Author: corsepiu
Update of /cvs/pkgs/rpms/rt3/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv29629
Modified Files:
rt3.spec
Added Files:
rt-3.8.4-rh-bz543962.diff
Log Message:
* Fri Dec 04 2009 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 3.8.5-2
- Add rt-3.8.4-rh-bz543962.diff (BZ #543962).
rt-3.8.4-rh-bz543962.diff:
SetupSessionCookie | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
--- NEW FILE rt-3.8.4-rh-bz543962.diff ---
diff -Naur rt-3.8.4.orig/share/html/Elements/SetupSessionCookie rt-3.8.4/share/html/Elements/SetupSessionCookie
--- rt-3.8.4.orig/share/html/Elements/SetupSessionCookie 2009-06-10 20:40:27.000000000 +0200
+++ rt-3.8.4/share/html/Elements/SetupSessionCookie 2009-12-04 11:56:31.000000000 +0100
@@ -53,11 +53,17 @@
my %cookies = CGI::Cookie->fetch;
my $cookiename = "RT_SID_". RT->Config->Get('rtname');
$cookiename .= ".". $ENV{'SERVER_PORT'} if $ENV{'SERVER_PORT'};
-$SessionCookie ||= ( $cookies{$cookiename} ? $cookies{$cookiename}->value : undef ),
+$SessionCookie = ( $cookies{$cookiename} ? $cookies{$cookiename}->value : undef );
tie %session, 'RT::Interface::Web::Session', $SessionCookie;
undef $cookies{$cookiename} unless $SessionCookie && $session{'_session_id'} eq $SessionCookie;
+unless ($session{'CurrentUser'} && $session{CurrentUser}->id) {
+ tied(%session)->delete;
+ undef $cookies{$cookiename};
+ tie %session, 'RT::Interface::Web::Session', undef;
+}
+
if ( int RT->Config->Get('AutoLogoff') ) {
my $now = int(time/60);
my $last_update = $session{'_session_last_update'} || 0;
Index: rt3.spec
===================================================================
RCS file: /cvs/pkgs/rpms/rt3/devel/rt3.spec,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -p -r1.46 -r1.47
--- rt3.spec 12 Oct 2009 16:03:21 -0000 1.46
+++ rt3.spec 4 Dec 2009 11:22:12 -0000 1.47
@@ -40,7 +40,7 @@
Name: rt3
Version: 3.8.5
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: Request tracker 3
Group: Applications/Internet
@@ -55,6 +55,11 @@ Patch0: rt-3.8.4-config.diff
Patch2: rt-3.8.4-Makefile.diff
Patch3: rt-3.8.4-test-dependencies.diff
+# http://bugzilla.redhat.com/show_bug.cgi?id=543962
+# Patch from http://bestpractical.typepad.com/files/rt-3.8-session_fixation.patch
+# Fixed in rt >= 3.8.6
+Patch6: rt-3.8.4-rh-bz543962.diff
+
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -232,6 +237,7 @@ find etc -type f -exec chmod a-x {} \;
%patch0 -p1
%patch2 -p1
%patch3 -p1
+%patch6 -p1
# Patch backups added by rpm disturb
find -name '*.orig' -exec rm -f {} \;
@@ -431,6 +437,9 @@ fi
%{RT3_LIBDIR}/RT/Test*
%changelog
+* Fri Dec 04 2009 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 3.8.5-2
+- Add rt-3.8.4-rh-bz543962.diff (BZ #543962).
+
* Mon Oct 12 2009 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 3.8.5-1
- Upstream update.
- Remove rt-3.8.4-rh-bz526870.diff.
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
Fedora-perl-devel-list mailing list
Fedora-perl-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-perl-devel-list
