summarylogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.SRCINFO24
-rw-r--r--CVE-2014-8986.patch20
-rw-r--r--PKGBUILD40
-rw-r--r--mantisbt.install17
4 files changed, 101 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO
new file mode 100644
index 00000000000..0b4d10850ca
--- /dev/null
+++ b/.SRCINFO
@@ -0,0 +1,24 @@
+# Generated by mksrcinfo v8
+# Sat Aug 20 20:18:36 UTC 2016
+pkgbase = mantisbt
+ pkgdesc = Web-based issue tracking system
+ pkgver = 1.3.0
+ pkgrel = 2
+ url = http://www.mantisbt.org/
+ install = mantisbt.install
+ arch = any
+ license = GPL
+ depends = php
+ optdepends = apache: Web server to run MantisBT
+ optdepends = curl: Twitter integration
+ optdepends = gd: Graphs support
+ optdepends = lighttpd: Web server to run MantisBT
+ optdepends = mariadb: SQL database
+ optdepends = nginx: Web server to run MantisBT
+ optdepends = php-pgsql: PostgreSQL database
+ backup = etc/webapps/mantisbt/config_inc.php
+ source = http://downloads.sourceforge.net/mantisbt/mantisbt-1.3.0.tar.gz
+ sha256sums = a223107ba9cf1a6a555031f662e81a297133ee9d88896704c689cea15506e2cc
+
+pkgname = mantisbt
+
diff --git a/CVE-2014-8986.patch b/CVE-2014-8986.patch
new file mode 100644
index 00000000000..cc820ae3fd2
--- /dev/null
+++ b/CVE-2014-8986.patch
@@ -0,0 +1,20 @@
+diff -rupN mantisbt-1.2.19.orig/adm_config_report.php mantisbt-1.2.19/adm_config_report.php
+--- mantisbt-1.2.19.orig/adm_config_report.php 2015-02-17 11:36:02.025998608 +0100
++++ mantisbt-1.2.19/adm_config_report.php 2015-02-17 11:42:22.122773322 +0100
+@@ -159,6 +159,16 @@
+ }
+ }
+
++ if( !is_blank( $t_filter_config_value ) && (int)$t_filter_config_value !== META_FILTER_NONE ) {
++ // check that config value exists
++ if( @config_get_global( $t_filter_config_value ) === null ) {
++ $t_cookie_path = config_get( 'cookie_path' );
++ gpc_clear_cookie( $t_cookie_name, $t_cookie_path );
++
++ trigger_error( ERROR_GENERIC, ERROR );
++ }
++ }
++
+ # Get config edit values
+ $t_edit_user_id = gpc_get_int( 'user_id', $t_filter_user_value == META_FILTER_NONE ? ALL_USERS : $t_filter_user_value );
+ $t_edit_project_id = gpc_get_int( 'project_id', $t_filter_project_value == META_FILTER_NONE ? ALL_PROJECTS : $t_filter_project_value );
diff --git a/PKGBUILD b/PKGBUILD
new file mode 100644
index 00000000000..65dfdeabc6e
--- /dev/null
+++ b/PKGBUILD
@@ -0,0 +1,40 @@
+# $Id: PKGBUILD 183866 2016-07-23 11:02:59Z alucryd $
+# Maintainer: Maxime Gauduin <alucryd@archlinux.org>
+# Contributor: Alexander 'gridcol' Griesbaum <agrsbm@gmail.com>
+# Contributor: Ravenman <correo.cuervo@gmail.com>
+# Contributor: Anton Bazhenov <anton.bazhenov@gmail>
+# Contributor: Angel 'angvp' Velasquez <angvp@archlinux.com.ve>
+
+pkgname=mantisbt
+pkgver=1.3.0
+pkgrel=2
+pkgdesc='Web-based issue tracking system'
+arch=('any')
+url='http://www.mantisbt.org/'
+license=('GPL')
+depends=('php')
+optdepends=('apache: Web server to run MantisBT'
+ 'curl: Twitter integration'
+ 'gd: Graphs support'
+ 'lighttpd: Web server to run MantisBT'
+ 'mariadb: SQL database'
+ 'nginx: Web server to run MantisBT'
+ 'php-pgsql: PostgreSQL database')
+backup=('etc/webapps/mantisbt/config_inc.php')
+install='mantisbt.install'
+source=("http://downloads.sourceforge.net/mantisbt/mantisbt-${pkgver}.tar.gz")
+sha256sums=('a223107ba9cf1a6a555031f662e81a297133ee9d88896704c689cea15506e2cc')
+
+package() {
+ install -dm 755 "${pkgdir}"/{etc/webapps/mantisbt,usr/share/webapps}
+ cp -dr --no-preserve='ownership' mantisbt-${pkgver} "${pkgdir}"/usr/share/webapps/mantisbt
+
+ ln -s /etc/webapps/mantisbt/config_inc.php "${pkgdir}"/usr/share/webapps/mantisbt/config_inc.php
+ cp "${pkgdir}"/usr/share/webapps/mantisbt/config/config_inc.php.sample "${pkgdir}"/etc/webapps/mantisbt/config_inc.php
+
+ find "${pkgdir}" -type d -exec chmod 755 {} +
+ find "${pkgdir}" -type f -exec chmod 644 {} +
+ chown http:http -R "${pkgdir}"/usr/share/webapps/mantisbt
+}
+
+# vim: ts=2 sw=2 et:
diff --git a/mantisbt.install b/mantisbt.install
new file mode 100644
index 00000000000..818f206c13e
--- /dev/null
+++ b/mantisbt.install
@@ -0,0 +1,17 @@
+pre_upgrade() {
+ cd /usr/share/webapps/mantisbt
+
+ cp mantis_offline.php.sample mantis_offline.php
+}
+
+post_upgrade() {
+ cd /usr/share/webapps/mantisbt
+
+ rm mantis_offline.php
+}
+
+post_remove() {
+ rm -rf /usr/share/webapps/mantisbt
+}
+
+# vim: ts=2 sw=2 et: