From 2bce7cfae8cd68f6de3193b06e8f04a65c7950a7 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Tue, 3 Jul 2018 07:32:46 +0200
Subject: add upstream patch to fix SQL injection CVE-2018-13049

---
 glpi.spec | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'glpi.spec')

diff --git a/glpi.spec b/glpi.spec
index b909d04..f03d7fc 100644
--- a/glpi.spec
+++ b/glpi.spec
@@ -51,7 +51,7 @@ Name:           %{gh_project}
 #global upstream_prever  RC2
 # use 9.3.0~RC2 < 9.3 (for plugin compatibility check)
 Version:        %{upstream_version}%{?upstream_prever:~%{upstream_prever}}
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Free IT asset management software
 Summary(fr):    Gestion Libre de Parc Informatique
 
@@ -71,6 +71,8 @@ Source6:        %{name}-minify.php
 # Override PHP configuration for php-fpm
 Source7:        %{name}-user.ini
 
+Patch0:         https://github.com/glpi-project/glpi/commit/3391f10eacec880aebcd4297bd2658ae13473947.patch
+
 BuildArch:      noarch
 BuildRequires:  gettext
 BuildRequires:  php-cli
@@ -294,6 +296,7 @@ techniciens grâce à une maintenance plus cohérente.
 
 %prep
 %setup -q -n %{name}-%{gh_commit}
+%patch0 -p1
 
 grep %{upstream_version} inc/define.php
 
@@ -592,6 +595,9 @@ fi
 
 
 %changelog
+* Tue Jul  3 2018 Remi Collet <remi@remirepo.net> - 9.3.0-2
+- add upstream patch to fix SQL injection CVE-2018-13049
+
 * Thu Jun 28 2018 Remi Collet <remi@remirepo.net> - 9.3.0-1
 - update to 9.3.0 GA
 - add dependency on zend-console
-- 
cgit