rpms/otrs/F-7 otrs-2.1.5-CVE-2008-1515.diff, NONE, 1.1 otrs.spec, 1.7, 1.8 sources, 1.4, 1.5

Tomas Hoger (thoger) fedora-extras-commits at redhat.com
Tue Apr 8 18:59:16 UTC 2008 

Author: thoger

Update of /cvs/extras/rpms/otrs/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11159

Modified Files:
	otrs.spec sources 
Added Files:
	otrs-2.1.5-CVE-2008-1515.diff 
Log Message:
Revert to 2.1.5-2 in CVS, as 2.1.7 was never uploaded to Fedora archive.
Add upstream patch for CVE-2008-1515 / OSA-2008-01.


otrs-2.1.5-CVE-2008-1515.diff:

***** Error reading new file: [Errno 2] No such file or directory: 'otrs-2.1.5-CVE-2008-1515.diff'

Index: otrs.spec
===================================================================
RCS file: /cvs/extras/rpms/otrs/F-7/otrs.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- otrs.spec	6 Jun 2007 18:56:33 -0000	1.7
+++ otrs.spec	8 Apr 2008 18:58:37 -0000	1.8
@@ -1,13 +1,14 @@
 Summary:	The Open Ticket Request System
 Name:		otrs
-Version:	2.1.7
-Release:	1%{?dist}
+Version:	2.1.5
+Release:	3%{?dist}
 License:	GPL
 Group:		Applications/Internet
 URL: 		http://www.otrs.org/
 Source0:	ftp://ftp.otrs.org/pub/%{name}/%{name}-%{version}.tar.bz2
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Source1:	otrs.httpd.conf
+Patch0:		otrs-2.1.5-CVE-2008-1515.diff
 
 BuildArch: noarch
 Requires: perl-GDGraph
@@ -34,6 +35,7 @@
 
 %prep
 %setup -q
+%patch0 -p1
 
 %build
 # copy config file
@@ -117,8 +119,10 @@
 %attr(0660,otrs,apache) %{otrsdir}/.*ail*
 
 %changelog
-* Wed Jun 06 2007 Mike McGrath <mmcgrath at redhat.com> 2.1.7-1
-- Upstream released new version
+* Tue Apr  8 2008 Tomas Hoger <thoger at redhat.com> - 2.1.5-3
+- Security update: Add upstream patch for CVE-2008-1515 / OSA-2008-01
+  (Vulnerability in OTRS SOAP interface allowing remote access without
+  valid SOAP user - http://otrs.org/advisory/OSA-2008-01-en/ )
 
 * Fri Apr 20 2007 Mike McGrath <mmcgrath at redhat.com> 2.1.5-2
 - Added perl-GDGraph #237214


Index: sources
===================================================================
RCS file: /cvs/extras/rpms/otrs/F-7/sources,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- sources	6 Jun 2007 18:56:33 -0000	1.4
+++ sources	8 Apr 2008 18:58:37 -0000	1.5
@@ -1 +1 @@
-05c12c945ca1e7b89c56ac7b3c38031e  otrs-2.1.7.tar.bz2
+e302fd0fd6207ea2ea51884ab51b430b  otrs-2.1.5.tar.bz2

More information about the fedora-extras-commits mailing list