kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/devel/rt4/MESSAGE
ryoon 78cfa9cc40 Update to 4.2.12 
Changelog:
This release is a security release which addresses the following
vulnerabilities:

RT 4.0.0 and above are vulnerable to a cross-site scripting (XSS) attack via
the user and group rights management pages.  This vulnerability is assigned
CVE-2015-5475.  It was discovered and reported by Marcin Kopeć at Data Reliance
Shared Service Center.

RT 4.2.0 and above are vulnerable to a cross-site scripting (XSS) attack
via the cryptography interface.  This vulnerability could allow an attacker
with a carefully-crafted key to inject JavaScript into RT's user interface.
Installations which use neither GnuPG nor S/MIME are unaffected.
2016-01-30 23:54:20 +00:00

66 lines
2.1 KiB
Text
Raw Blame History

===========================================================================
$NetBSD: MESSAGE,v 1.4 2016/01/30 23:54:20 ryoon Exp $
To use RT 4, you will need to perform the following steps.
1. Setup your postfix.
2. If you want to use with MySQL server, install databases/mysql55-server
and start it. You can use other supported database management system.
3. If you want to use www/ap2-fcgid with apache24, install www/ap2-fcgid
and www/apache24.
4. Be sure to have the following lines in ${PREFIX}/etc/httpd/httpd.conf
FcgidMaxRequestLen 1073741824
DocumentRoot ${PREFIX}/share/rt4/data/html
ScriptAlias / ${PREFIX}/share/rt4/sbin/rt-server.fcgi/
<Directory "${PREFIX}/share/rt4/data/html">
AddDefaultCharset UTF-8
Require all granted
</Directory>
<Directory "${PREFIX}/share/rt4/sbin">
Options +ExecCGI
AddHandler fcgid-script fcgi
Require all granted
</Directory>
5. Start mysqld and set root's password.
6. Run rt-server for configuration.
$ sudo -u www ${PREFIX}/share/rt4/sbin/rt-server --port 8080
If you configure RT from non-localhost web browser, you should add
the following line to your ${PREFIX}/etc/rt4/RT_SiteConfig.pm
before run of rt-server.
Set( $WebDomain, 'YOUR-RT-HOSTNAME' );
7. Access http://localhost:8080/ and setup RT 4. After setting up, kill
rt-server with Ctrl-C.
8. In your postfix /etc/mail/aliases, put the following lines to
enable actions with e-mail.
And you may enable CommentOnTicket, CreateTicket, and ReplyToTicket
to Global Group rights: Everyone screen.
rt: "|${PREFIX}/share/rt4/bin/rt-mailgate --queue general --action correspond --url http://localhost/"
rt-comment: "|${PREFIX}/share/rt4/bin/rt-mailgate --queue general --action comment --url http://localhost/"
9. Start apache httpd.
10. Open http://localhost/ and login to RT 4.
Note:
You may have the following lines
in your ${PKG_SYSCONFDIR}/RT_SiteConfig.pm .
Set( $NotifyActor, 1 );
Set( $SetOutgoingMailFrom, 1);
Set( $CorrespondAddress, "rtadmin@example.com");
===========================================================================
Reference in a new issue View git blame Copy permalink