[arch-commits] Commit in mantisbt/repos/community-any (8 files)

Maxime Gauduin alucryd at archlinux.org
Wed Nov 12 15:02:39 UTC 2014


    Date: Wednesday, November 12, 2014 @ 16:02:39
  Author: alucryd
Revision: 122443

archrelease: copy trunk to community-any

Added:
  mantisbt/repos/community-any/CVE-2014-7146.patch
    (from rev 122442, mantisbt/trunk/CVE-2014-7146.patch)
  mantisbt/repos/community-any/CVE-2014-8554.patch
    (from rev 122442, mantisbt/trunk/CVE-2014-8554.patch)
  mantisbt/repos/community-any/CVE-2014-8598.patch
    (from rev 122442, mantisbt/trunk/CVE-2014-8598.patch)
  mantisbt/repos/community-any/PKGBUILD
    (from rev 122442, mantisbt/trunk/PKGBUILD)
  mantisbt/repos/community-any/mantisbt.install
    (from rev 122442, mantisbt/trunk/mantisbt.install)
Deleted:
  mantisbt/repos/community-any/CVE-2014-8554.patch
  mantisbt/repos/community-any/PKGBUILD
  mantisbt/repos/community-any/mantisbt.install

---------------------+
 CVE-2014-7146.patch |   65 ++++++++++++++++
 CVE-2014-8554.patch |   70 ++++++++---------
 CVE-2014-8598.patch |  203 ++++++++++++++++++++++++++++++++++++++++++++++++++
 PKGBUILD            |  106 +++++++++++++-------------
 mantisbt.install    |   34 ++++----
 5 files changed, 376 insertions(+), 102 deletions(-)

Copied: mantisbt/repos/community-any/CVE-2014-7146.patch (from rev 122442, mantisbt/trunk/CVE-2014-7146.patch)
===================================================================
--- CVE-2014-7146.patch	                        (rev 0)
+++ CVE-2014-7146.patch	2014-11-12 15:02:39 UTC (rev 122443)
@@ -0,0 +1,65 @@
+From bed19db954359043515300c995ebc40ebb97265a Mon Sep 17 00:00:00 2001
+From: Damien Regad <dregad at mantisbt.org>
+Date: Sat, 1 Nov 2014 19:45:47 +0100
+Subject: [PATCH] XML Import: Fix php code injection vulnerability
+
+Egidio Romano discovered a vulnerability in the XML import plugin.
+
+User input passed through the "description" field (and the "issuelink"
+attribute) of the uploaded XML file isn't properly sanitized before
+being used in a call to the preg_replace() function which uses the 'e'
+modifier. This can be exploited to inject and execute arbitrary PHP code
+when the Import/Export plugin is installed.
+
+This fix is a partial backport from a master branch commit which has
+been confirmed as addressing the issue (84017535f8718685d755d58af7a39d80f52ffca8)
+excluding changes not relevant to fixing the security issue, including
+subsequent fixes (aea1a348043979e75a6cc021e4a0a7f8d3bb7211,
+4350b4d4f0ee4fba423edcae1cd2117dc1e2d63b).
+
+Fixes #17725 (CVE-2014-7146)
+---
+ plugins/XmlImportExport/ImportXml.php | 29 ++++++++++++++++++++---------
+ 1 file changed, 20 insertions(+), 9 deletions(-)
+
+diff --git a/plugins/XmlImportExport/ImportXml.php b/plugins/XmlImportExport/ImportXml.php
+index 590f898..09ccc8d 100644
+--- a/plugins/XmlImportExport/ImportXml.php
++++ b/plugins/XmlImportExport/ImportXml.php
+@@ -102,16 +102,27 @@ public function import( ) {
+ 
+ 		echo " Done\n";
+ 
+-		$importedIssues = $this->itemsMap_->getall( 'issue' );
+-		printf( "Processing cross-references for %s issues...", count( $importedIssues ) );
+-		foreach( $importedIssues as $oldId => $newId ) {
+-			$bugData = bug_get( $newId, true );
+-
+-			$bugLinkRegexp = '/(^|[^\w])(' . preg_quote( $this->source_->issuelink, '/' ) . ')(\d+)\b/e';
+-			$replacement = '"\\1" . $this->getReplacementString( "\\2", "\\3" )';
++		# replace bug references
++		$t_imported_issues = $this->itemsMap_->getall( 'issue' );
++		printf( 'Processing cross-references for %s issues...', count( $t_imported_issues ) );
++		foreach( $t_imported_issues as $t_old_id => $t_new_id ) {
++			$t_bug = bug_get( $t_new_id, true );
++			$t_content_replaced = false;
++			$t_bug_link_regexp = '/(^|[^\w])(' . preg_quote( $this->source_->issuelink, '/' ) . ')(\d+)\b/';
++
++			# replace links in description
++			preg_match_all( $t_bug_link_regexp, $t_bug->description, $t_matches );
++			if( is_array( $t_matches[3] ) && count( $t_matches[3] ) > 0 ) {
++				$t_content_replaced = true;
++				foreach ( $t_matches[3] as $t_old_id2 ) {
++					$t_bug->description = str_replace( $this->source_->issuelink . $t_old_id2, $this->getReplacementString( $this->source_->issuelink, $t_old_id2 ), $t_bug->description );
++				}
++			}
+ 
+-			$bugData->description = preg_replace( $bugLinkRegexp, $replacement, $bugData->description );
+-			$bugData->update( true, true );
++			if( $t_content_replaced ) {
++				# only update bug if necessary (otherwise last update date would be unnecessarily overwritten)
++				$t_bug->update( true );
++			}
+ 		}
+ 		echo " Done\n";
+ 	}

Deleted: CVE-2014-8554.patch
===================================================================
--- CVE-2014-8554.patch	2014-11-12 14:58:00 UTC (rev 122442)
+++ CVE-2014-8554.patch	2014-11-12 15:02:39 UTC (rev 122443)
@@ -1,35 +0,0 @@
-From 99ffb0afaff3409d0eaec78ac963214da0d2a079 Mon Sep 17 00:00:00 2001
-From: Damien Regad <dregad at mantisbt.org>
-Date: Thu, 30 Oct 2014 15:31:36 +0100
-Subject: [PATCH] SQL injection in mc_project_get_attachments()
-
-This is a follow-up on CVE-2014-1609 / issue #16880.
-
-Edwin Gozeling and Wim Visser from ITsec Security Services BV
-(http://www.itsec.nl) discovered that the fix in #16880 did not fully
-address the problem. Their research demonstrate that using a specially
-crafted project id parameter, an attacker could still perform an SQL
-injection.
-
-The same issue was also reported by Paul Richards in issue #17823.
-
-This patch fixes the problem by typecasting the Project ID parameter
-to Integer.
-
-Fixes #17812, CVE-2014-8554
----
- api/soap/mc_project_api.php | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/api/soap/mc_project_api.php b/api/soap/mc_project_api.php
-index 8e6aae9..fe57b7b 100644
---- a/api/soap/mc_project_api.php
-+++ b/api/soap/mc_project_api.php
-@@ -655,6 +655,7 @@ function mc_project_get_attachments( $p_username, $p_password, $p_project_id ) {
- 		return mci_soap_fault_login_failed();
- 	}
- 
-+	$p_project_id = (int)$p_project_id;
- 	$g_project_override = $p_project_id;
- 
- 	# Check if project documentation feature is enabled.

Copied: mantisbt/repos/community-any/CVE-2014-8554.patch (from rev 122442, mantisbt/trunk/CVE-2014-8554.patch)
===================================================================
--- CVE-2014-8554.patch	                        (rev 0)
+++ CVE-2014-8554.patch	2014-11-12 15:02:39 UTC (rev 122443)
@@ -0,0 +1,35 @@
+From 99ffb0afaff3409d0eaec78ac963214da0d2a079 Mon Sep 17 00:00:00 2001
+From: Damien Regad <dregad at mantisbt.org>
+Date: Thu, 30 Oct 2014 15:31:36 +0100
+Subject: [PATCH] SQL injection in mc_project_get_attachments()
+
+This is a follow-up on CVE-2014-1609 / issue #16880.
+
+Edwin Gozeling and Wim Visser from ITsec Security Services BV
+(http://www.itsec.nl) discovered that the fix in #16880 did not fully
+address the problem. Their research demonstrate that using a specially
+crafted project id parameter, an attacker could still perform an SQL
+injection.
+
+The same issue was also reported by Paul Richards in issue #17823.
+
+This patch fixes the problem by typecasting the Project ID parameter
+to Integer.
+
+Fixes #17812, CVE-2014-8554
+---
+ api/soap/mc_project_api.php | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/api/soap/mc_project_api.php b/api/soap/mc_project_api.php
+index 8e6aae9..fe57b7b 100644
+--- a/api/soap/mc_project_api.php
++++ b/api/soap/mc_project_api.php
+@@ -655,6 +655,7 @@ function mc_project_get_attachments( $p_username, $p_password, $p_project_id ) {
+ 		return mci_soap_fault_login_failed();
+ 	}
+ 
++	$p_project_id = (int)$p_project_id;
+ 	$g_project_override = $p_project_id;
+ 
+ 	# Check if project documentation feature is enabled.

Copied: mantisbt/repos/community-any/CVE-2014-8598.patch (from rev 122442, mantisbt/trunk/CVE-2014-8598.patch)
===================================================================
--- CVE-2014-8598.patch	                        (rev 0)
+++ CVE-2014-8598.patch	2014-11-12 15:02:39 UTC (rev 122443)
@@ -0,0 +1,203 @@
+From 80a15487cda89afb00ce866da8e24d76808dcdb4 Mon Sep 17 00:00:00 2001
+From: Damien Regad <dregad at mantisbt.org>
+Date: Fri, 17 Oct 2014 17:21:25 +0200
+Subject: [PATCH] XML plugin: Add config page with access thresholds
+
+Prior to this, any user of a MantisBT instance with the XML
+Import/Export plugin enabled and knowing the URL to the plugin's import
+page could upload an XML file and insert data without restriction,
+regardless of their access level.
+
+This vulnerability is particularly dangerous when used in combination
+with the one described in issue #17725 (CVE-2014-7146) as it makes for a
+very simple and easily accessible vector for PHP code injection attacks.
+
+There was also no access check when exporting data, which could allow an
+attacker to gain access to confidential information (disclosure of all
+bug-related data, including usernames).
+
+Fixes #17780 (CVE-2014-8598)
+---
+ plugins/XmlImportExport/XmlImportExport.php      | 16 +++++++-
+ plugins/XmlImportExport/lang/strings_english.txt |  7 ++++
+ plugins/XmlImportExport/pages/config.php         | 27 +++++++++++++
+ plugins/XmlImportExport/pages/config_page.php    | 48 ++++++++++++++++++++++++
+ plugins/XmlImportExport/pages/export.php         |  2 +
+ plugins/XmlImportExport/pages/import.php         |  2 +
+ 6 files changed, 101 insertions(+), 1 deletion(-)
+ create mode 100644 plugins/XmlImportExport/pages/config.php
+ create mode 100644 plugins/XmlImportExport/pages/config_page.php
+
+diff --git a/plugins/XmlImportExport/XmlImportExport.php b/plugins/XmlImportExport/XmlImportExport.php
+index 63e254e..20ea3c2 100644
+--- a/plugins/XmlImportExport/XmlImportExport.php
++++ b/plugins/XmlImportExport/XmlImportExport.php
+@@ -39,7 +39,7 @@ class XmlImportExportPlugin extends MantisPlugin {
+ 	function register( ) {
+ 		$this->name = plugin_lang_get( 'title' );
+ 		$this->description = plugin_lang_get( 'description' );
+-		$this->page = '';
++		$this->page = "config_page";
+ 
+ 		$this->version = '1.0';
+ 		$this->requires = array(
+@@ -54,6 +54,17 @@ function register( ) {
+ 	/**
+ 	 * Default plugin configuration.
+ 	 */
++	public function config() {
++		return array(
++			"import_threshold" => ADMINISTRATOR,
++			"export_threshold" => DEVELOPER,
++		);
++	}
++
++	/**
++	 * Plugin hooks
++	 * @return array
++	 */
+ 	function hooks( ) {
+ 		$hooks = array(
+ 			'EVENT_MENU_MANAGE' => 'import_issues_menu',
+@@ -67,6 +78,9 @@ function import_issues_menu( ) {
+ 	}
+ 
+ 	function export_issues_menu( ) {
++		if( !access_has_project_level( plugin_config_get( 'export_threshold' ) ) ) {
++			return array();
++		}
+ 		return array( '<a href="' . plugin_page( 'export' ) . '">' . plugin_lang_get( 'export' ) . '</a>', );
+ 	}
+ 
+diff --git a/plugins/XmlImportExport/lang/strings_english.txt b/plugins/XmlImportExport/lang/strings_english.txt
+index 775ad76..e595228 100644
+--- a/plugins/XmlImportExport/lang/strings_english.txt
++++ b/plugins/XmlImportExport/lang/strings_english.txt
+@@ -35,7 +35,14 @@ $s_plugin_XmlImportExport_description = 'Adds XML based import and export capabi
+ $s_plugin_XmlImportExport_import = 'Import issues';
+ $s_plugin_XmlImportExport_export = 'XML Export';
+ 
++$s_plugin_XmlImportExport_config_title = 'XML Import/Export Access Levels Configuration';
++$s_plugin_XmlImportExport_import_threshold = 'Import issues';
++$s_plugin_XmlImportExport_export_threshold = 'Export issues';
++
++$s_plugin_XmlImportExport_action_update = 'Update';
++
+ $s_plugin_XmlImportExport_importing_in_project = 'Importing issues in project:';
++
+ $s_plugin_XmlImportExport_import_options = 'Import options';
+ 
+ $s_plugin_XmlImportExport_cross_references = 'Cross references';
+diff --git a/plugins/XmlImportExport/pages/config.php b/plugins/XmlImportExport/pages/config.php
+new file mode 100644
+index 0000000..19587c8
+--- /dev/null
++++ b/plugins/XmlImportExport/pages/config.php
+@@ -0,0 +1,27 @@
++<?php
++# Copyright (c) 2014  MantisBT Team - mantisbt-dev at lists.sourceforge.net
++# Licensed under the MIT license
++
++form_security_validate( 'plugin_XmlImportExport_config' );
++access_ensure_global_level( config_get( 'manage_plugin_threshold' ) );
++
++/**
++ * Sets plugin config option if value is different from current/default
++ * @param string $p_name  option name
++ * @param string $p_value value to set
++ * @return void
++ */
++function config_set_if_needed( $p_name, $p_value ) {
++	if ( $p_value != plugin_config_get( $p_name ) ) {
++		plugin_config_set( $p_name, $p_value );
++	}
++}
++
++$t_redirect_url = plugin_page( 'config_page', true );
++
++config_set_if_needed( 'import_threshold' , gpc_get_int( 'import_threshold' ) );
++config_set_if_needed( 'export_threshold' , gpc_get_int( 'export_threshold' ) );
++
++form_security_purge( 'plugin_XmlImportExport_config' );
++
++print_successful_redirect( $t_redirect_url );
+diff --git a/plugins/XmlImportExport/pages/config_page.php b/plugins/XmlImportExport/pages/config_page.php
+new file mode 100644
+index 0000000..7c678af
+--- /dev/null
++++ b/plugins/XmlImportExport/pages/config_page.php
+@@ -0,0 +1,48 @@
++<?php
++# Copyright (c) 2014  MantisBT Team - mantisbt-dev at lists.sourceforge.net
++# Licensed under the MIT license
++
++access_ensure_global_level( config_get( 'manage_plugin_threshold' ) );
++
++html_page_top();
++//print_manage_menu();
++?>
++
++<br />
++<form action="<?php echo plugin_page( 'config' ) ?>" method="post">
++<?php echo form_security_field( 'plugin_XmlImportExport_config' ) ?>
++<table class="width60" align="center">
++
++<tr>
++<td class="form-title" colspan="2"><?php echo plugin_lang_get("config_title") ?></td>
++</tr>
++
++<tr <?php echo helper_alternate_class() ?>>
++<td class="category"><?php echo plugin_lang_get( 'import_threshold' ) ?></td>
++<td><select name="import_threshold"><?php
++	print_enum_string_option_list(
++		'access_levels',
++		plugin_config_get( 'import_threshold' )
++	);
++	?></select></td>
++</tr>
++
++<tr <?php echo helper_alternate_class() ?>>
++<td class="category"><?php echo plugin_lang_get( 'export_threshold' ) ?></td>
++<td><select name="export_threshold"><?php
++	print_enum_string_option_list(
++		'access_levels',
++		plugin_config_get( 'export_threshold' )
++	);
++	?></select></td>
++</tr>
++
++<tr>
++<td class="center" colspan="2"><input type="submit" value="<?php echo plugin_lang_get("action_update") ?>"/></td>
++</tr>
++
++</table>
++</form>
++
++<?php
++html_page_bottom();
+diff --git a/plugins/XmlImportExport/pages/export.php b/plugins/XmlImportExport/pages/export.php
+index 061b135..aac3bbf 100644
+--- a/plugins/XmlImportExport/pages/export.php
++++ b/plugins/XmlImportExport/pages/export.php
+@@ -20,6 +20,8 @@
+ 
+ require_once( 'core.php' );
+ 
++access_ensure_project_level( plugin_config_get( 'export_threshold' ) );
++
+ auth_ensure_user_authenticated( );
+ helper_begin_long_process( );
+ 
+diff --git a/plugins/XmlImportExport/pages/import.php b/plugins/XmlImportExport/pages/import.php
+index cd7721f..6740727 100644
+--- a/plugins/XmlImportExport/pages/import.php
++++ b/plugins/XmlImportExport/pages/import.php
+@@ -14,6 +14,8 @@
+ # You should have received a copy of the GNU General Public License
+ # along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
+ 
++access_ensure_project_level( plugin_config_get( 'import_threshold' ) );
++
+ auth_reauthenticate( );
+ 
+ html_page_top( plugin_lang_get( 'import' ) );

Deleted: PKGBUILD
===================================================================
--- PKGBUILD	2014-11-12 14:58:00 UTC (rev 122442)
+++ PKGBUILD	2014-11-12 15:02:39 UTC (rev 122443)
@@ -1,50 +0,0 @@
-# $Id$
-# Maintainer: Maxime Gauduin <alucryd at archlinux.org>
-# Contributor: Alexander 'gridcol' Griesbaum <agrsbm at gmail.com>
-# Contributor: Ravenman <correo.cuervo at gmail.com>
-# Contributor: Anton Bazhenov <anton.bazhenov at gmail>
-# Contributor: Angel 'angvp' Velasquez <angvp at archlinux.com.ve>
-
-pkgname=mantisbt
-pkgver=1.2.17
-pkgrel=3
-pkgdesc='Web-based issue tracking system'
-arch=('any')
-url='http://www.mantisbt.org/'
-license=('GPL')
-depends=('php')
-optdepends=('apache: Web server to run MantisBT'
-            'curl: Twitter integration'
-            'gd: Graphs support'
-            'lighttpd: Web server to run MantisBT'
-            'mariadb: SQL database'
-            'nginx: Web server to run MantisBT'
-            'php-pgsql: PostgreSQL database')
-backup=('etc/webapps/mantisbt/config_inc.php')
-install='mantisbt.install'
-source=("http://downloads.sourceforge.net/mantisbt/mantisbt-${pkgver}.tar.gz"
-        'CVE-2014-8554.patch')
-sha256sums=('4305295a1d3910516b6fa238e03e710c0bb5b30a01b3a908865799096207b243'
-            '3183477bcc3b69fc969b9d9502070816b2f8bd1ec387d02805b1bd901b471908')
-
-prepare() {
-  cd mantisbt-${pkgver}
-
-  patch -Np1 -i ../CVE-2014-8554.patch
-}
-
-package() {
-  install -dm 755 "${pkgdir}"/{etc,usr/share}/webapps/mantisbt
-  cp -dr --no-preserve='ownership' mantisbt-${pkgver}/* "${pkgdir}"/usr/share/webapps/mantisbt
-
-  for f in {config_inc.php,custom_strings_inc.php,custom_constants_inc.php,custom_functions_inc.php}; do
-    ln -s /etc/webapps/mantisbt/${f} "${pkgdir}"/usr/share/webapps/mantisbt/
-  done
-  cp "${pkgdir}"/usr/share/webapps/mantisbt/config_inc.php.sample "${pkgdir}"/etc/webapps/mantisbt/config_inc.php
-
-  find "${pkgdir}" -type d -exec chmod 755 {} +
-  find "${pkgdir}" -type f -exec chmod 644 {} +
-  chown http:http -R "${pkgdir}"/usr/share/webapps/mantisbt
-}
-
-# vim: ts=2 sw=2 et:

Copied: mantisbt/repos/community-any/PKGBUILD (from rev 122442, mantisbt/trunk/PKGBUILD)
===================================================================
--- PKGBUILD	                        (rev 0)
+++ PKGBUILD	2014-11-12 15:02:39 UTC (rev 122443)
@@ -0,0 +1,56 @@
+# $Id$
+# Maintainer: Maxime Gauduin <alucryd at archlinux.org>
+# Contributor: Alexander 'gridcol' Griesbaum <agrsbm at gmail.com>
+# Contributor: Ravenman <correo.cuervo at gmail.com>
+# Contributor: Anton Bazhenov <anton.bazhenov at gmail>
+# Contributor: Angel 'angvp' Velasquez <angvp at archlinux.com.ve>
+
+pkgname=mantisbt
+pkgver=1.2.17
+pkgrel=4
+pkgdesc='Web-based issue tracking system'
+arch=('any')
+url='http://www.mantisbt.org/'
+license=('GPL')
+depends=('php')
+optdepends=('apache: Web server to run MantisBT'
+            'curl: Twitter integration'
+            'gd: Graphs support'
+            'lighttpd: Web server to run MantisBT'
+            'mariadb: SQL database'
+            'nginx: Web server to run MantisBT'
+            'php-pgsql: PostgreSQL database')
+backup=('etc/webapps/mantisbt/config_inc.php')
+install='mantisbt.install'
+source=("http://downloads.sourceforge.net/mantisbt/mantisbt-${pkgver}.tar.gz"
+        'CVE-2014-7146.patch'
+        'CVE-2014-8554.patch'
+        'CVE-2014-8598.patch')
+sha256sums=('4305295a1d3910516b6fa238e03e710c0bb5b30a01b3a908865799096207b243'
+            '5660d838efa89f5cc391df902979faa024a26faa698ab0845a458bf3a5fdcd08'
+            '3183477bcc3b69fc969b9d9502070816b2f8bd1ec387d02805b1bd901b471908'
+            '3bfb9a6e118678f80a244ca13f527d5589da094491e910d95c53dd5c10d048ed')
+
+prepare() {
+  cd mantisbt-${pkgver}
+
+  patch -Np1 -i ../CVE-2014-7146.patch
+  patch -Np1 -i ../CVE-2014-8554.patch
+  patch -Np1 -i ../CVE-2014-8598.patch
+}
+
+package() {
+  install -dm 755 "${pkgdir}"/{etc,usr/share}/webapps/mantisbt
+  cp -dr --no-preserve='ownership' mantisbt-${pkgver}/* "${pkgdir}"/usr/share/webapps/mantisbt
+
+  for f in {config_inc.php,custom_strings_inc.php,custom_constants_inc.php,custom_functions_inc.php}; do
+    ln -s /etc/webapps/mantisbt/${f} "${pkgdir}"/usr/share/webapps/mantisbt/
+  done
+  cp "${pkgdir}"/usr/share/webapps/mantisbt/config_inc.php.sample "${pkgdir}"/etc/webapps/mantisbt/config_inc.php
+
+  find "${pkgdir}" -type d -exec chmod 755 {} +
+  find "${pkgdir}" -type f -exec chmod 644 {} +
+  chown http:http -R "${pkgdir}"/usr/share/webapps/mantisbt
+}
+
+# vim: ts=2 sw=2 et:

Deleted: mantisbt.install
===================================================================
--- mantisbt.install	2014-11-12 14:58:00 UTC (rev 122442)
+++ mantisbt.install	2014-11-12 15:02:39 UTC (rev 122443)
@@ -1,17 +0,0 @@
-pre_upgrade() {
-  cd /usr/share/webapps/mantisbt
-
-  cp mantis_offline.php.sample mantis_offline.php
-}
-
-post_upgrade() {
-  cd /usr/share/webapps/mantisbt
-
-  rm mantis_offline.php
-}
-
-post_remove() {
-  rm -rf /usr/share/webapps/mantisbt
-}
-
-# vim: ts=2 sw=2 et:

Copied: mantisbt/repos/community-any/mantisbt.install (from rev 122442, mantisbt/trunk/mantisbt.install)
===================================================================
--- mantisbt.install	                        (rev 0)
+++ mantisbt.install	2014-11-12 15:02:39 UTC (rev 122443)
@@ -0,0 +1,17 @@
+pre_upgrade() {
+  cd /usr/share/webapps/mantisbt
+
+  cp mantis_offline.php.sample mantis_offline.php
+}
+
+post_upgrade() {
+  cd /usr/share/webapps/mantisbt
+
+  rm mantis_offline.php
+}
+
+post_remove() {
+  rm -rf /usr/share/webapps/mantisbt
+}
+
+# vim: ts=2 sw=2 et:


More information about the arch-commits mailing list