources | 2 +- 4 files changed, 12 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index 4ae8851..462b857 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ bugzilla-3.4.7.tar.gz /bugzilla-3.4.8.tar.gz +/bugzilla-3.4.9.tar.gz diff --git a/bugzilla-rw-paths.patch b/bugzilla-rw-paths.patch index a6a9c59..0393fe3 100644 --- a/bugzilla-rw-paths.patch +++ b/bugzilla-rw-paths.patch @@ -1,6 +1,6 @@ ---- bugzilla-3.4/Bugzilla/Constants.pm 2009-02-03 10:02:53.000000000 +0000 -+++ bugzilla-3.4-rw/Bugzilla/Constants.pm 2009-02-18 17:59:52.000000000 +0000 -@@ -499,9 +499,9 @@ sub bz_locations { +--- bugzilla-3.4/Bugzilla/Constants.pm.orig 2010-11-03 01:47:33.000000000 +0100 ++++ bugzilla-3.4-rw/Bugzilla/Constants.pm 2010-11-04 00:00:51.000000000 +0100 +@@ -511,9 +511,9 @@ 'cgi_path' => $libpath, 'templatedir' => "$libpath/template", 'project' => $project, @@ -11,9 +11,9 @@ + 'datadir' => "/var/lib/bugzilla/$datadir", + 'attachdir' => "/var/lib/bugzilla/$datadir/attachments", 'skinsdir' => "$libpath/skins", + 'graphsdir' => "$libpath/graphs", # $webdotdir must be in the web server's tree somewhere. Even if you use a - # local dot, we output images to there. Also, if $webdotdir is -@@ -509,7 +509,7 @@ sub bz_locations { +@@ -522,7 +522,7 @@ # change showdependencygraph.cgi to set image_url to the correct # location. # The script should really generate these graphs directly... diff --git a/bugzilla.spec b/bugzilla.spec index 6d2bfb5..53ab25b 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,9 +4,9 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 3.4.8 +Version: 3.4.9 Group: Applications/Publishing -Release: 2%{?dist} +Release: 1%{?dist} License: MPLv1.1 Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar.gz Source1: bugzilla-httpd-conf @@ -164,6 +164,9 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib %changelog +* Wed Nov 03 2010 Emmanuel Seyman - 3.4.9-1 +- Update to 3.4.9 + * Thu Aug 19 2010 Emmanuel Seyman - 3.4.8-2 - Bump to correct changelog version diff --git a/sources b/sources index 4442e1f..81b53aa 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -1b045455035e10094f57a2e160abe121 bugzilla-3.4.8.tar.gz +c80b55d24c60d1753afb8b3d82d5a071 bugzilla-3.4.9.tar.gz From fbe14032f4b88cfd9200de5cdd8e640cb208b25f Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Tue, 25 Jan 2011 11:10:32 +0100 Subject: [PATCH 16/25] Update to 3.4.10 --- .gitignore | 1 + bugzilla.spec | 5 ++++- sources | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 462b857..b416552 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ bugzilla-3.4.7.tar.gz /bugzilla-3.4.8.tar.gz /bugzilla-3.4.9.tar.gz +/bugzilla-3.4.10.tar.gz diff --git a/bugzilla.spec b/bugzilla.spec index 53ab25b..7205a47 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,7 +4,7 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 3.4.9 +Version: 3.4.10 Group: Applications/Publishing Release: 1%{?dist} License: MPLv1.1 @@ -164,6 +164,9 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib %changelog +* Tue Jan 25 2011 Emmanuel Seyman - 3.4.10-1 +- Update to 3.4.10 + * Wed Nov 03 2010 Emmanuel Seyman - 3.4.9-1 - Update to 3.4.9 diff --git a/sources b/sources index 81b53aa..1bfc1b2 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -c80b55d24c60d1753afb8b3d82d5a071 bugzilla-3.4.9.tar.gz +1891910fc64d7ccbe5ea30630b0c3432 bugzilla-3.4.10.tar.gz From 7fab7336fa3c8ed8de3727f0bec7debd9a084b0a Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Tue, 8 Mar 2011 10:25:30 +0100 Subject: [PATCH 17/25] Put contrib/recode.pl in the main package so that it no longer depends on python and ruby --- bugzilla.spec | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/bugzilla.spec b/bugzilla.spec index 7205a47..a3d21c6 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -6,7 +6,7 @@ URL: http://www.bugzilla.org/ Name: bugzilla Version: 3.4.10 Group: Applications/Publishing -Release: 1%{?dist} +Release: 2%{?dist} License: MPLv1.1 Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar.gz Source1: bugzilla-httpd-conf @@ -26,7 +26,6 @@ Requires: perl(Email::Send) >= 2.00 Requires: perl(Email::MIME) >= 1.861 Requires: perl(Email::MIME::Encodings) >= 1.313 Requires: perl(Email::MIME::Modifier) >= 1.442 -Requires: bugzilla-contrib %package doc Summary: Bugzilla documentation @@ -139,6 +138,7 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/lib/README %{bzinstallprefix}/bugzilla/cron.daily %{bzinstallprefix}/bugzilla/cron.whine +%{bzinstallprefix}/bugzilla/contrib/recode.pl %ghost %{bzinstallprefix}/bugzilla/bugzilla-req %config(noreplace) %{_sysconfdir}/httpd/conf.d/bugzilla.conf %defattr(-,root,root,-) @@ -161,9 +161,30 @@ popd > /dev/null) %files contrib %defattr(-,root,root,-) -%{bzinstallprefix}/bugzilla/contrib +%{bzinstallprefix}/bugzilla/contrib/bugzilla_ldapsync.rb +%{bzinstallprefix}/bugzilla/contrib/bugzilla-queue +%{bzinstallprefix}/bugzilla/contrib/bugzilla-submit +%{bzinstallprefix}/bugzilla/contrib/bzdbcopy.pl +%{bzinstallprefix}/bugzilla/contrib/bz_webservice_demo.pl +%{bzinstallprefix}/bugzilla/contrib/cmdline +%{bzinstallprefix}/bugzilla/contrib/cvs-update.pl +%{bzinstallprefix}/bugzilla/contrib/fixperms.pl +%{bzinstallprefix}/bugzilla/contrib/gnats2bz.pl +%{bzinstallprefix}/bugzilla/contrib/gnatsparse +%{bzinstallprefix}/bugzilla/contrib/jb2bz.py* +%{bzinstallprefix}/bugzilla/contrib/merge-users.pl +%{bzinstallprefix}/bugzilla/contrib/mysqld-watcher.pl +%{bzinstallprefix}/bugzilla/contrib/README +%{bzinstallprefix}/bugzilla/contrib/sendbugmail.pl +%{bzinstallprefix}/bugzilla/contrib/sendunsentbugmail.pl +%{bzinstallprefix}/bugzilla/contrib/syncLDAP.pl +%{bzinstallprefix}/bugzilla/contrib/yp_nomail.sh %changelog +* Tue Mar 08 2011 Emmanuel Seyman - 3.4.10-2 +- Put contrib/recode.pl in the main package so that it no longer depends on + python and ruby + * Tue Jan 25 2011 Emmanuel Seyman - 3.4.10-1 - Update to 3.4.10 From 9739db216eacea7cb5d8f0d89bcb1294a3dac423 Mon Sep 17 00:00:00 2001 From: Emmanuel Seyman Date: Sun, 1 May 2011 18:49:02 +0200 Subject: [PATCH 18/25] Update to 3.4.11 --- .gitignore | 1 + bugzilla.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index b416552..078619f 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ bugzilla-3.4.7.tar.gz /bugzilla-3.4.8.tar.gz /bugzilla-3.4.9.tar.gz /bugzilla-3.4.10.tar.gz +/bugzilla-3.4.11.tar.gz diff --git a/bugzilla.spec b/bugzilla.spec index a3d21c6..ef929d9 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,9 +4,9 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 3.4.10 +Version: 3.4.11 Group: Applications/Publishing -Release: 2%{?dist} +Release: 1%{?dist} License: MPLv1.1 Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar.gz Source1: bugzilla-httpd-conf @@ -181,6 +181,9 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib/yp_nomail.sh %changelog +* Sun May 01 2011 Emmanuel Seyman - 3.4.11-1 +- Update to 3.4.11 + * Tue Mar 08 2011 Emmanuel Seyman - 3.4.10-2 - Put contrib/recode.pl in the main package so that it no longer depends on python and ruby diff --git a/sources b/sources index 1bfc1b2..fe4cf9f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -1891910fc64d7ccbe5ea30630b0c3432 bugzilla-3.4.10.tar.gz +37b9c3ff57327afaa3b1a37d87fb9a8a bugzilla-3.4.11.tar.gz From 95a38dd23541989639f60aece53dc72631e62606 Mon Sep 17 00:00:00 2001 From: Xavier Bachelot Date: Thu, 15 Sep 2011 23:25:37 +0200 Subject: [PATCH 19/25] 3.4.12 --- README.fedora.bugzilla | 2 +- bugzilla-httpd-conf | 4 +++- bugzilla.spec | 11 +++++++++-- 3 files changed, 13 insertions(+), 4 deletions(-) diff --git a/README.fedora.bugzilla b/README.fedora.bugzilla index 2611a75..9814898 100644 --- a/README.fedora.bugzilla +++ b/README.fedora.bugzilla @@ -20,6 +20,6 @@ put in place after configuration is done. The first is a daily cron job for statistics collection. This is in the file "cron.daily" and can be enabled by simply copying this file to /etc/cron.daily/bugzilla (or any other file name in the /etc/cron.daily/ directory). The second is the "whine" cron job, -designed to run every 15 minutes. To enable this job, simply coopy the +designed to run every 15 minutes. To enable this job, simply copy the cron.whine file to /etc/cron.d/bugzilla (or any othe filename within the /etc/cron.d/ directory). diff --git a/bugzilla-httpd-conf b/bugzilla-httpd-conf index bf195de..107c405 100644 --- a/bugzilla-httpd-conf +++ b/bugzilla-httpd-conf @@ -4,6 +4,8 @@ Alias /bugzilla /usr/share/bugzilla AddHandler cgi-script .cgi Options +Indexes +ExecCGI +FollowSymLinks - DirectoryIndex index.cgi + DirectoryIndex index.cgi index.html AllowOverride Limit Options FileInfo + AddType application/vnd.mozilla.xul+xml .xul + AddType application/rdf+xml .rdf diff --git a/bugzilla.spec b/bugzilla.spec index ef929d9..49e0f14 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,7 +4,7 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 3.4.11 +Version: 3.4.12 Group: Applications/Publishing Release: 1%{?dist} License: MPLv1.1 @@ -121,7 +121,7 @@ rm -rf ${RPM_BUILD_ROOT} popd > /dev/null) %files -%defattr(-,root,root,-) +%defattr(-,root,apache,-) %dir %{bzinstallprefix}/bugzilla %{bzinstallprefix}/bugzilla/*.cgi %{bzinstallprefix}/bugzilla/*.pl @@ -181,6 +181,13 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib/yp_nomail.sh %changelog +* Thu Sep 15 2011 Xavier Bachelot - 3.4.12-1 +- Update to 3.4.12 : security fixes for CVE-2011-2379, CVE-2011-2380, + CVE-2011-2381, CVE-2011-2978 and CVE-2011-2976 (RHBZ#729158). +- Fix httpd conf (RHBZ#736579, RHBZ #736584). +- Fix typo in doc (RHBZ#736581). +- Fix files ownership (RHBZ#736583). + * Sun May 01 2011 Emmanuel Seyman - 3.4.11-1 - Update to 3.4.11 From ad16000fc9b7f2454e812a383b25e62cf97dbebb Mon Sep 17 00:00:00 2001 From: Xavier Bachelot Date: Sun, 23 Oct 2011 15:55:32 +0200 Subject: [PATCH 20/25] 3.4.12 tarball --- .gitignore | 1 + sources | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index e5b63e3..bcbde5e 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ bugzilla-3.4.7.tar.gz /bugzilla-3.4.9.tar.gz /bugzilla-3.4.10.tar.gz /bugzilla-3.4.11.tar.gz +/bugzilla-3.4.12.tar.gz diff --git a/sources b/sources index fe4cf9f..6c2c867 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -37b9c3ff57327afaa3b1a37d87fb9a8a bugzilla-3.4.11.tar.gz +3f58dec254510494aa4585a5908c7178 bugzilla-3.4.12.tar.gz From 3d9c54c3f33e66e59ee4d4b416d4dd9bf2022bbb Mon Sep 17 00:00:00 2001 From: Xavier Bachelot Date: Thu, 29 Dec 2011 21:33:13 +0100 Subject: [PATCH 21/25] 3.4.13 --- .gitignore | 1 + bugzilla.spec | 5 ++++- sources | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index bcbde5e..9c0ec17 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ bugzilla-3.4.7.tar.gz /bugzilla-3.4.10.tar.gz /bugzilla-3.4.11.tar.gz /bugzilla-3.4.12.tar.gz +/bugzilla-3.4.13.tar.gz diff --git a/bugzilla.spec b/bugzilla.spec index 49e0f14..5aafa58 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,7 +4,7 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 3.4.12 +Version: 3.4.13 Group: Applications/Publishing Release: 1%{?dist} License: MPLv1.1 @@ -181,6 +181,9 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib/yp_nomail.sh %changelog +* Thu Dec 29 2011 Xavier Bachelot - 3.4.13-1 +- Update to 3.4.13 : security fixes for CVE-2011-3657 and CVE-2011-3667. + * Thu Sep 15 2011 Xavier Bachelot - 3.4.12-1 - Update to 3.4.12 : security fixes for CVE-2011-2379, CVE-2011-2380, CVE-2011-2381, CVE-2011-2978 and CVE-2011-2976 (RHBZ#729158). diff --git a/sources b/sources index 6c2c867..140fa7d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -3f58dec254510494aa4585a5908c7178 bugzilla-3.4.12.tar.gz +babcb8898ccdd5231fe0198a6eb91506 bugzilla-3.4.13.tar.gz From c84d44432fc4fe437479088d52925136eda60005 Mon Sep 17 00:00:00 2001 From: Xavier Bachelot Date: Wed, 1 Feb 2012 22:04:26 +0100 Subject: [PATCH 22/25] 3.4.14 --- .gitignore | 1 + bugzilla.spec | 5 ++++- sources | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 9c0ec17..17d5518 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ bugzilla-3.4.7.tar.gz /bugzilla-3.4.11.tar.gz /bugzilla-3.4.12.tar.gz /bugzilla-3.4.13.tar.gz +/bugzilla-3.4.14.tar.gz diff --git a/bugzilla.spec b/bugzilla.spec index 5aafa58..17eda31 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -4,7 +4,7 @@ Summary: Bug tracking system URL: http://www.bugzilla.org/ Name: bugzilla -Version: 3.4.13 +Version: 3.4.14 Group: Applications/Publishing Release: 1%{?dist} License: MPLv1.1 @@ -181,6 +181,9 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib/yp_nomail.sh %changelog +* Wed Feb 01 2012 Xavier Bachelot - 3.4.14-1 +- Update to 3.4.14 : security fix for CVE-2012-0448. + * Thu Dec 29 2011 Xavier Bachelot - 3.4.13-1 - Update to 3.4.13 : security fixes for CVE-2011-3657 and CVE-2011-3667. diff --git a/sources b/sources index 140fa7d..871f04e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -babcb8898ccdd5231fe0198a6eb91506 bugzilla-3.4.13.tar.gz +f90fc71faaea9b09e6986d26c60216da bugzilla-3.4.14.tar.gz From 684bbcd5e5d2b62d01125b82de421cb225669d90 Mon Sep 17 00:00:00 2001 From: Xavier Bachelot Date: Fri, 20 Apr 2012 02:32:34 +0200 Subject: [PATCH 23/25] CVE-2012-0466 --- bugzilla-3.4.14-CVE-2012-0466.patch | 84 +++++++++++++++++++++++++++++ bugzilla.spec | 7 ++- 2 files changed, 90 insertions(+), 1 deletion(-) create mode 100644 bugzilla-3.4.14-CVE-2012-0466.patch diff --git a/bugzilla-3.4.14-CVE-2012-0466.patch b/bugzilla-3.4.14-CVE-2012-0466.patch new file mode 100644 index 0000000..7489b1f --- /dev/null +++ b/bugzilla-3.4.14-CVE-2012-0466.patch @@ -0,0 +1,84 @@ +=== modified file 'buglist.cgi' +--- buglist.cgi 2012-04-17 18:41:05 +0000 ++++ buglist.cgi 2012-04-18 12:06:08 +0000 +@@ -112,16 +112,6 @@ + $cgi->param('ctype', "atom"); + } + +-# The js ctype presents a security risk; a malicious site could use it +-# to gather information about secure bugs. So, we only allow public bugs to be +-# retrieved with this format. +-# +-# Note that if and when this call clears cookies or has other persistent +-# effects, we'll need to do this another way instead. +-if ((defined $cgi->param('ctype')) && ($cgi->param('ctype') eq "js")) { +- Bugzilla->logout_request(); +-} +- + # An agent is a program that automatically downloads and extracts data + # on its user's behalf. If this request comes from an agent, we turn off + # various aspects of bug list functionality so agent requests succeed + +=== modified file 'docs/en/xml/using.xml' +--- docs/en/xml/using.xml 2011-01-28 16:30:29 +0000 ++++ docs/en/xml/using.xml 2012-04-18 12:06:08 +0000 +@@ -659,16 +659,6 @@ + + + +- +- +- If you would like to access the bug list from another program +- it is often useful to have the list returned in something other +- than HTML. By adding the ctype=type parameter into the bug list URL +- you can specify several alternate formats. Besides the types described +- above, the following formats are also supported: ECMAScript, also known +- as JavaScript (ctype=js), and Resource Description Framework RDF/XML +- (ctype=rdf). +- + + +
+ +=== removed file 'template/en/default/list/list.js.tmpl' +--- template/en/default/list/list.js.tmpl 2007-08-20 23:24:38 +0000 ++++ template/en/default/list/list.js.tmpl 1970-01-01 00:00:00 +0000 +@@ -1,37 +0,0 @@ +-[%# The contents of this file are subject to the Mozilla Public +- # License Version 1.1 (the "License"); you may not use this file +- # except in compliance with the License. You may obtain a copy of +- # the License at http://www.mozilla.org/MPL/ +- # +- # Software distributed under the License is distributed on an "AS +- # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +- # implied. See the License for the specific language governing +- # rights and limitations under the License. +- # +- # The Original Code is the Bugzilla Bug Tracking System. +- # +- # The Initial Developer of the Original Code is Netscape Communications +- # Corporation. Portions created by Netscape are +- # Copyright (C) 1998 Netscape Communications Corporation. All +- # Rights Reserved. +- # +- # Contributor(s): Gervase Markham +- #%] +- +-// Note: only publicly-accessible bugs (those not in any group) will be +-// listed when using this JavaScript format. This is to prevent malicious +-// sites stealing information about secure bugs. +- +-bugs = new Array; +- +-[% FOREACH bug = bugs %] +- bugs[[% bug.bug_id %]] = [ +- [% FOREACH column = displaycolumns %] +- "[%- bug.$column FILTER js -%]"[% "," UNLESS loop.last %] +- [% END %] +- ]; +-[% END %] +- +-if (window.buglistCallback) { +- buglistCallback(bugs); +-} + diff --git a/bugzilla.spec b/bugzilla.spec index 17eda31..aec9bf7 100644 --- a/bugzilla.spec +++ b/bugzilla.spec @@ -6,12 +6,13 @@ URL: http://www.bugzilla.org/ Name: bugzilla Version: 3.4.14 Group: Applications/Publishing -Release: 1%{?dist} +Release: 2%{?dist} License: MPLv1.1 Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar.gz Source1: bugzilla-httpd-conf Source2: README.fedora.bugzilla Patch0: bugzilla-rw-paths.patch +Patch1: bugzilla-3.4.14-CVE-2012-0466.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch @@ -58,6 +59,7 @@ Contributed scripts and functions for Bugzilla %prep %setup -q -n %{name}-%{version} %patch0 -p1 +%patch1 -p0 # Filter unwanted Requires found by /usr/lib/rpm/perldeps.pl: # create a wrapper script which runs the original perl_requires @@ -181,6 +183,9 @@ popd > /dev/null) %{bzinstallprefix}/bugzilla/contrib/yp_nomail.sh %changelog +* Fri Apr 20 2012 Xavier Bachelot - 3.4.14-2 +- Add patch for CVE-2012-0466. + * Wed Feb 01 2012 Xavier Bachelot - 3.4.14-1 - Update to 3.4.14 : security fix for CVE-2012-0448. From 8bb234ab2e7f2514c1f3299412c56154b862339a Mon Sep 17 00:00:00 2001 From: Xavier Bachelot Date: Fri, 20 Apr 2012 03:57:34 +0200 Subject: [PATCH 24/25] fix patch to avoid spurious .orig --- bugzilla-3.4.14-CVE-2012-0466.patch | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bugzilla-3.4.14-CVE-2012-0466.patch b/bugzilla-3.4.14-CVE-2012-0466.patch index 7489b1f..a2397f1 100644 --- a/bugzilla-3.4.14-CVE-2012-0466.patch +++ b/bugzilla-3.4.14-CVE-2012-0466.patch @@ -1,7 +1,7 @@ === modified file 'buglist.cgi' --- buglist.cgi 2012-04-17 18:41:05 +0000 +++ buglist.cgi 2012-04-18 12:06:08 +0000 -@@ -112,16 +112,6 @@ +@@ -134,16 +134,6 @@ $cgi->param('ctype', "atom"); } @@ -22,7 +22,7 @@ === modified file 'docs/en/xml/using.xml' --- docs/en/xml/using.xml 2011-01-28 16:30:29 +0000 +++ docs/en/xml/using.xml 2012-04-18 12:06:08 +0000 -@@ -659,16 +659,6 @@ +@@ -661,16 +661,6 @@ From 48c907ef8cfe520188f2a0da02aa00b917ab0172 Mon Sep 17 00:00:00 2001 From: Itamar Reis Peixoto Date: Fri, 30 Mar 2018 13:30:42 -0300 Subject: [PATCH 25/25] can't upgrade bugzilla on el6 without upgrading el6 base packages --- .gitignore | 9 - README.fedora.bugzilla | 25 -- bugzilla-3.4.14-CVE-2012-0466.patch | 84 ------ bugzilla-httpd-conf | 11 - bugzilla-rw-paths.patch | 24 -- bugzilla.spec | 392 ---------------------------- dead.package | 1 + sources | 1 - 8 files changed, 1 insertion(+), 546 deletions(-) delete mode 100644 .gitignore delete mode 100644 README.fedora.bugzilla delete mode 100644 bugzilla-3.4.14-CVE-2012-0466.patch delete mode 100644 bugzilla-httpd-conf delete mode 100644 bugzilla-rw-paths.patch delete mode 100644 bugzilla.spec create mode 100644 dead.package delete mode 100644 sources diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 17d5518..0000000 --- a/.gitignore +++ /dev/null @@ -1,9 +0,0 @@ -bugzilla-3.4.5.tar.gz -bugzilla-3.4.7.tar.gz -/bugzilla-3.4.8.tar.gz -/bugzilla-3.4.9.tar.gz -/bugzilla-3.4.10.tar.gz -/bugzilla-3.4.11.tar.gz -/bugzilla-3.4.12.tar.gz -/bugzilla-3.4.13.tar.gz -/bugzilla-3.4.14.tar.gz diff --git a/README.fedora.bugzilla b/README.fedora.bugzilla deleted file mode 100644 index 9814898..0000000 --- a/README.fedora.bugzilla +++ /dev/null @@ -1,25 +0,0 @@ -Bugzilla is a powerful bug tracking system used by a large number of open -source projects. - -In order to use Bugzilla, you will first need to configure it for your -environment. The first step to doing this is to run the checksetup.pl -script, which will perform module version checks and create an initial -config file in /etc/bugzilla called localconfig. You then need to ensure -the values in this file are accurate for your environment. - -Once this is done, you may need to modify default settings for your database -to ensure it accepts Bugzilla data properly. Please see -http://www.bugzilla.org/docs/2.22/html/configuration.html for specifics of -database setting modifications. - -Lastly, simply re-run checksetup.pl to populate the database tables, set up -the templates, and add the administrator ID. You should be done at this point. - -There are two useful cron jobs which are included with Bugzilla which should be -put in place after configuration is done. The first is a daily cron job for -statistics collection. This is in the file "cron.daily" and can be enabled by -simply copying this file to /etc/cron.daily/bugzilla (or any other file name -in the /etc/cron.daily/ directory). The second is the "whine" cron job, -designed to run every 15 minutes. To enable this job, simply copy the -cron.whine file to /etc/cron.d/bugzilla (or any othe filename within the -/etc/cron.d/ directory). diff --git a/bugzilla-3.4.14-CVE-2012-0466.patch b/bugzilla-3.4.14-CVE-2012-0466.patch deleted file mode 100644 index a2397f1..0000000 --- a/bugzilla-3.4.14-CVE-2012-0466.patch +++ /dev/null @@ -1,84 +0,0 @@ -=== modified file 'buglist.cgi' ---- buglist.cgi 2012-04-17 18:41:05 +0000 -+++ buglist.cgi 2012-04-18 12:06:08 +0000 -@@ -134,16 +134,6 @@ - $cgi->param('ctype', "atom"); - } - --# The js ctype presents a security risk; a malicious site could use it --# to gather information about secure bugs. So, we only allow public bugs to be --# retrieved with this format. --# --# Note that if and when this call clears cookies or has other persistent --# effects, we'll need to do this another way instead. --if ((defined $cgi->param('ctype')) && ($cgi->param('ctype') eq "js")) { -- Bugzilla->logout_request(); --} -- - # An agent is a program that automatically downloads and extracts data - # on its user's behalf. If this request comes from an agent, we turn off - # various aspects of bug list functionality so agent requests succeed - -=== modified file 'docs/en/xml/using.xml' ---- docs/en/xml/using.xml 2011-01-28 16:30:29 +0000 -+++ docs/en/xml/using.xml 2012-04-18 12:06:08 +0000 -@@ -661,16 +661,6 @@ - - - -- -- -- If you would like to access the bug list from another program -- it is often useful to have the list returned in something other -- than HTML. By adding the ctype=type parameter into the bug list URL -- you can specify several alternate formats. Besides the types described -- above, the following formats are also supported: ECMAScript, also known -- as JavaScript (ctype=js), and Resource Description Framework RDF/XML -- (ctype=rdf). -- -
- -
- -=== removed file 'template/en/default/list/list.js.tmpl' ---- template/en/default/list/list.js.tmpl 2007-08-20 23:24:38 +0000 -+++ template/en/default/list/list.js.tmpl 1970-01-01 00:00:00 +0000 -@@ -1,37 +0,0 @@ --[%# The contents of this file are subject to the Mozilla Public -- # License Version 1.1 (the "License"); you may not use this file -- # except in compliance with the License. You may obtain a copy of -- # the License at http://www.mozilla.org/MPL/ -- # -- # Software distributed under the License is distributed on an "AS -- # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or -- # implied. See the License for the specific language governing -- # rights and limitations under the License. -- # -- # The Original Code is the Bugzilla Bug Tracking System. -- # -- # The Initial Developer of the Original Code is Netscape Communications -- # Corporation. Portions created by Netscape are -- # Copyright (C) 1998 Netscape Communications Corporation. All -- # Rights Reserved. -- # -- # Contributor(s): Gervase Markham -- #%] -- --// Note: only publicly-accessible bugs (those not in any group) will be --// listed when using this JavaScript format. This is to prevent malicious --// sites stealing information about secure bugs. -- --bugs = new Array; -- --[% FOREACH bug = bugs %] -- bugs[[% bug.bug_id %]] = [ -- [% FOREACH column = displaycolumns %] -- "[%- bug.$column FILTER js -%]"[% "," UNLESS loop.last %] -- [% END %] -- ]; --[% END %] -- --if (window.buglistCallback) { -- buglistCallback(bugs); --} - diff --git a/bugzilla-httpd-conf b/bugzilla-httpd-conf deleted file mode 100644 index 107c405..0000000 --- a/bugzilla-httpd-conf +++ /dev/null @@ -1,11 +0,0 @@ -Alias /bugzilla/var/lib/bugzilla/data/webdot /var/lib/bugzilla/data/webdot -Alias /bugzilla /usr/share/bugzilla - - - AddHandler cgi-script .cgi - Options +Indexes +ExecCGI +FollowSymLinks - DirectoryIndex index.cgi index.html - AllowOverride Limit Options FileInfo - AddType application/vnd.mozilla.xul+xml .xul - AddType application/rdf+xml .rdf - diff --git a/bugzilla-rw-paths.patch b/bugzilla-rw-paths.patch deleted file mode 100644 index 0393fe3..0000000 --- a/bugzilla-rw-paths.patch +++ /dev/null @@ -1,24 +0,0 @@ ---- bugzilla-3.4/Bugzilla/Constants.pm.orig 2010-11-03 01:47:33.000000000 +0100 -+++ bugzilla-3.4-rw/Bugzilla/Constants.pm 2010-11-04 00:00:51.000000000 +0100 -@@ -511,9 +511,9 @@ - 'cgi_path' => $libpath, - 'templatedir' => "$libpath/template", - 'project' => $project, -- 'localconfig' => "$libpath/$localconfig", -- 'datadir' => "$libpath/$datadir", -- 'attachdir' => "$libpath/$datadir/attachments", -+ 'localconfig' => "/etc/bugzilla/$localconfig", -+ 'datadir' => "/var/lib/bugzilla/$datadir", -+ 'attachdir' => "/var/lib/bugzilla/$datadir/attachments", - 'skinsdir' => "$libpath/skins", - 'graphsdir' => "$libpath/graphs", - # $webdotdir must be in the web server's tree somewhere. Even if you use a -@@ -522,7 +522,7 @@ - # change showdependencygraph.cgi to set image_url to the correct - # location. - # The script should really generate these graphs directly... -- 'webdotdir' => "$libpath/$datadir/webdot", -+ 'webdotdir' => "/var/lib/bugzilla/$datadir/webdot", - 'extensionsdir' => "$libpath/extensions", - }; - } diff --git a/bugzilla.spec b/bugzilla.spec deleted file mode 100644 index aec9bf7..0000000 --- a/bugzilla.spec +++ /dev/null @@ -1,392 +0,0 @@ -%define bzinstallprefix %{_datadir} -%define bzdatadir %{_localstatedir}/lib/bugzilla - -Summary: Bug tracking system -URL: http://www.bugzilla.org/ -Name: bugzilla -Version: 3.4.14 -Group: Applications/Publishing -Release: 2%{?dist} -License: MPLv1.1 -Source0: http://ftp.mozilla.org/pub/mozilla.org/webtools/bugzilla-%{version}.tar.gz -Source1: bugzilla-httpd-conf -Source2: README.fedora.bugzilla -Patch0: bugzilla-rw-paths.patch -Patch1: bugzilla-3.4.14-CVE-2012-0466.patch - -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -BuildArch: noarch -Requires: webserver, patchutils, perl(SOAP::Lite), perl(Digest::SHA), which -Requires: perl(CGI) >= 3.33 -Requires: perl(Date::Format) >= 2.21 -Requires: perl(DateTime) >= 0.28 -Requires: perl(DateTime::TimeZone) >= 0.71 -Requires: perl(DBI) >= 1.41 -Requires: perl(Template) >= 2.22 -Requires: perl(Email::Send) >= 2.00 -Requires: perl(Email::MIME) >= 1.861 -Requires: perl(Email::MIME::Encodings) >= 1.313 -Requires: perl(Email::MIME::Modifier) >= 1.442 - -%package doc -Summary: Bugzilla documentation -Group: Documentation - -%package doc-build -Summary: Tools to generate the Bugzilla documentation -Group: Applications/Publishing - -%package contrib -Summary: Bugzilla contributed scripts -Group: Applications/Publishing -BuildRequires: python - -%description -Bugzilla is a popular bug tracking system used by multiple open source projects -It requires a database engine installed - either MySQL, PostgreSQL or Oracle. -Without one of these database engines (local or remote), Bugzilla will not work -- see the Release Notes for details. - -%description doc -Documentation distributed with the Bugzilla bug tracking system - -%description doc-build -Tools to generate the documentation distributed with Bugzilla - -%description contrib -Contributed scripts and functions for Bugzilla - -%prep -%setup -q -n %{name}-%{version} -%patch0 -p1 -%patch1 -p0 - -# Filter unwanted Requires found by /usr/lib/rpm/perldeps.pl: -# create a wrapper script which runs the original perl_requires -# command and strips some of the output -cat << \EOF > %{name}-req -#!/bin/sh -%{__perl_requires} $* |\ -sed -e '/perl(Authen::Radius)/d;/perl(DBD::Pg)/d;/perl(DBD::Oracle)/d;/perl(sanitycheck.cgi)/d' -EOF - -# use that wrapper script instead of the original perl_requires script -%define __perl_requires %{_builddir}/%{name}-%{version}/%{name}-req -chmod +x %{__perl_requires} - -# Deal with changing /usr/local paths here instead of via patches -%{__perl} -pi -e 's|/usr/local/bin/python\b|%{__python}|' contrib/*.py -%{__perl} -pi -e 's|/usr/local/bin/ruby\b|%{_bindir}/ruby|' contrib/*.rb -grep -rl '/usr/lib/sendmail\b' contrib docs \ -| xargs %{__perl} -pi -e 's|/usr/lib/sendmail\b|%{_sbindir}/sendmail|' - -%build -find . -depth -name CVS -type d -exec rm -rf {} \; -find . -depth -name .cvsignore -type f -exec rm -rf {} \; -# Remove the execute bit from files that don't start with #! -for file in `find -type f -perm /111`; do - if head -1 $file | egrep -v '^\#!' &>/dev/null; then - chmod a-x $file - fi -done -# Ensure shebang shell scripts have executable bit set -for file in `find -type f -perm /664`; do - if head -1 $file | egrep '^\#!' &>/dev/null; then - chmod a+x $file - fi -done - - -%install -mkdir -p ${RPM_BUILD_ROOT}/%{bzinstallprefix}/bugzilla -cp -pr * ${RPM_BUILD_ROOT}/%{bzinstallprefix}/bugzilla -cat << EOM > ${RPM_BUILD_ROOT}/%{bzinstallprefix}/bugzilla/cron.daily -#!/bin/bash -# Daily Bugzilla collectstats cron job run -cd %{bzinstallprefix}/bugzilla -./collectstats.pl -EOM -echo "0-59/15 * * * * apache cd %{bzinstallprefix}/bugzilla && env LANG=C %{bzinstallprefix}/bugzilla/whine.pl" > ${RPM_BUILD_ROOT}/%{bzinstallprefix}/bugzilla/cron.whine -rm -f ${RPM_BUILD_ROOT}/%{bzinstallprefix}/bugzilla/{README,UPGRADING,UPGRADING-pre-2.8} -mkdir -p ${RPM_BUILD_ROOT}/%{_datadir}/doc/%{name}-%{version} -cp %{SOURCE2} ./README.fedora -mkdir -p ${RPM_BUILD_ROOT}/%{bzdatadir} -mkdir -p ${RPM_BUILD_ROOT}/%{_sysconfdir}/bugzilla -install -m 0644 -D -p %{SOURCE1} ${RPM_BUILD_ROOT}%{_sysconfdir}/httpd/conf.d/bugzilla.conf - -%clean -rm -rf ${RPM_BUILD_ROOT} - -%post -(pushd %{bzinstallprefix}/bugzilla > /dev/null -[ -f /etc/bugzilla/localconfig ] || ./checksetup.pl > /dev/null -popd > /dev/null) - -%files -%defattr(-,root,apache,-) -%dir %{bzinstallprefix}/bugzilla -%{bzinstallprefix}/bugzilla/*.cgi -%{bzinstallprefix}/bugzilla/*.pl -%{bzinstallprefix}/bugzilla/Bugzilla.pm -%{bzinstallprefix}/bugzilla/bugzilla.dtd -%{bzinstallprefix}/bugzilla/robots.txt -%{bzinstallprefix}/bugzilla/Bugzilla -%{bzinstallprefix}/bugzilla/images -%{bzinstallprefix}/bugzilla/js -%{bzinstallprefix}/bugzilla/skins -%{bzinstallprefix}/bugzilla/t -%{bzinstallprefix}/bugzilla/template -%{bzinstallprefix}/bugzilla/extensions/example -%{bzinstallprefix}/bugzilla/lib/README -%{bzinstallprefix}/bugzilla/cron.daily -%{bzinstallprefix}/bugzilla/cron.whine -%{bzinstallprefix}/bugzilla/contrib/recode.pl -%ghost %{bzinstallprefix}/bugzilla/bugzilla-req -%config(noreplace) %{_sysconfdir}/httpd/conf.d/bugzilla.conf -%defattr(-,root,root,-) -%doc README -%doc README.fedora -%dir %{bzdatadir} -%defattr(0750,root,apache,-) -%dir %{_sysconfdir}/bugzilla - -%files doc -%defattr(-,root,root,-) -%{bzinstallprefix}/bugzilla/docs/en -%{bzinstallprefix}/bugzilla/docs/bugzilla.ent -%{bzinstallprefix}/bugzilla/docs/style.css - -%files doc-build -%defattr(-,root,root,-) -%{bzinstallprefix}/bugzilla/docs/makedocs.pl -%{bzinstallprefix}/bugzilla/docs/lib - -%files contrib -%defattr(-,root,root,-) -%{bzinstallprefix}/bugzilla/contrib/bugzilla_ldapsync.rb -%{bzinstallprefix}/bugzilla/contrib/bugzilla-queue -%{bzinstallprefix}/bugzilla/contrib/bugzilla-submit -%{bzinstallprefix}/bugzilla/contrib/bzdbcopy.pl -%{bzinstallprefix}/bugzilla/contrib/bz_webservice_demo.pl -%{bzinstallprefix}/bugzilla/contrib/cmdline -%{bzinstallprefix}/bugzilla/contrib/cvs-update.pl -%{bzinstallprefix}/bugzilla/contrib/fixperms.pl -%{bzinstallprefix}/bugzilla/contrib/gnats2bz.pl -%{bzinstallprefix}/bugzilla/contrib/gnatsparse -%{bzinstallprefix}/bugzilla/contrib/jb2bz.py* -%{bzinstallprefix}/bugzilla/contrib/merge-users.pl -%{bzinstallprefix}/bugzilla/contrib/mysqld-watcher.pl -%{bzinstallprefix}/bugzilla/contrib/README -%{bzinstallprefix}/bugzilla/contrib/sendbugmail.pl -%{bzinstallprefix}/bugzilla/contrib/sendunsentbugmail.pl -%{bzinstallprefix}/bugzilla/contrib/syncLDAP.pl -%{bzinstallprefix}/bugzilla/contrib/yp_nomail.sh - -%changelog -* Fri Apr 20 2012 Xavier Bachelot - 3.4.14-2 -- Add patch for CVE-2012-0466. - -* Wed Feb 01 2012 Xavier Bachelot - 3.4.14-1 -- Update to 3.4.14 : security fix for CVE-2012-0448. - -* Thu Dec 29 2011 Xavier Bachelot - 3.4.13-1 -- Update to 3.4.13 : security fixes for CVE-2011-3657 and CVE-2011-3667. - -* Thu Sep 15 2011 Xavier Bachelot - 3.4.12-1 -- Update to 3.4.12 : security fixes for CVE-2011-2379, CVE-2011-2380, - CVE-2011-2381, CVE-2011-2978 and CVE-2011-2976 (RHBZ#729158). -- Fix httpd conf (RHBZ#736579, RHBZ #736584). -- Fix typo in doc (RHBZ#736581). -- Fix files ownership (RHBZ#736583). - -* Sun May 01 2011 Emmanuel Seyman - 3.4.11-1 -- Update to 3.4.11 - -* Tue Mar 08 2011 Emmanuel Seyman - 3.4.10-2 -- Put contrib/recode.pl in the main package so that it no longer depends on - python and ruby - -* Tue Jan 25 2011 Emmanuel Seyman - 3.4.10-1 -- Update to 3.4.10 - -* Wed Nov 03 2010 Emmanuel Seyman - 3.4.9-1 -- Update to 3.4.9 - -* Thu Aug 19 2010 Emmanuel Seyman - 3.4.8-2 -- Bump to correct changelog version - -* Wed Aug 18 2010 Emmanuel Seyman - 3.4.8-1 -- Update to 3.4.8 (#623426, #615331) -- Only run checksetup if /etc/bugzilla/localconfig does not exist (#610210) -- Add bugzilla-contrib to Requires (#610198) - -* Wed Jun 30 2010 Emmanuel Seyman - 3.4.7-2 -- Remove mod_perl from the requirements (#600924) - -* Fri Jun 25 2010 Emmanuel Seyman - 3.4.7-1 -- Update to 3.4.7 (CVE-2010-1204) - -* Mon Feb 01 2010 Emmanuel Seyman - 3.4.5-1 -- Update to 3.4.5 (CVE-2009-3989, CVE-2009-3387) -- Remove bugzilla-EL5-perl-versions.patch which is EPEL-specific - -* Thu Nov 19 2009 Emmanuel Seyman - 3.4.4-1 -- Update to 3.4.4 (CVE-2009-3386) - -* Wed Nov 11 2009 Emmanuel Seyman - 3.4.3-1 -- Update to 3.4.3 (fixes memory leak issues) -- Add perl(Digest::SHA) in the Requires -- Specify Perl module versions in the Requires (fixes #524309) -- Add an alias to make $webdotdir a working path (fixes #458848) - -* Fri Sep 11 2009 Emmanuel Seyman - 3.4.2-1 -- Update to 3.4.2 (CVE-2009-3125, CVE-2009-3165 and CVE-2009-3166) - -* Tue Aug 04 2009 Itamar Reis Peixoto - 3.4.1-2 -- fix EL-5 perl dependencies bz#515158 - -* Sun Aug 02 2009 Emmanuel Seyman - 3.4.1-1 -- Update to 3.4.1, fixing a security leak - -* Wed Jul 29 2009 Emmanuel Seyman - 3.4-1 -- Update to 3.4 (fixes #514315) -- move makedocs.pl to its own package (fixes #509041) -- move the extensions dir to /usr/share/ (fixes #450636) - -* Fri Jul 24 2009 Fedora Release Engineering - 3.2.4-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - -* Wed Jul 08 2009 Itamar Reis Peixoto - 3.2.4-1 -- fix https://bugzilla.mozilla.org/show_bug.cgi?id=495257 - -* Mon Apr 06 2009 Itamar Reis Peixoto 3.2.3-1 -- fix CVE-2009-1213 - -* Thu Mar 05 2009 Itamar Reis Peixoto 3.2.2-2 -- fix from BZ #474250 Comment #16, from Chris Eveleigh --> -- add python BR for contrib subpackage -- fix description -- change Requires perl-SOAP-Lite to perl(SOAP::Lite) according guidelines - -* Sun Mar 01 2009 Itamar Reis Peixoto 3.2.2-1 -- thanks to Chris Eveleigh -- for contributing with patches :-) -- Upgrade to upstream 3.2.2 to fix multiple security vulns -- Removed old perl_requires exclusions, added new ones for RADIUS, Oracle and sanitycheck.cgi -- Added Oracle to supported DBs in description (and moved line breaks) -- Include a patch to fix max_allowed_packet warnin when using with mysql - -* Sat Feb 28 2009 Itamar Reis Peixoto 3.0.8-1 -- Upgrade to 3.0.8, fix #466077 #438080 -- fix macro in changelog rpmlint warning -- fix files-attr-not-set rpmlint warning for doc and contrib sub-packages - -* Mon Feb 23 2009 Fedora Release Engineering - 3.0.4-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild - -* Mon Feb 2 2009 Stepan Kasal - 3.0.4-3 -- do not require perl-Email-Simple, it is (no longer) in use -- remove several explicit perl-* requires; the automatic dependencies - do handle them - -* Mon Jul 14 2008 Tom "spot" Callaway - 3.0.4-2 -- fix license tag - -* Fri May 9 2008 John Berninger - 3.0.4-1 -- Update to upstream 3.0.4 to fix multiple security vulns -- Change perms on /etc/bugzilla for bz 427981 - -* Sun May 4 2008 John Berninger - 3.0.3-0 -- Update to upstream 3.0.3 - bz 444669 - -* Fri Dec 28 2007 John Berninger - 3.0.2-6 -- Add cron.daily, cron.whine to payload list - -* Fri Dec 28 2007 John Berninger - 3.0.2-5 -- Typo in spec file, rebuild - -* Fri Dec 28 2007 John Berninger - 3.0.2-3 -- bz 426465 - don't enable cron jobs so cron doesn't complain about - an unconfigured installation - -* Fri Oct 26 2007 John Berninger - 3.0.2-2 -- fix issue with AlowOverride Options - -* Mon Oct 22 2007 John Berninger - 3.0.2-1 -- updates to requires and httpd conf for BZ's 279961, 295861, 339531 - -* Mon Sep 24 2007 John Berninger - 3.0.2-0 -- update to 3.0.2 - bz 299981 - -* Mon Aug 27 2007 John Berninger - 3.0.1-0 -- update to 3.0.1 - bz 256021 - -* Fri May 18 2007 John Berninger - 3.0-2 -- update Requires for bz's 241037, 241206 - -* Fri May 18 2007 John Berninger - 3.0-1 -- update to upstream version 3.0 -- add new dependencies on mod_perl, perl-SOAP-Lite -- refactor patch(es) to change paths for read-only /usr - -* Tue Feb 20 2007 John Berninger - 2.22.2-1 -- update to 2.22.2 - bz 229163 - -* Wed Feb 14 2007 John Berninger - 2.22-12 -- More cron job fixes - -* Wed Jan 31 2007 John Berninger - 2.22-11 -- Fix cron job perms - -* Sat Jan 27 2007 John Berninger - 2.22-10 -- Fix collectstats cron job, bx 224550 - -* Mon Jan 22 2007 John Berninger - 2.22-9 -- Fix linebreak issues in specfile - -* Mon Jan 22 2007 John Berninger - 2.22-8 -- Put daily and hourly cronjobs in place per bz 223747 - -* Wed Nov 8 2006 John Berninger - 2.22-7 -- Fixes for bz # 212355 - -* Tue Jun 26 2006 John Berninger - 2.22-6 -- Clean up BugzillaEmail requires (filter it out) - -* Mon Jun 26 2006 John Berninger - 2.22-5 -- License is MPL, not GPL -- Clean up %%doc specs - -* Sun Jun 25 2006 John Benringer - 2.22-4 -- Remove localconfig file per upstream -- Patch to have localconfig appear in /etc/bugzilla when checksetup.pl is run - -* Tue Jun 20 2006 John Berninger - 2.22-3 -- Add README.fedora file -- Add additional requires per comments from upstream - -* Mon Jun 19 2006 John Berninger - 2.22-2 -- Code to /usr/share, data to /var/lib/bugzilla per FE packaging req's - -* Tue Jun 13 2006 John Berninger - 2.22-1 -- Shift to /var/lib/bugzilla install dir per discussion in review request -- Minor change in filtering requires - -* Tue May 23 2006 John Berninger - 2.22-0 -- Update to upstream 2.22 release -- Split off -contrib package, but keep it where it usually gets installed - -* Wed Apr 26 2006 John Berninger - 2.20.1-4 -- rpmlint cleanups - -* Mon Apr 24 2006 John Berninger - 2.20.1-3 -- Cleanup of prov/req filters -- Split docs into -doc package - -* Thu Apr 20 2006 John Berninger - 2.20.1-2 -- No need for CVS tarball - I was thinking things too far through. Change - to 2.20.1 release. - -* Fri Apr 7 2006 John Berninger - 2.20-0.1cvs20060407 -- Initial spec creation/build for Fedora Extras packaging. - diff --git a/dead.package b/dead.package new file mode 100644 index 0000000..db4fe59 --- /dev/null +++ b/dead.package @@ -0,0 +1 @@ +can't upgrade bugzilla on el6 without upgrading el6 base packages diff --git a/sources b/sources deleted file mode 100644 index 871f04e..0000000 --- a/sources +++ /dev/null @@ -1 +0,0 @@ -f90fc71faaea9b09e6986d26c60216da bugzilla-3.4.14.tar.gz