summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--php-sabredav-Sabre_DAV.spec11
-rw-r--r--sabreDav_BrowserPluginFix.patch23
2 files changed, 7 insertions, 27 deletions
diff --git a/php-sabredav-Sabre_DAV.spec b/php-sabredav-Sabre_DAV.spec
index ff85b44..e3be00f 100644
--- a/php-sabredav-Sabre_DAV.spec
+++ b/php-sabredav-Sabre_DAV.spec
@@ -1,12 +1,12 @@
%{!?__pear: %{expand: %%global __pear %{_bindir}/pear}}
%global pear_name Sabre_DAV
%global channelname pear.sabredav.org
-%global mainver 1.8.6
-%global reldate 2013-06-18
+%global mainver 1.8.7
+%global reldate 2013-10-02
Name: php-sabredav-Sabre_DAV
-Version: 1.8.6
-Release: 2%{?dist}
+Version: 1.8.7
+Release: 1%{?dist}
Summary: Sabre_DAV is a WebDAV framework for PHP
Group: Development/Libraries
@@ -105,6 +105,9 @@ fi
%changelog
+* Sat Oct 5 2013 Remi Collet <RPMS@FamilleCollet.com> 1.8.7-1
+- update to 1.8.7
+
* Thu Sep 12 2013 Remi Collet <RPMS@FamilleCollet.com> 1.8.6-2
- fix roles
diff --git a/sabreDav_BrowserPluginFix.patch b/sabreDav_BrowserPluginFix.patch
deleted file mode 100644
index 449283f..0000000
--- a/sabreDav_BrowserPluginFix.patch
+++ /dev/null
@@ -1,23 +0,0 @@
---- Sabre_DAV-1.6.5/Sabre/DAV/Browser/Plugin.php 2012-10-04 08:02:37.000000000 -0400
-+++ SabreDAV/lib/Sabre/DAV/Browser/Plugin.php 2013-04-11 14:29:08.000000000 -0400
-@@ -439,14 +439,14 @@
- */
- protected function getLocalAssetPath($assetName) {
-
-+ $assetDir = __DIR__ . '/assets/';
-+ $path = $assetDir . $assetName;
-+
- // Making sure people aren't trying to escape from the base path.
-- $assetSplit = explode('/', $assetName);
-- if (in_array('..',$assetSplit)) {
-- throw new Sabre_DAV_Exception('Incorrect asset path');
-+ if (strpos(realpath($path), realpath($assetDir)) === 0) {
-+ return $path;
- }
-- $path = __DIR__ . '/assets/' . $assetName;
-- return $path;
--
-+ throw new Sabre_DAV_Exception_Forbidden('Path does not exist, or escaping from the base path was detected');
- }
-
- /**