#2 Latest stable upstream version and security fixes
Cancelled 4 months ago by suve. Opened 5 months ago by pessoft.
https://pagure.io/rpms-dokuwiki.git master  into  master

Latest stable upstream version and security fixes
Peter 'Pessoft' Kolínek • 5 months ago  
dokuwiki-rm-bundled-libs.patch
file modified
+123 -19

@@ -1,23 +1,127 @@

- diff -up dokuwiki-2015-08-10a/inc/load.php.bundled dokuwiki-2015-08-10a/inc/load.php

- --- dokuwiki-2015-08-10a/inc/load.php.bundled	2015-08-23 15:57:26.000000000 +0200

- +++ dokuwiki-2015-08-10a/inc/load.php	2015-09-30 09:41:13.145035176 +0200

- @@ -61,7 +61,7 @@ function load_autoload($name){

-          'cache_renderer'        => DOKU_INC.'inc/cache.php',

-          'Doku_Event'            => DOKU_INC.'inc/events.php',

-          'Doku_Event_Handler'    => DOKU_INC.'inc/events.php',

- -        'EmailAddressValidator' => DOKU_INC.'inc/EmailAddressValidator.php',

- +        'EmailAddressValidator' => '/usr/share/php/php-email-address-validation/EmailAddressValidator.php',

-          'Input'                 => DOKU_INC.'inc/Input.class.php',

-          'JpegMeta'              => DOKU_INC.'inc/JpegMeta.php',

-          'SimplePie'             => DOKU_INC.'inc/SimplePie.php',

- diff -up dokuwiki-2015-08-10a/inc/parserutils.php.bundled dokuwiki-2015-08-10a/inc/parserutils.php

- diff -up dokuwiki-2015-08-10a/vendor/composer/autoload_classmap.php.bundled dokuwiki-2015-08-10a/vendor/composer/autoload_classmap.php

- --- dokuwiki-2015-08-10a/vendor/composer/autoload_classmap.php.bundled	2015-09-30 09:44:08.924683772 +0200

- +++ dokuwiki-2015-08-10a/vendor/composer/autoload_classmap.php	2015-09-30 09:44:53.637848760 +0200

- @@ -6,5 +6,5 @@ $vendorDir = dirname(dirname(__FILE__));

+ diff -ru dokuwiki-2018-04-22a-orig/vendor/composer/autoload_classmap.php dokuwiki-2018-04-22a/vendor/composer/autoload_classmap.php

+ --- dokuwiki-2018-04-22a-orig/vendor/composer/autoload_classmap.php	2018-05-03 08:36:13.000000000 +0200

+ +++ dokuwiki-2018-04-22a/vendor/composer/autoload_classmap.php	2018-06-26 23:50:01.209053219 +0200

+ @@ -14,7 +14,7 @@

+      'FeedImage' => $vendorDir . '/openpsa/universalfeedcreator/lib/Element/FeedImage.php',

+      'FeedItem' => $vendorDir . '/openpsa/universalfeedcreator/lib/Element/FeedItem.php',

+      'GPXCreator' => $vendorDir . '/openpsa/universalfeedcreator/lib/Creator/GPXCreator.php',

+ -    'GeSHi' => $vendorDir . '/geshi/geshi/src/geshi.php',

+ +    'GeSHi' => '/usr/share/php/geshi.php',

+      'HTMLCreator' => $vendorDir . '/openpsa/universalfeedcreator/lib/Creator/HTMLCreator.php',

+      'HtmlDescribable' => $vendorDir . '/openpsa/universalfeedcreator/lib/Element/HtmlDescribable.php',

+      'JSCreator' => $vendorDir . '/openpsa/universalfeedcreator/lib/Creator/JSCreator.php',

+ @@ -27,9 +27,9 @@

+      'RSSCreator10' => $vendorDir . '/openpsa/universalfeedcreator/lib/Creator/RSSCreator10.php',

+      'RSSCreator20' => $vendorDir . '/openpsa/universalfeedcreator/lib/Creator/RSSCreator20.php',

+      'UniversalFeedCreator' => $vendorDir . '/openpsa/universalfeedcreator/lib/UniversalFeedCreator.php',

+ -    'lessc' => $vendorDir . '/marcusschwarz/lesserphp/lessc.inc.php',

+ -    'lessc_formatter_classic' => $vendorDir . '/marcusschwarz/lesserphp/lessc.inc.php',

+ -    'lessc_formatter_compressed' => $vendorDir . '/marcusschwarz/lesserphp/lessc.inc.php',

+ -    'lessc_formatter_lessjs' => $vendorDir . '/marcusschwarz/lesserphp/lessc.inc.php',

+ -    'lessc_parser' => $vendorDir . '/marcusschwarz/lesserphp/lessc.inc.php',

+ +    'lessc' => '/usr/share/php/lessphp/lessc.inc.php',

+ +    'lessc_formatter_classic' => $vendorDir . '/usr/share/php/lessphp/lessc.inc.php',

+ +    'lessc_formatter_compressed' => $vendorDir . '/usr/share/php/lessphp/lessc.inc.php',

+ +    'lessc_formatter_lessjs' => $vendorDir . '/usr/share/php/lessphp/lessc.inc.php',

+ +    'lessc_parser' => $vendorDir . '/usr/share/php/lessphp/lessc.inc.php',

+  );

+ diff -ru dokuwiki-2018-04-22a-orig/vendor/composer/autoload_files.php dokuwiki-2018-04-22a/vendor/composer/autoload_files.php

+ --- dokuwiki-2018-04-22a-orig/vendor/composer/autoload_files.php	2018-05-03 08:36:13.000000000 +0200

+ +++ dokuwiki-2018-04-22a/vendor/composer/autoload_files.php	2018-06-26 23:58:50.445743280 +0200

+ @@ -6,6 +6,6 @@

   $baseDir = dirname($vendorDir);

   

   return array(

- -    'GeSHi' => $vendorDir . '/easybook/geshi/geshi.php',

- +    'GeSHi' => '/usr/share/php/geshi.php',

+ -    '5255c38a0faeba867671b61dfda6d864' => $vendorDir . '/paragonie/random_compat/lib/random.php',

+ -    'decc78cc4436b1292c6c0d151b19445c' => $vendorDir . '/phpseclib/phpseclib/phpseclib/bootstrap.php',

+ +    '5255c38a0faeba867671b61dfda6d864' => '/usr/share/php/random_compat/random.php',

+ +    'decc78cc4436b1292c6c0d151b19445c' => '/usr/share/php/phpseclib/bootstrap.php',

+  );

+ diff -ru dokuwiki-2018-04-22a-orig/vendor/composer/autoload_namespaces.php dokuwiki-2018-04-22a/vendor/composer/autoload_namespaces.php

+ --- dokuwiki-2018-04-22a-orig/vendor/composer/autoload_namespaces.php	2018-05-03 08:36:13.000000000 +0200

+ +++ dokuwiki-2018-04-22a/vendor/composer/autoload_namespaces.php	2018-06-27 00:11:48.020301999 +0200

+ @@ -6,6 +6,6 @@

+  $baseDir = dirname($vendorDir);

+  

+  return array(

+ -    'SimplePie' => array($vendorDir . '/simplepie/simplepie/library'),

+ -    'EmailAddressValidator' => array($vendorDir . '/aziraphale/email-address-validator'),

+ +    'SimplePie' => array('/usr/share/php/php-simplepie'),

+ +    'EmailAddressValidator' => '/usr/share/php/php-email-address-validation',

+  );

+ diff -ru dokuwiki-2018-04-22a-orig/vendor/composer/autoload_psr4.php dokuwiki-2018-04-22a/vendor/composer/autoload_psr4.php

+ --- dokuwiki-2018-04-22a-orig/vendor/composer/autoload_psr4.php	2018-05-03 08:36:13.000000000 +0200

+ +++ dokuwiki-2018-04-22a/vendor/composer/autoload_psr4.php	2018-06-27 00:00:25.312215273 +0200

+ @@ -8,5 +8,5 @@

+  return array(

+      'splitbrain\\phpcli\\' => array($vendorDir . '/splitbrain/php-cli/src'),

+      'splitbrain\\PHPArchive\\' => array($vendorDir . '/splitbrain/php-archive/src'),

+ -    'phpseclib\\' => array($vendorDir . '/phpseclib/phpseclib/phpseclib'),

+ +    'phpseclib\\' => array('/usr/share/php/phpseclib'),

   );

+ diff -ru dokuwiki-2018-04-22a-orig/vendor/composer/autoload_static.php dokuwiki-2018-04-22a/vendor/composer/autoload_static.php

+ --- dokuwiki-2018-04-22a-orig/vendor/composer/autoload_static.php	2018-05-03 08:36:13.000000000 +0200

+ +++ dokuwiki-2018-04-22a/vendor/composer/autoload_static.php	2018-06-27 00:06:04.685749681 +0200

+ @@ -7,8 +7,8 @@

+  class ComposerStaticInita19a915ee98347a0c787119619d2ff9b

+  {

+      public static $files = array (

+ -        '5255c38a0faeba867671b61dfda6d864' => __DIR__ . '/..' . '/paragonie/random_compat/lib/random.php',

+ -        'decc78cc4436b1292c6c0d151b19445c' => __DIR__ . '/..' . '/phpseclib/phpseclib/phpseclib/bootstrap.php',

+ +        '5255c38a0faeba867671b61dfda6d864' => '/usr/share/php/random_compat/random.php',

+ +        'decc78cc4436b1292c6c0d151b19445c' => '/usr/share/php/phpseclib/bootstrap.php',

+      );

+  

+      public static $prefixLengthsPsr4 = array (

+ @@ -34,7 +34,7 @@

+          ),

+          'phpseclib\\' => 

+          array (

+ -            0 => __DIR__ . '/..' . '/phpseclib/phpseclib/phpseclib',

+ +            0 => '/usr/share/php/phpseclib',

+          ),

+      );

+  

+ @@ -43,14 +43,14 @@

+          array (

+              'SimplePie' => 

+              array (

+ -                0 => __DIR__ . '/..' . '/simplepie/simplepie/library',

+ +                0 => '/usr/share/php/php-simplepie',

+              ),

+          ),

+          'E' => 

+          array (

+              'EmailAddressValidator' => 

+              array (

+ -                0 => __DIR__ . '/..' . '/aziraphale/email-address-validator',

+ +                0 => '/usr/share/php/php-email-address-validation',

+              ),

+          ),

+      );

+ @@ -64,7 +64,7 @@

+          'FeedImage' => __DIR__ . '/..' . '/openpsa/universalfeedcreator/lib/Element/FeedImage.php',

+          'FeedItem' => __DIR__ . '/..' . '/openpsa/universalfeedcreator/lib/Element/FeedItem.php',

+          'GPXCreator' => __DIR__ . '/..' . '/openpsa/universalfeedcreator/lib/Creator/GPXCreator.php',

+ -        'GeSHi' => __DIR__ . '/..' . '/geshi/geshi/src/geshi.php',

+ +        'GeSHi' => '/usr/share/php/geshi.php',

+          'HTMLCreator' => __DIR__ . '/..' . '/openpsa/universalfeedcreator/lib/Creator/HTMLCreator.php',

+          'HtmlDescribable' => __DIR__ . '/..' . '/openpsa/universalfeedcreator/lib/Element/HtmlDescribable.php',

+          'JSCreator' => __DIR__ . '/..' . '/openpsa/universalfeedcreator/lib/Creator/JSCreator.php',

+ @@ -77,11 +77,11 @@

+          'RSSCreator10' => __DIR__ . '/..' . '/openpsa/universalfeedcreator/lib/Creator/RSSCreator10.php',

+          'RSSCreator20' => __DIR__ . '/..' . '/openpsa/universalfeedcreator/lib/Creator/RSSCreator20.php',

+          'UniversalFeedCreator' => __DIR__ . '/..' . '/openpsa/universalfeedcreator/lib/UniversalFeedCreator.php',

+ -        'lessc' => __DIR__ . '/..' . '/marcusschwarz/lesserphp/lessc.inc.php',

+ -        'lessc_formatter_classic' => __DIR__ . '/..' . '/marcusschwarz/lesserphp/lessc.inc.php',

+ -        'lessc_formatter_compressed' => __DIR__ . '/..' . '/marcusschwarz/lesserphp/lessc.inc.php',

+ -        'lessc_formatter_lessjs' => __DIR__ . '/..' . '/marcusschwarz/lesserphp/lessc.inc.php',

+ -        'lessc_parser' => __DIR__ . '/..' . '/marcusschwarz/lesserphp/lessc.inc.php',

+ +        'lessc' => '/usr/share/php/lessphp/lessc.inc.php',

+ +        'lessc_formatter_classic' => '/usr/share/php/lessphp/lessc.inc.php',

+ +        'lessc_formatter_compressed' => '/usr/share/php/lessphp/lessc.inc.php',

+ +        'lessc_formatter_lessjs' => '/usr/share/php/lessphp/lessc.inc.php',

+ +        'lessc_parser' => '/usr/share/php/lessphp/lessc.inc.php',

+      );

+  

+      public static function getInitializer(ClassLoader $loader)

dokuwiki.spec
file modified
+46 -34

@@ -1,36 +1,40 @@

- %global		releasenum 2015-08-10a

- %global		releasetag 20150810a

+ %global		releasenum 2018-04-22a

+ %global		releasetag 20180422a

  

  Name:		dokuwiki

  Version:	0

- Release:	0.32.%{releasetag}%{?dist}

+ Release:	0.33.%{releasetag}%{?dist}

  Summary:	Standards compliant simple to use wiki

  Group:		Applications/Internet

  License:	GPLv2

- URL:		http://www.dokuwiki.org/dokuwiki

- Source0:	http://download.dokuwiki.org/src/%{name}/%{name}-%{releasenum}.tgz

+ URL:		https://www.dokuwiki.org/dokuwiki

+ Source0:	https://download.dokuwiki.org/src/%{name}/%{name}-%{releasenum}.tgz

  #Fedora specific patches to use fedora packaged libraries

  Patch1:		dokuwiki-rm-bundled-libs.patch

  BuildArch:	noarch

  Requires:	php-gd

+ Requires:	php-xml

+ Requires:	php-json

  Requires:	php-geshi

- #Requires:	php-simplepie

+ Requires:	php-simplepie

  Requires:	php-email-address-validation

- Requires:	php-xml

+ Requires:	php-lessphp

+ Requires:	php-paragonie-random-compat

+ Requires:	php-phpseclib

  

  %description

- DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating 

- documentation of any kind. It has a simple but powerful syntax which makes sure 

- the datafiles remain readable outside the Wiki and eases the creation of 

- structured texts. 

+ DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creating

+ documentation of any kind. It has a simple but powerful syntax which makes sure

+ the data-files remain readable outside the Wiki and eases the creation of

+ structured texts.

  

- All data is stored in plain text files no database is required. 

+ All data is stored in plain text files no database is required.

  

  %package selinux

  Summary:	SElinux support for dokuwiki

  Requires:	%name = %version-%release

  Requires:	policycoreutils

- %if 0%{?rhel} > 5 || 0%{?fedora} 

+ %if 0%{?rhel} > 5 || 0%{?fedora}

  Requires:	python2-policycoreutils

  %endif

  Group:		Applications/Internet

@@ -43,23 +47,27 @@

  %setup -q -n %{name}-%{releasenum}

  

  # Remove bundled code

- rm inc/EmailAddressValidator.php

- rm -r vendor/easybook/geshi

+ #  email-address-validator

+ rm -r vendor/aziraphale

+ #  geshi

+ rm -r vendor/geshi

+ #  lesserphp

+ rm -r vendor/marcusschwarz

+ #  random_compat

+ rm -r vendor/paragonie

+ #  phpseclib

+ rm -r vendor/phpseclib

+ #  simplepie

+ rm -r vendor/simplepie

  

  %patch1 -p1 -b .bundled

  

- chmod a-x inc/lang/az/*.{txt,html}

- 

  mv -f conf/mysql.conf.php.example .

  

  sed -i "s:'./data':'%{_localstatedir}/lib/%{name}/data':" conf/%{name}.php

  sed -i "s:ALL        8:ALL        1:" conf/acl.auth.php.dist

  

  cat <<EOF >%{name}.httpd

- # %{name}

- # %{summary}

- # %{version}

- #

  

  Alias /%{name} %{_datadir}/%{name}

  

@@ -76,23 +84,22 @@

  	</IfModule>

  </Directory>

  

- <Directory %{_datadir}/%{name}/inc>

+ <Directory %{_datadir}/%{name}/bin>

  	Order Deny,Allow

  	Deny from all

  </Directory>

  

- <Directory %{_datadir}/%{name}/inc/lang>

+ <Directory %{_datadir}/%{name}/conf>

  	Order Deny,Allow

  	Deny from all

  </Directory>

  

- <Directory %{_datadir}/%{name}/lib/_fla>

- 	## no access to the fla directory

- 	Order allow,deny

+ <Directory %{_datadir}/%{name}/inc>

+ 	Order Deny,Allow

  	Deny from all

  </Directory>

  

- <Directory %{_sysconfdir}/%{name}>

+ <Directory %{_datadir}/%{name}/vendor>

  	Order Deny,Allow

  	Deny from all

  </Directory>

@@ -112,7 +119,6 @@

  # nothing to do here

  

  %install

- rm -rf $RPM_BUILD_ROOT

  install -d -p $RPM_BUILD_ROOT%{_sysconfdir}/%{name}

  install -d -p $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d

  install -d -p $RPM_BUILD_ROOT%{_datadir}/%{name}

@@ -120,17 +126,15 @@

  install -d -p $RPM_BUILD_ROOT%{_localstatedir}/lib/%{name}

  mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/%{name}/data/{index,tmp,media,attic,pages,cache,meta,locks,media_attic,media_meta}

  rm -f install.php

- rm -rf inc/geshi*

- rm -f inc/EmailAddressValidator.php

  rm -f inc/.htaccess

  rm -f inc/lang/.htaccess

- rm -f lib/_fla/{.htaccess,README}

- rm -f lib/plugins/revert/lang/sk/intro.txt

+ rm -f vendor/.htaccess

  cp -rp data/pages/* $RPM_BUILD_ROOT%{_localstatedir}/lib/%{name}/data/pages/

  cp -rp conf/* $RPM_BUILD_ROOT%{_sysconfdir}/%{name}

  cp -rp bin/*  $RPM_BUILD_ROOT%{_datadir}/%{name}/bin

  cp -rp lib  $RPM_BUILD_ROOT%{_datadir}/%{name}/

  cp -rp inc  $RPM_BUILD_ROOT%{_datadir}/%{name}/

+ cp -rp vendor  $RPM_BUILD_ROOT%{_datadir}/%{name}/

  install -p -m0644 *.php $RPM_BUILD_ROOT%{_datadir}/%{name}

  install -p -m0644 %{name}.httpd $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/%{name}.conf

  

@@ -178,10 +182,10 @@

  %{_datadir}/%{name}/lib/scripts

  %{_datadir}/%{name}/lib/styles

  %{_datadir}/%{name}/lib/tpl

- #%{_datadir}/%{name}/lib/_fla

  %attr(0755,apache,apache) %dir %{_datadir}/%{name}/lib/plugins

  %{_datadir}/%{name}/lib/plugins/*

  %{_datadir}/%{name}/inc

+ %{_datadir}/%{name}/vendor

  %dir %{_localstatedir}/lib/%{name}

  %attr(0755,apache,apache) %dir %{_localstatedir}/lib/%{name}/data

  %attr(0755,apache,apache) %dir %{_localstatedir}/lib/%{name}/data/media

@@ -201,6 +205,14 @@

  %doc DOKUWIKI-SELINUX.README

  

  %changelog

+ 

+ * Fri Jul 13 2018 Peter 'Pessoft' Kolínek <fedora@pessoft.com> - 0-0.33.20180422a

+ - Update to the latest stable upstream 2018-04-22a "Greebo" (#1390291: CVE-2016-7964, CVE-2016-7965, CVE-2017-12583, CVE-2017-12979, CVE-2017-12980, CVE-2017-18123)

+ - Fix missing vendor directory issue (#1372948)

+ - Fix Apache config file for access to conf and bin

+ - Replace more bundled code in vendor directory with Fedora packages (lesserphp, random_compat, phpseclib, simplepie)

+ - Fix source to HTTPS

+ 

  * Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0-0.32.20150810a

  - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

  

@@ -268,7 +280,7 @@

  * Thu Aug 02 2012 Andrew Colin Kissa <andrew@topdog.za.net> - 0-0.13.20120125.b

  - Latest upstream

  - Fix Bugzilla bugs #844726, #840255, #795487, #741384, #840686, #835145

-  

+ 

  * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0-0.12.20110525.a

  - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

  

sources
file modified
+1 -1

@@ -1,1 +1,1 @@

- a4b8ae00ce94e42d4ef52dd8f4ad30fe  dokuwiki-2015-08-10a.tgz

+ SHA512(dokuwiki-2018-04-22a.tgz) = bf1dd7411abadedb395c9e12c7a9f5586fe078e59556b1ce66a5351c06f338406eca944d7589f40d8a9eb098da6ed0edc256f83ec8b19f6335415e2fe6c31284

no initial comment

Addressed issues are in all current Fedora releases ( at least since F24 ).
There is also repo with applied changes ready for testing: https://copr.fedorainfracloud.org/coprs/pessoft/dokuwiki/

rebased onto d6f5edb

5 months ago

rebased onto c43a098

5 months ago

rebased onto 61d76d4

5 months ago

Merged with changes.

Pull-Request has been closed by suve

4 months ago