rpms/otrs/F-7 otrs-2.1.5-CVE-2008-1515.diff, NONE, 1.1 otrs.spec, 1.7, 1.8 sources, 1.4, 1.5
Tomas Hoger (thoger)
fedora-extras-commits at redhat.com
Tue Apr 8 18:59:16 UTC 2008
Author: thoger
Update of /cvs/extras/rpms/otrs/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11159
Modified Files:
otrs.spec sources
Added Files:
otrs-2.1.5-CVE-2008-1515.diff
Log Message:
Revert to 2.1.5-2 in CVS, as 2.1.7 was never uploaded to Fedora archive.
Add upstream patch for CVE-2008-1515 / OSA-2008-01.
otrs-2.1.5-CVE-2008-1515.diff:
***** Error reading new file: [Errno 2] No such file or directory: 'otrs-2.1.5-CVE-2008-1515.diff'
Index: otrs.spec
===================================================================
RCS file: /cvs/extras/rpms/otrs/F-7/otrs.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- otrs.spec 6 Jun 2007 18:56:33 -0000 1.7
+++ otrs.spec 8 Apr 2008 18:58:37 -0000 1.8
@@ -1,13 +1,14 @@
Summary: The Open Ticket Request System
Name: otrs
-Version: 2.1.7
-Release: 1%{?dist}
+Version: 2.1.5
+Release: 3%{?dist}
License: GPL
Group: Applications/Internet
URL: http://www.otrs.org/
Source0: ftp://ftp.otrs.org/pub/%{name}/%{name}-%{version}.tar.bz2
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Source1: otrs.httpd.conf
+Patch0: otrs-2.1.5-CVE-2008-1515.diff
BuildArch: noarch
Requires: perl-GDGraph
@@ -34,6 +35,7 @@
%prep
%setup -q
+%patch0 -p1
%build
# copy config file
@@ -117,8 +119,10 @@
%attr(0660,otrs,apache) %{otrsdir}/.*ail*
%changelog
-* Wed Jun 06 2007 Mike McGrath <mmcgrath at redhat.com> 2.1.7-1
-- Upstream released new version
+* Tue Apr 8 2008 Tomas Hoger <thoger at redhat.com> - 2.1.5-3
+- Security update: Add upstream patch for CVE-2008-1515 / OSA-2008-01
+ (Vulnerability in OTRS SOAP interface allowing remote access without
+ valid SOAP user - http://otrs.org/advisory/OSA-2008-01-en/ )
* Fri Apr 20 2007 Mike McGrath <mmcgrath at redhat.com> 2.1.5-2
- Added perl-GDGraph #237214
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/otrs/F-7/sources,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- sources 6 Jun 2007 18:56:33 -0000 1.4
+++ sources 8 Apr 2008 18:58:37 -0000 1.5
@@ -1 +1 @@
-05c12c945ca1e7b89c56ac7b3c38031e otrs-2.1.7.tar.bz2
+e302fd0fd6207ea2ea51884ab51b430b otrs-2.1.5.tar.bz2
More information about the fedora-extras-commits
mailing list