2011-11-01 13:11:52 +00:00
|
|
|
# make testdeps is pre configure as it just tests needed dependencies
|
|
|
|
|
addFilter("make-check-outside-check-section.*make testdeps")
|
|
|
|
|
# use an own user:group for RT tasks
|
|
|
|
|
addFilter("non-standard-uid /var/run/request-tracker rt");
|
- update to 4.4.4:
Security Updates
+ One of RT's dependencies, the Perl module Email::Address, has a denial
of service vulnerability which could induce a denial of service of RT
itself.
We recommend updating to Email::Address version 1.912 or later. The
Email::Address vulnerabilities are assigned CVE-2015-7686 and CVE-2015-12558.
CVE-2015-7686 was addressed in RT with a previous update.
Email::Address version 1.912 addresses both of these CVEs with updates
directly in the source module.
+ One of RT's dependencies, the Perl module Email::Address::List, relies
on and operates similarly to Email::Address and therefore also has
potential denial of service vulnerabilities.
These vulnerabilities are assigned CVE-2018-18898. We recommend
administrators install Email::Address::List version 0.06 or later.
+ An optional RT dependency, HTML::Gumbo, incorrectly escaped HTML in
some cases. Since RT relies on this module to escape HTML content,
it's possible this issue could allow malicious HTML to be displayed
in RT.
For RT's using this optional module, we recommend administrators
install HTML::Gumbo version 0.18 or later.
* The version of jQuery used in RT 4.2 and 4.4 has a Cross-site Scripting
(XSS) vulnerability when using cross-domain Ajax requests.
This vulnerability is assigned CVE-2015-9251.
RT does not use this jQuery feature so it is not directly vulnerable.
jQuery version 1.12 no longer receives official updates, however a
fix was posted with recommendations for applications to patch locally,
so RT will follow this recommendation and ship with a patched version.
EU General Data Protection Regulation (GDPR)
Several new features were added to support GDPR compliance and are summarized here.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/request-tracker?expand=0&rev=61
2019-03-14 13:50:49 +00:00
|
|
|
addFilter("non-standard-uid /var/cache/request-tracker.* rt");
|
2011-11-01 13:11:52 +00:00
|
|
|
addFilter("non-standard-uid /var/log/request-tracker rt");
|
- update to 4.4.4:
Security Updates
+ One of RT's dependencies, the Perl module Email::Address, has a denial
of service vulnerability which could induce a denial of service of RT
itself.
We recommend updating to Email::Address version 1.912 or later. The
Email::Address vulnerabilities are assigned CVE-2015-7686 and CVE-2015-12558.
CVE-2015-7686 was addressed in RT with a previous update.
Email::Address version 1.912 addresses both of these CVEs with updates
directly in the source module.
+ One of RT's dependencies, the Perl module Email::Address::List, relies
on and operates similarly to Email::Address and therefore also has
potential denial of service vulnerabilities.
These vulnerabilities are assigned CVE-2018-18898. We recommend
administrators install Email::Address::List version 0.06 or later.
+ An optional RT dependency, HTML::Gumbo, incorrectly escaped HTML in
some cases. Since RT relies on this module to escape HTML content,
it's possible this issue could allow malicious HTML to be displayed
in RT.
For RT's using this optional module, we recommend administrators
install HTML::Gumbo version 0.18 or later.
* The version of jQuery used in RT 4.2 and 4.4 has a Cross-site Scripting
(XSS) vulnerability when using cross-domain Ajax requests.
This vulnerability is assigned CVE-2015-9251.
RT does not use this jQuery feature so it is not directly vulnerable.
jQuery version 1.12 no longer receives official updates, however a
fix was posted with recommendations for applications to patch locally,
so RT will follow this recommendation and ship with a patched version.
EU General Data Protection Regulation (GDPR)
Several new features were added to support GDPR compliance and are summarized here.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/request-tracker?expand=0&rev=61
2019-03-14 13:50:49 +00:00
|
|
|
addFilter("non-standard-uid /var/lib/request-tracker rt");
|
|
|
|
|
addFilter("non-standard-gid /var/lib/request-tracker rt");
|
2011-11-01 13:11:52 +00:00
|
|
|
# RT::Shredder:ScripCondition is currently part of RT itself -
|
|
|
|
|
# wait for Upstream to do the split
|
|
|
|
|
addFilter("perl5-naming-policy-not-applied.*/usr/lib/perl.*/RT/Shredder/ScripCondition.pm");
|
|
|
|
|
# Duplicate files - we ignore them for now
|
|
|
|
|
addFilter("files-duplicate.*/usr/sbin/rt-server.*/usr/sbin/standalone_httpd:/usr/sbin/rt-server.fcgi");
|
|
|
|
|
addFilter("files-duplicate.*/usr/share/doc/packages/request-tracker/README.*/usr/share/request-tracker/doc/README");
|
2011-12-30 10:57:16 +00:00
|
|
|
# the init script just creates missing directories on start, no need to restart the "application"
|
|
|
|
|
addFilter("init-script-without-%restart_on_update-postun.*/etc/init.d/request-tracker");
|
- update to 4.4.4:
Security Updates
+ One of RT's dependencies, the Perl module Email::Address, has a denial
of service vulnerability which could induce a denial of service of RT
itself.
We recommend updating to Email::Address version 1.912 or later. The
Email::Address vulnerabilities are assigned CVE-2015-7686 and CVE-2015-12558.
CVE-2015-7686 was addressed in RT with a previous update.
Email::Address version 1.912 addresses both of these CVEs with updates
directly in the source module.
+ One of RT's dependencies, the Perl module Email::Address::List, relies
on and operates similarly to Email::Address and therefore also has
potential denial of service vulnerabilities.
These vulnerabilities are assigned CVE-2018-18898. We recommend
administrators install Email::Address::List version 0.06 or later.
+ An optional RT dependency, HTML::Gumbo, incorrectly escaped HTML in
some cases. Since RT relies on this module to escape HTML content,
it's possible this issue could allow malicious HTML to be displayed
in RT.
For RT's using this optional module, we recommend administrators
install HTML::Gumbo version 0.18 or later.
* The version of jQuery used in RT 4.2 and 4.4 has a Cross-site Scripting
(XSS) vulnerability when using cross-domain Ajax requests.
This vulnerability is assigned CVE-2015-9251.
RT does not use this jQuery feature so it is not directly vulnerable.
jQuery version 1.12 no longer receives official updates, however a
fix was posted with recommendations for applications to patch locally,
so RT will follow this recommendation and ship with a patched version.
EU General Data Protection Regulation (GDPR)
Several new features were added to support GDPR compliance and are summarized here.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/request-tracker?expand=0&rev=61
2019-03-14 13:50:49 +00:00
|
|
|
# the RT module is the main part of the Request Tracker application - don't split it out into a dedicated perl-RT module for now
|
|
|
|
|
addFilter("perl5-naming-policy-not-applied /usr/lib/perl5/vendor_perl/.*/RT");
|
2020-05-04 19:07:09 +00:00
|
|
|
# no rc-links for timer services
|
|
|
|
|
addFilter("suse-missing-rclink.*rt-email-dashboard");
|
|
|
|
|
addFilter("suse-missing-rclink.*rt-email-digest-daily");
|
|
|
|
|
addFilter("suse-missing-rclink.*rt-email-digest-weekly");
|
|
|
|
|
# according to https://en.opensuse.org/openSUSE:Systemd_packaging_guidelines#Packaging_of_the_systemd_timers
|
|
|
|
|
# it's enough to handle the timer files and not the service files
|
|
|
|
|
addFilter("systemd-service-without-service_add_post.*rt-email-dashboard.service");
|
|
|
|
|
addFilter("systemd-service-without-service_add_post.*rt-email-digest-daily.service");
|
|
|
|
|
addFilter("systemd-service-without-service_add_post.*rt-email-digest-weekly.service");
|
|
|
|
|
addFilter("systemd-service-without-service_add_pre.*rt-email-dashboard.service");
|
|
|
|
|
addFilter("systemd-service-without-service_add_pre.*rt-email-digest-daily.service");
|
|
|
|
|
addFilter("systemd-service-without-service_add_pre.*rt-email-digest-weekly.service");
|
|
|
|
|
addFilter("systemd-service-without-service_del_postun.*rt-email-dashboard.service");
|
|
|
|
|
addFilter("systemd-service-without-service_del_postun.*rt-email-digest-daily.service");
|
|
|
|
|
addFilter("systemd-service-without-service_del_postun.*rt-email-digest-weekly.service");
|
|
|
|
|
addFilter("systemd-service-without-service_del_preun.*rt-email-dashboard.service");
|
|
|
|
|
addFilter("systemd-service-without-service_del_preun.*rt-email-digest-daily.service");
|
|
|
|
|
addFilter("systemd-service-without-service_del_preun.*rt-email-digest-weekly.service");
|
2021-04-20 21:01:46 +00:00
|
|
|
# directories for the GnuPG and SMIME keys
|
|
|
|
|
addFilter("non-standard-gid.*/var/lib/request-tracker/data rt");
|
|
|
|
|
addFilter("non-standard-gid.*/var/lib/request-tracker/data/gpg rt");
|
|
|
|
|
addFilter("non-standard-gid.*/var/lib/request-tracker/data/smime rt");
|
|
|
|
|
addFilter("non-standard-uid.*/var/lib/request-tracker/data rt");
|
|
|
|
|
addFilter("non-standard-uid.*/var/lib/request-tracker/data/gpg rt");
|
|
|
|
|
addFilter("non-standard-uid.*/var/lib/request-tracker/data/smime rt");
|
2020-05-04 19:07:09 +00:00
|
|
|
|
|
|
|
|
|