From f4dd8cae6b07d186eed1fbd80f1ee8d73944bf2b Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Fri, 21 Jun 2019 11:07:34 +0200 Subject: - [security] Prevent execution of XSS on rich text - [security] Prevent XSS attack on user picture --- glpi.spec | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'glpi.spec') diff --git a/glpi.spec b/glpi.spec index 22aee17..e06b306 100644 --- a/glpi.spec +++ b/glpi.spec @@ -55,7 +55,7 @@ Name: %{gh_project} %global upstream_version 9.3.4 #global upstream_prever RC2 Version: %{upstream_version}%{?upstream_prever:~%{upstream_prever}} -Release: 1%{?dist} +Release: 2%{?dist} Summary: Free IT asset management software Summary(fr): Gestion Libre de Parc Informatique @@ -75,6 +75,9 @@ Source6: %{name}-minify.php # Override PHP configuration for php-fpm Source7: %{name}-user.ini +# Security patches +Patch0: https://patch-diff.githubusercontent.com/raw/glpi-project/glpi/pull/6054.patch + BuildArch: noarch BuildRequires: gettext BuildRequires: php-cli @@ -308,6 +311,7 @@ techniciens grâce à une maintenance plus cohérente. %prep %setup -q -n %{name}-%{gh_commit} +%patch0 -p1 grep %{upstream_version} inc/define.php @@ -596,6 +600,10 @@ fi %changelog +* Fri Jun 21 2019 Remi Collet - 9.3.4-2 +- [security] Prevent execution of XSS on rich text +- [security] Prevent XSS attack on user picture + * Thu Apr 11 2019 Remi Collet - 9.3.4-1 - update to 9.3.4 -- cgit