summaryrefslogtreecommitdiffstats
path: root/glpi.spec
diff options
context:
space:
mode:
authorRemi Collet <remi@remirepo.net>2019-06-21 11:07:34 +0200
committerRemi Collet <remi@remirepo.net>2019-06-21 11:07:34 +0200
commitf4dd8cae6b07d186eed1fbd80f1ee8d73944bf2b (patch)
tree4aaffbeb8edada25708279730be879d8d7119e54 /glpi.spec
parentf7d427b103d9e36960170be59233252b0a8fdd74 (diff)
- [security] Prevent execution of XSS on rich text
- [security] Prevent XSS attack on user picture
Diffstat (limited to 'glpi.spec')
-rw-r--r--glpi.spec10
1 files changed, 9 insertions, 1 deletions
diff --git a/glpi.spec b/glpi.spec
index 22aee17..e06b306 100644
--- a/glpi.spec
+++ b/glpi.spec
@@ -55,7 +55,7 @@ Name: %{gh_project}
%global upstream_version 9.3.4
#global upstream_prever RC2
Version: %{upstream_version}%{?upstream_prever:~%{upstream_prever}}
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: Free IT asset management software
Summary(fr): Gestion Libre de Parc Informatique
@@ -75,6 +75,9 @@ Source6: %{name}-minify.php
# Override PHP configuration for php-fpm
Source7: %{name}-user.ini
+# Security patches
+Patch0: https://patch-diff.githubusercontent.com/raw/glpi-project/glpi/pull/6054.patch
+
BuildArch: noarch
BuildRequires: gettext
BuildRequires: php-cli
@@ -308,6 +311,7 @@ techniciens grâce à une maintenance plus cohérente.
%prep
%setup -q -n %{name}-%{gh_commit}
+%patch0 -p1
grep %{upstream_version} inc/define.php
@@ -596,6 +600,10 @@ fi
%changelog
+* Fri Jun 21 2019 Remi Collet <remi@remirepo.net> - 9.3.4-2
+- [security] Prevent execution of XSS on rich text
+- [security] Prevent XSS attack on user picture
+
* Thu Apr 11 2019 Remi Collet <remi@remirepo.net> - 9.3.4-1
- update to 9.3.4