Package itop: Specfile

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
%define installdir %webserver_webappsdir/%name

Name: itop
Version: 3.1.1.1
Release: alt1

Summary: IT Operations Portal
License: AGPL-3.0
Group: Networking/Other

URL: http://www.combodo.com/-Overview-.html
Packager: Pavel Zilke <zidex at altlinux dot org>
BuildArch: noarch

Source0: %name-%version.tar.gz
Source1: apache2.conf
Source2: README.ALT
Source3: UPGRADE.ALT

Requires: webserver-common php-engine graphviz
BuildRequires(pre): rpm-macros-webserver-common

%description
IT Operations Portal: a complete open source, ITIL, web based service
management tool including a fully customizable CMDB, a helpdesk system
and a document management tool.
iTop also offers mass import tools and web services to integrate with your IT

%package apache2
Summary: Apache 2.x web-server configuration for %name
Group: Networking/Other
Requires: %name = %version-%release, apache2
%description apache2
Apache 2.x web-server configuration for %name

%package php8.1
Summary: PHP8.1 dependencies for %name
Group: Networking/Other
Requires: %name = %version-%release, 
Requires: php8.1-mysqli, php8.1-ldap, php8.1-soap, php8.1-mcrypt, php8.1-xmlreader, php8.1-gd2, php8.1-zip, php8.1-openssl
Requires: php8.1-mbstring, php8.1-fileinfo, php8.1-curl

%description php8.1
PHP8.1 dependencies for %name

%prep
%setup
# %setup -T -D -a 1

%build

%install
# install apache config
install -pD -m0644 %_sourcedir/apache2.conf %buildroot%_sysconfdir/httpd2/conf/sites-available/%name.conf

# install itop
mkdir -p %buildroot%installdir
mkdir -p %buildroot%installdir/conf
mkdir -p %buildroot%installdir/data
mkdir -p %buildroot%installdir/env-production
mkdir -p %buildroot%installdir/env-production-build
mkdir -p %buildroot%installdir/log
cp -rp web/* %buildroot%installdir/
rm -f %buildroot%installdir/setup/phpinfo.php

#install README.ALT and UPGRADE.ALT
install -pD -m0644 %_sourcedir/README.ALT README.ALT
install -pD -m0644 %_sourcedir/UPGRADE.ALT UPGRADE.ALT

# remove files
rm -f %buildroot%installdir/lib/silex/vendor/silex/silex/doc/conf.py
find %buildroot%installdir -name remove.txt -delete
find %buildroot%installdir -name *.sh -delete
find $RPM_BUILD_ROOT \( -name 'Thumbs.db' -o -name 'Thumbs.db.gz' \) -print -delete

%post
echo "If you upgrade from previous version then read /usr/share/doc/%name-%version/UPGRADE.ALT"
echo "Если вы обновляетесь с предыдущей версии, то прочитайте /usr/share/doc/%name-%version/UPGRADE.ALT"

%post apache2
if [ "$1" = "1" ]; then
  a2ensite %name
  %_initdir/httpd2 condreload
fi

%preun apache2
if [ "$1" = "0" ]; then
  a2dissite %name
fi

%postun apache2
if [ "$1" = "0" ]; then
  %_initdir/httpd2 condreload
fi

%files
%dir %installdir
%dir %attr(2770,root,%webserver_group) %installdir/conf
%dir %attr(2770,root,%webserver_group) %installdir/data
%dir %attr(2770,root,%webserver_group) %installdir/env-production
%dir %attr(2770,root,%webserver_group) %installdir/env-production-build
%dir %attr(2770,root,%webserver_group) %installdir/log
%installdir/addons
%installdir/application
%installdir/core
%installdir/css
%installdir/datamodels
%installdir/dictionaries
%installdir/extensions
%installdir/images
%installdir/js
%installdir/lib
%installdir/node_modules
%installdir/pages
%installdir/portal
%installdir/setup
%installdir/sources
%installdir/synchro
%installdir/templates
%installdir/webservices
%installdir/*.php
%installdir/*.xml
%installdir/*.config
%doc LICENSE
%doc README
%doc README.ALT
%doc UPGRADE.ALT


%files apache2
%config(noreplace) %attr(0644,root,root) %_sysconfdir/httpd2/conf/sites-available/%name.conf


%files php8.1

%changelog
* Thu Jan 04 2024 Pavel Zilke <zidex@altlinux.org> 3.1.1.1-alt1
- New version 3.1.1.1
- Security fixes:
 + CVE-2023-48710 : Restrict pages/exec.php to PHP files
 + CVE-2023-48709 : Fix CSV injection in Excel from an iTop CSV export file
 + CVE-2023-46734 : Fix potential XSS vulnerabilities in TWIG CodeExtension filters
 + CVE-2023-47123 : Fix XSS vulnerability in n:n relations "tagset" widget
 + CVE-2023-47622 : Fix XSS vulnerabilities in ajax operations
 + CVE-2023-47626 : Fix XSS vulnerabilities in authent token
 + CVE-2023-44396 : Fix XSS vulnerabilities in dashlet ajax operations
 + CVE-2023-43790 : Fix XSS vulnerabilities in friendlyname in object details
 + CVE-2023-38511 : Fix dashboard allowing to load multiple files and urls
 + CVE-2023-45808 : Fix object creation in non allowed org by forging http query in both Console and Portal

* Fri Aug 11 2023 Pavel Zilke <zidex@altlinux.org> 3.1.0.2-alt1
- New version 3.1.0.2
- Security fixes:
 + CVE-2022-24894 : Prevent storing cookie headers in HttpCache (Symfony framework vulnerability)
 + CVE-2022-31402 : XSS vulnerability via /itop/webservices/export-v2.php
 + CVE-2022-39261 : Twig lib vulnerability
- Added itop-php8.1
- Deleted itop-php8.0

* Thu May 25 2023 Pavel Zilke <zidex@altlinux.org> 3.0.3-alt1
- New version 3.0.3
- Security fixes:
 + CVE-2021-46743 : Firebase PHP-JWT key/algorithm type confusion
 + CVE-2022-31403 : XSS vulnerability via /itop/pages/ajax.render.php
 + CVE-2022-31402 : XSS vulnerability via /itop/webservices/export-v2.php
- Added itop-php8.0
- Deleted itop-php7

* Wed Dec 08 2021 Pavel Zilke <zidex at altlinux dot org> 2.7.5-alt1
- New version 2.7.5
+ Security fixes

* Fri Jan 22 2021 Pavel Zilke <zidex at altlinux dot org> 2.7.3-alt1
- New version 2.7.3
- Regression fixes
- Security fixes in intermediate versions:
+ CVE-2020-4079
+ CVE-2020-16842
+ CVE-2020-15218
+ CVE-2020-15219
+ CVE-2020-15221
+ CVE-2020-15220
+ CVE-2020-12781
+ CVE-2020-12780
+ CVE-2020-12779
+ CVE-2020-12778
+ CVE-2020-12777

* Thu Apr 09 2020 Pavel Zilke <zidex at altlinux dot org> 2.6.3-alt1
- New version 2.6.3
- Security fixes:
+ CVE-2019-19821 : Improper Privilege Management
- Removed Python requirements

* Tue Feb 18 2020 Andrey Bychkov <mrdrew@altlinux.org> 2.6.1-alt2
- py2 -> py3

* Tue Apr 16 2019 Pavel Zilke <zidex at altlinux dot org> 2.6.1-alt1
- New version 2.6.1

* Wed Mar 06 2019 Pavel Zilke <zidex at altlinux dot org> 2.6.0-alt1
- New version 2.6.0
- Added PHP7 support
- Deleted PHP5 support
- Deleted Apache1 support

* Sat Dec 29 2018 Igor Vlasenko <viy@altlinux.ru> 2.1.0-alt2
- NMU: build w/o apache1

* Sat Jan 10 2015 Pavel Zilke <zidex at altlinux dot org> 2.1.0-alt1
- New version 2.1.0

* Wed Dec 18 2013 Pavel Zilke <zidex at altlinux dot org> 2.0.2-alt1
- New version 2.0.2

* Sat Jun 15 2013 Pavel Zilke <zidex at altlinux dot org> 2.0.1-alt1
- Initial build for ALT Linux
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.4.2
Back to top