%global pkgdir %{_datadir}/%{name} %global cfgdir %{_sysconfdir}/%{name} %global docdir %{_docdir}/%{name}-%{version} %global httpconfdir %{_sysconfdir}/httpd/conf.d Summary: Web-based issue tracking system Name: mantis Version: 1.1.8 Release: 5%{?dist} License: GPLv2+ Group: Applications/Internet URL: http://www.mantisbt.org/ BuildArch: noarch Source0: http://downloads.sourceforge.net/mantisbt/mantisbt-%{version}.tar.gz Source1: mantis-README.Fedora Patch0: mantis-1.1.6-install-nowriteconfig.patch Patch1: mantis-1.1.0-noexamplecom.patch Patch2: mantis-1.0.0rc2-noadmin.patch Patch3: mantis-1.1.8-use_systems_nusoap.patch # These patches are upstreamed, will come out eventually in 1.1.9 Patch4: 0001-Fix-12369-XSS-vulnerability-when-deleting-maliciousl.patch Patch5: 0002-Fix-12370-Multiple-XSS-issues-with-custom-field-enum.patch Patch6: 0003-Fix-12371-XSS-in-print_all_bug_page_word.php-project.patch Patch7: mantis-1.1.8-XSS_in_summary_page.patch Patch8: mantis-1.1.8-CVE-2010-4348-4349-4350.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: php >= 4.3.0 Requires: php-mbstring >= 4.3.0 Requires: mantis-config #Requires: php-adodb Requires: php-nusoap %package config-httpd Summary: Mantis configuration for Apache httpd Group: Applications/Internet Source10: mantis-httpd.conf Provides: mantis-config = httpd Requires: mantis = %{version}-%{release} Requires: %{httpconfdir} Requires: mod_ssl %description Mantis is a free popular web-based issue tracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a web server. Almost any web browser should be able to function as a client. Documentation can be found in: %{docdir} When the package has finished installing, you will need to perform some additional configuration steps; these are described in: %{docdir}/README.Fedora %description config-httpd Mantis is a web-based issue tracking system. This package contains configuration-files for Apache httpd 2. %prep %setup -q -n mantisbt-%{version} %patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 %patch8 -p1 cp %{SOURCE1} ./doc/README.Fedora rm .gitignore rm -rf packages %build %install rm -rf "${RPM_BUILD_ROOT}" %{__install} -d -m755 ${RPM_BUILD_ROOT}%{pkgdir} %{__install} -d -m755 ${RPM_BUILD_ROOT}%{cfgdir} tar cf - . | tar xf - -C ${RPM_BUILD_ROOT}%{pkgdir} # Remove bundled libraries # adodb # rm -rf ${RPM_BUILD_ROOT}%{pkgdir}/core/adodb # NuSOAP rm -rf ${RPM_BUILD_ROOT}%{pkgdir}/api/soap/nusoap find ${RPM_BUILD_ROOT} \( \ -name '*.orig' \ -o -name '*.#.*' \ -o -name '.cvsignore' \ -o -name '.htaccess' \ \) -print0 | xargs -0 rm -f ## Do not rename; the *existence* of this file will be checked to ## determine if mantis is offline mv ${RPM_BUILD_ROOT}%{pkgdir}/mantis_offline.php.sample ${RPM_BUILD_ROOT}%{cfgdir}/ mv ${RPM_BUILD_ROOT}%{pkgdir}/config_inc.php.sample ${RPM_BUILD_ROOT}%{cfgdir}/config_inc.php #convert changelog to UTF8 iconv -f ISO_8859-1 -t UTF-8 -o doc/ChangeLog{.utf8,} mv doc/ChangeLog{.utf8,} chmod a+x core ${RPM_BUILD_ROOT}%{pkgdir}/core/checkin.php for i in $(find ${RPM_BUILD_ROOT} -type f -regex '.*\.\(php\|txt\|gif\|png\|css\|htm\|dtd\|xsl\|sql\|js\|bak\|xml\|zip\)$' -perm +0111); do case $i in (*.php) if ! sed '1p;d' "$i" | grep -q '^#!'; then chmod a-x "$i" elif sed '1p;d' "$i" | grep -q '/usr/local/bin/php'; then sed -i -e '1s!/usr/local/bin/php!/usr/bin/php!' "$i" fi ;; (*.bak) rm -f "$i";; (*) chmod a-x "$i";; esac done chmod -x doc/* chmod -x ${RPM_BUILD_ROOT}%{pkgdir}/core/phpmailer/{README,LICENSE} # Dangling symlink: when /etc/mantis/mantis_offline.php is present mantis is put offline ln -s ../../..%{cfgdir}/mantis_offline.php ${RPM_BUILD_ROOT}%{pkgdir}/mantis_offline.php %{__install} -d ${RPM_BUILD_ROOT}%{httpconfdir} %{__install} -p -m644 %{SOURCE10} ${RPM_BUILD_ROOT}%{httpconfdir}/mantis.conf # Remove doc dir rm -rf ${RPM_BUILD_ROOT}%{pkgdir}/doc %clean rm -rf "${RPM_BUILD_ROOT}" %files %defattr(-,root,root,-) %{pkgdir} %dir %{cfgdir} %config(noreplace) %{cfgdir}/* %doc doc/{LICENSE,ChangeLog,CREDITS,CUSTOMIZATION,README.Fedora} %files config-httpd %defattr(-,root,root,-) %config(noreplace) %{httpconfdir}/* %changelog * Sat Dec 17 2010 Gianluca Sforna - 1.1.8.5 - Updated description (#638942) - Fix CVE-2010-3763 (#640746) - Fix CVE-2010-4348, CVE-2010-4349, CVE-2010-4350 (#663299, #663230) * Mon Sep 20 2010 Gianluca Sforna - 1.1.8-4 - Fix CVE-2010-3070 using system's NuSOAP (#633011) - Fix CVE-2010-2574 and CVE-2010-3303 (#633003 #634340) * Thu Jan 17 2010 Gianluca Sforna - 1.1.8-3 - Tweak summary - Don't restart apache (#552943) * Sat Jul 25 2009 Fedora Release Engineering - 1.1.8-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Mon Jun 8 2009 Gianluca Sforna - 1.1.8-1 - new upstream release * Tue Apr 21 2009 Gianluca Sforna - 1.1.7-1 - new upstream release * Wed Feb 25 2009 Fedora Release Engineering - 1.1.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Sun Dec 28 2008 Sven Lankes - 1.1.6-2 - add patch to suppress bogus warning during setup (closes bz #437142) - convert ChangeLog to UTF8 - remove .gitignore - change mantis_offline.php-symlink to be relative * Wed Dec 10 2008 Gianluca Sforna - 1.1.6-1 - new upstream release * Mon Nov 24 2008 Gianluca Sforna - 1.1.5-1 - new upstream release * Sun Oct 19 2008 Gianluca Sforna - 1.1.4-1 - new upstream release * Tue Oct 14 2008 Gianluca Sforna - 1.1.3-1 - new upstream release - drop upstreamed patch * Sat Jul 19 2008 Gianluca Sforna - 1.1.2-1 - new upstream release - add patch for bugnotes notification * Sat Jan 19 2008 Gianluca Sforna - 1.1.1-1 - new upstream release - Add more info in README.Fedora about configuration, upgrades and SELinux * Sat Jan 5 2008 Gianluca Sforna - 1.1.0-1 - new upstream release - rediffed patches - allow local usage out of the box - remove .htaccess files - revert using embedded adodb see http://www.mantisbt.org/bugs/view.php?id=8256 for details - improve description and README.Fedora - Remove unneeded diffutils BR - Updated License field * Tue Jul 3 2007 Gianluca Sforna - 1.0.8-1 - new upstream release - add Require: php-adodb (and remove embedded one) - remove duplicate docs * Thu Apr 5 2007 Gianluca Sforna - 1.0.7-1 - new upstream release - drop upstreamed patch - fix (most) rpmlint issues - tweak Source0 URL - remove config_inc.php symlink (config is now found via the MANTIS_CONFIG environment variable) * Tue Jan 9 2007 Gianluca Sforna - 1.0.6-2 - Add some docs - Add patch for BZ #219937 - Fix rpmlint messages for SRPM * Thu Nov 2 2006 Gianluca Sforna - 1.0.6-1 - updated to 1.0.6 * Tue Oct 10 2006 Gianluca Sforna - 1.0.5-1 - updated to 1.0.5 * Sat May 20 2006 Enrico Scholz - 1.0.3-1 - updated to 1.0.3 (SECURITY) * Wed Mar 8 2006 Enrico Scholz - 1.0.1-1 - updated to 1.0.1 * Sat Feb 18 2006 Enrico Scholz - 1.0.0-1 - updated to 1.0.0 * Fri Dec 23 2005 Enrico Scholz - 1.0.0-0.1.rc4 - SECURITY: release 1.0.0rc4 - removed x-permission from most files - rediffed * Sat Jun 25 2005 Enrico Scholz - 1.0.0 - updated to 1.0.0a3 - removed the part which created the psql-script; upstream has now a working PostgreSQL database creation script - rediffed the -iis patch - added patch to make upgrade functionionality partially working with PostgreSQL; this is not perfect as things like index creation will still fail * Thu May 19 2005 Enrico Scholz - 0.19.2-2 - use %%dist instead of %%disttag * Mon Mar 7 2005 Enrico Scholz - 0.19.2-1 - updated to 0.19.2 - rediffed patches - removed dependency on php-mysql as it supports PostgreSQL also - added inline-hack to generate a PostgreSQL database creation script * Thu May 27 2004 Enrico Scholz - 0:0.18.3-0.fdr.2 - ship doc/ in the program-directory instead of copying it into %%docdir - modified shipped httpd configuration to disable admin/ directory explicitly and added some documentation there - added noadmin patch to disable warning about existing admin/ directory; since this directory is disabled by httpd configuration - lower restrictions on the required 'mantis-config' subpackage; use descriptive names as version instead of EVR - restart 'httpd' after the upgrade - preserve timestamps of the configuration files to avoid creation of .rpmnew files on every update * Tue May 25 2004 Enrico Scholz - 0:0.18.3-0.fdr.0.1 - updated to 0.18.2 - rediffed the patches * Fri Aug 15 2003 Enrico Scholz 0:0.18.0-0.fdr.0.2.a4 - use generic download-address for Source0 * Thu Jun 19 2003 Enrico Scholz 0:0.18.0-0.fdr.0.1.a4 - applied the Fedora naming standard * Thu Jun 19 2003 Enrico Scholz 0:0.18.0-0.fdr.0.a4.2 - Initial build.