rpms/awstats/FC-5 .cvsignore, 1.5, 1.6 awstats.spec, 1.11, 1.12 sources, 1.8, 1.9
Aurelien Bompard (abompard)
fedora-extras-commits at redhat.com
Sun May 7 08:17:09 UTC 2006
- Previous message (by thread): rpms/awstats/FC-4 .cvsignore, 1.5, 1.6 awstats.spec, 1.9, 1.10 sources, 1.8, 1.9
- Next message (by thread): rpms/awstats/devel .cvsignore, 1.5, 1.6 awstats.spec, 1.12, 1.13 sources, 1.8, 1.9
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: abompard
Update of /cvs/extras/rpms/awstats/FC-5
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6630/FC-5
Modified Files:
.cvsignore awstats.spec sources
Log Message:
version 6.6 (beta), fixes CVE-2005-2732 (bug 190921, 190922, and 190923)
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/awstats/FC-5/.cvsignore,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- .cvsignore 22 Aug 2005 10:18:17 -0000 1.5
+++ .cvsignore 7 May 2006 08:17:09 -0000 1.6
@@ -1 +1 @@
-awstats-6.5.tar.gz
+awstats-6.6.tar.gz
Index: awstats.spec
===================================================================
RCS file: /cvs/extras/rpms/awstats/FC-5/awstats.spec,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- awstats.spec 9 Apr 2006 15:30:30 -0000 1.11
+++ awstats.spec 7 May 2006 08:17:09 -0000 1.12
@@ -1,19 +1,19 @@
Name: awstats
-Version: 6.5
-Release: 3%{?dist}
+Version: 6.6
+Release: 0.1.beta%{?dist}
Summary: Advanced Web Statistics
License: GPL
Group: Applications/Internet
URL: http://awstats.sourceforge.net
-Source0: http://dl.sf.net/awstats/awstats-6.5.tar.gz
-#Source0: http://awstats.sourceforge.net/files/awstats-6.5.tar.gz
+#Source0: http://dl.sf.net/awstats/awstats-6.6.tar.gz
+Source0: http://awstats.sourceforge.net/files/awstats-6.6.tar.gz
+Source1: awstats.README.SELinux
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: httpd
Requires: perl
-Requires(post): perl
-Requires(postun): /sbin/service
-Requires(pre): policycoreutils
+Requires(post): perl, policycoreutils
+Requires(postun): /sbin/service, policycoreutils
%description
Advanced Web Statistics is a powerful and featureful tool that generates
@@ -31,18 +31,19 @@
With the default configuration, the statistics are available:
http://localhost/awstats/awstats.pl
+
%prep
%setup -q
-
# Fix style sheets.
perl -pi -e 's,/icon,/awstatsicons,g' wwwroot/css/*
-
# Fix some bad file permissions here for convenience.
chmod -x tools/httpd_conf
find tools/xslt -type f | xargs chmod -x
-
# Remove \r in conf file (file written on MS Windows)
perl -pi -e 's/\r//g' tools/httpd_conf
+# SELinux README
+cp -a %{SOURCE1} README.SELinux
+
%install
rm -rf $RPM_BUILD_ROOT
@@ -80,7 +81,7 @@
### Commit permanent changes to default configuration
install -p -m 644 wwwroot/cgi-bin/awstats.model.conf \
$RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.model.conf
-%{__perl} -pi -e '
+perl -pi -e '
s|^LogFile=.*$|LogFile="%{_localstatedir}/log/httpd/access_log"|;
s|^DirData=.*$|DirData="%{_localstatedir}/lib/awstats"|;
s|^DirCgi=.*$|DirCgi="/awstats"|;
@@ -91,16 +92,17 @@
s|^SaveDatabaseFilesWithPermissionsForEveryone=.*$|SaveDatabaseFilesWithPermissionsForEveryone=0|;
s|^SkipHosts=.*$|SkipHosts="127.0.0.1"|;
s|^Expires=.*$|Expires=3600|;
- ' $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.model.conf
+ ' $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.model.conf
install -p -m 644 $RPM_BUILD_ROOT/%{_sysconfdir}/%{name}/%{name}.{model,localhost.localdomain}.conf
# Fix scripts
-%{__perl} -pi -e 's|/usr/local/awstats|%{_datadir}/awstats|g' \
+perl -pi -e 's|/usr/local/awstats|%{_datadir}/awstats|g' \
$RPM_BUILD_ROOT%{_datadir}/%{name}/tools/{*.pl,httpd_conf}
# Apache configuration
install -p -m 644 tools/httpd_conf $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf
-%{__perl} -pi -e 's|/usr/local|%{_datadir}|g' $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf
+perl -pi -e 's|/usr/local|%{_datadir}|g;s|Allow from all|Allow from 127.0.0.1|g' \
+ $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf.d/%{name}.conf
echo "# Additional Perl modules
<IfModule mod_env.c>
SetEnv PERL5LIB %{_datadir}/awstats/lib:%{_datadir}/awstats/plugins
@@ -114,13 +116,6 @@
rm -rf $RPM_BUILD_ROOT
-%pre
-# Set SELinux types
-semanage fcontext -a -t httpd_sys_script_exec_t \
- '/usr/share/awstats/wwwroot/cgi-bin(/.*)?' 2>/dev/null || :
-semanage fcontext -a -t httpd_sys_script_rw_t '/var/lib/awstats(/.*)?' 2>/dev/null || :
-
-
%post
if [ $1 -eq 1 ]; then
if [ ! -f %{_sysconfdir}/%{name}/%{name}.`hostname`.conf ]; then
@@ -130,18 +125,29 @@
' > %{_sysconfdir}/%{name}/%{name}.`hostname`.conf || :
fi
fi
+### SELinux support ###
+# Set SELinux file_context
+semanage fcontext -a -t httpd_sys_script_exec_t \
+ '%{_datadir}/awstats/wwwroot/cgi-bin(/.*)?' 2>/dev/null || :
+semanage fcontext -a -t httpd_sys_script_rw_t '%{_localstatedir}/lib/awstats(/.*)?' 2>/dev/null || :
+# Actually change the context
+chcon -R -t httpd_sys_script_exec_t %{_datadir}/awstats/wwwroot/cgi-bin || :
+chcon -R -t httpd_sys_script_rw_t %{_localstatedir}/lib/awstats || :
%postun
if [ $1 -ne 0 ]; then
/sbin/service httpd condrestart >/dev/null 2>&1
fi
+# SELinux support
if [ $1 -eq 0 ]; then
semanage fcontext -d -t httpd_sys_script_exec_t \
- '/usr/share/awstats/wwwroot/cgi-bin(/.*)?' 2>/dev/null || :
+ '%{_datadir}/awstats/wwwroot/cgi-bin(/.*)?' 2>/dev/null || :
+ semanage fcontext -d -t httpd_sys_script_rw_t '%{_localstatedir}/lib/awstats(/.*)?' 2>/dev/null || :
fi
+
%files
%defattr(-,root,root,755)
# Apache configuration file
@@ -155,7 +161,7 @@
%{_datadir}/%{name}/wwwroot/cgi-bin
# Different defattr to fix lots of files which should not be +x.
%defattr(644,root,root,755)
-%doc README.TXT docs/*
+%doc README.TXT docs/* README.SELinux
%{_datadir}/%{name}/lang
%{_datadir}/%{name}/lib
%{_datadir}/%{name}/plugins
@@ -164,9 +170,15 @@
%{_datadir}/%{name}/wwwroot/icon
%{_datadir}/%{name}/wwwroot/js
+
+
%changelog
+* Sun May 07 2006 Aurelien Bompard <gauret[AT]free.fr> 6.6-0.1.beta
+- version 6.6 (beta), fixes CVE-2005-2732 (bug 190921, 190922, and 190923)
+
* Sun Apr 09 2006 Aurelien Bompard <gauret[AT]free.fr> 6.5-3
- SELinux support: use semanage to label the cgi and the database files
+- Only allow access from localhost by default (this app has a security history)
* Thu Feb 23 2006 Aurelien Bompard <gauret[AT]free.fr> 6.5-2
- rebuild for FC5
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/awstats/FC-5/sources,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- sources 11 Jan 2006 15:07:29 -0000 1.8
+++ sources 7 May 2006 08:17:09 -0000 1.9
@@ -1 +1 @@
-aef00b2ff5c5413bd2a868299cabd69a awstats-6.5.tar.gz
+c9b65c5a58011fdb4ec611feec17eee4 awstats-6.6.tar.gz
- Previous message (by thread): rpms/awstats/FC-4 .cvsignore, 1.5, 1.6 awstats.spec, 1.9, 1.10 sources, 1.8, 1.9
- Next message (by thread): rpms/awstats/devel .cvsignore, 1.5, 1.6 awstats.spec, 1.12, 1.13 sources, 1.8, 1.9
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list