From cac85125ac9177eade792ea6d0e8d9b061b43734b2d7b2e7d29ada765ccb9eb3 Mon Sep 17 00:00:00 2001
From: Egbert Eich <eich@suse.com>
Date: Mon, 31 Oct 2022 10:21:57 +0000
Subject: [PATCH] - updated to 3.7.5 which fixes bsc#1179835  * add the
 available memory to the graph, if present - Possible XSS via ce & cs
 parameters in header.php are no longer present   in this version
 (bsc#1160761, CVE-2019-20378).

OBS-URL: https://build.opensuse.org/package/show/network:cluster/ganglia-web?expand=0&rev=22
---
 ganglia-web.changes | 7 ++++---
 ganglia-web.spec    | 5 +++--
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/ganglia-web.changes b/ganglia-web.changes
index 91bcd96..944aefa 100644
--- a/ganglia-web.changes
+++ b/ganglia-web.changes
@@ -1,13 +1,14 @@
 -------------------------------------------------------------------
 Fri Jan 29 14:53:55 UTC 2021 - Christian Goll <cgoll@suse.com>
 
-- updated to 3.7.5 which fixes bsc#1179835 
+- updated to 3.7.5 which fixes bsc#1179835
 - various bugfixes and enhancements, highlights are:
  * heatmap coloring enhanced
  * Fix XSS from OBB#1005024 (https://www.openbugbounty.org/reports/1005024/)
  * uses `httponly` and `secure` flags in setcookie calls
- * add the available memory to the graph, if present 
-
+ * add the available memory to the graph, if present
+- Possible XSS via ce & cs parameters in header.php are no longer present
+  in this version (bsc#1160761, CVE-2019-20378).
 
 -------------------------------------------------------------------
 Wed Dec  4 12:54:20 UTC 2019 - Christian Goll <cgoll@suse.com>
diff --git a/ganglia-web.spec b/ganglia-web.spec
index 43c87e2..0c2e16a 100644
--- a/ganglia-web.spec
+++ b/ganglia-web.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package ganglia-web
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -53,6 +53,7 @@ written in the PHP5/7 language and uses the Dwoo templating engine.
 %prep
 %setup -q -n %{name}-%{gittag}
 %autopatch -p1
+
 %build
 cp %SOURCE2 .
 
@@ -78,7 +79,7 @@ cp -v download_js.sh %{buildroot}%{_docdir}/%{name}/download_js.sh
 %defattr(-,root,root)
 %doc AUTHORS TODO README README.SUSE
 %{_docdir}/%{name}/download_js.sh
-%license COPYING 
+%license COPYING
 %dir %{web_prefixdir}/
 %dir %{web_prefixdir}/dwoo
 %{web_prefixdir}/*