Author: corsepiu
Update of /cvs/pkgs/rpms/rt3/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv31386
Modified Files:
rt3.spec
Added Files:
rt-3.8.2-rh-bz543962.diff
Log Message:
* Fri Dec 04 2009 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 3.8.2-12
- Add rt-3.8.2-rh-bz543962.diff (BZ #543962).
rt-3.8.2-rh-bz543962.diff:
SetupSessionCookie | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
--- NEW FILE rt-3.8.2-rh-bz543962.diff ---
diff -Naur rt-3.8.2.orig/share/html/Elements/SetupSessionCookie rt-3.8.2/share/html/Elements/SetupSessionCookie
--- rt-3.8.2.orig/share/html/Elements/SetupSessionCookie 2009-01-07 02:15:29.000000000 +0100
+++ rt-3.8.2/share/html/Elements/SetupSessionCookie 2009-12-04 11:30:01.000000000 +0100
@@ -53,11 +53,17 @@
my %cookies = CGI::Cookie->fetch;
my $cookiename = "RT_SID_". RT->Config->Get('rtname');
$cookiename .= ".". $ENV{'SERVER_PORT'} if $ENV{'SERVER_PORT'};
-$SessionCookie ||= ( $cookies{$cookiename} ? $cookies{$cookiename}->value : undef ),
+$SessionCookie = ( $cookies{$cookiename} ? $cookies{$cookiename}->value : undef );
tie %session, 'RT::Interface::Web::Session', $SessionCookie;
undef $cookies{$cookiename} unless $SessionCookie && $session{'_session_id'} eq $SessionCookie;
+unless ($session{'CurrentUser'} && $session{CurrentUser}->id) {
+ tied(%session)->delete;
+ undef $cookies{$cookiename};
+ tie %session, 'RT::Interface::Web::Session', undef;
+}
+
if ( int RT->Config->Get('AutoLogoff') ) {
my $now = int(time/60);
my $last_update = $session{'_session_last_update'} || 0;
Index: rt3.spec
===================================================================
RCS file: /cvs/pkgs/rpms/rt3/F-10/rt3.spec,v
retrieving revision 1.42
retrieving revision 1.43
diff -u -p -r1.42 -r1.43
--- rt3.spec 13 Oct 2009 02:41:00 -0000 1.42
+++ rt3.spec 4 Dec 2009 11:27:30 -0000 1.43
@@ -40,7 +40,7 @@
Name: rt3
Version: 3.8.2
-Release: 11%{?dist}
+Release: 12%{?dist}
Summary: Request tracker 3
Group: Applications/Internet
@@ -65,6 +65,10 @@ Patch4: rt-3.8.2-rh-bz506236.diff
# Fixed in rt >= 3.8.5
Patch5: rt-3.8.2-rh-bz526870.diff
+# http://bugzilla.redhat.com/show_bug.cgi?id=543962
+# Patch from http://bestpractical.typepad.com/files/rt-3.8-session_fixation.patch
+# Fixed in rt >= 3.8.6
+Patch6: rt-3.8.2-rh-bz543962.diff
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -245,6 +249,7 @@ find etc -type f -exec chmod a-x {} \;
%patch3 -p1
%patch4 -p1
%patch5 -p1
+%patch6 -p1
# Patch backups added by rpm disturb
find -name '*.orig' -exec rm -f {} \;
@@ -444,6 +449,9 @@ fi
%{RT3_LIBDIR}/RT/Test*
%changelog
+* Fri Dec 04 2009 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 3.8.2-12
+- Add rt-3.8.2-rh-bz543962.diff (BZ #543962).
+
* Tue Oct 13 2009 Ralf Corsépius <corsepiu@xxxxxxxxxxxxxxxxx> - 3.8.2-11
- Update rt-3.8.2-rh-bz526870.diff.
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
Fedora-perl-devel-list mailing list
Fedora-perl-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-perl-devel-list
