--- rpms/e-smith-manager/sme10/e-smith-manager.spec	2016/07/19 12:15:41	1.14
+++ rpms/e-smith-manager/sme10/e-smith-manager.spec	2017/01/16 23:56:49	1.15
@@ -1,10 +1,10 @@
-# $Id: e-smith-manager.spec,v 1.13 2016/07/19 10:01:28 unnilennium Exp $
+# $Id: e-smith-manager.spec,v 1.14 2016/07/19 12:15:41 unnilennium Exp $
 
 Summary: e-smith manager navigation module
 %define name e-smith-manager
 Name: %{name}
 %define version 2.8.0
-%define release 13
+%define release 14
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
@@ -17,6 +17,7 @@ Patch3: e-smith-manager-2.8.0-newTKTsynt
 Patch4: e-smith-manager-2.8.0-no_index_for_manager_common.patch
 Patch5: e-smith-manager-2.8.0-koozali.org
 Patch6: e-smith-manager-2.8.0-Koozali_manager.patch
+Patch7: e-smith-manager-2.8.0-bz9924-badredirection.patch
 BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
 BuildRequires: e-smith-devtools
 BuildRequires: gettext
@@ -29,6 +30,9 @@ Provides: server-manager
 AutoReqProv: no
 
 %changelog
+* Mon Jan 16 2017 Jean-Philipe Pialasse <tests@pialasse.com> 2.8.0-14.sme
+- fix bad redirection parameter that might reveal session information to remote site [SME: 9924]
+
 * Tue Jul 19 2016 Jean-Philipe Pialasse <tests@pialasse.com> 2.8.0-13.sme
 - added missing template-begin for tkt.css [SME: 9676]
 
@@ -729,6 +733,7 @@ This RPM contributes the navigation bars
 %patch4 -p1
 %patch5 -p1
 %patch6 -p1
+%patch7 -p1
 
 %build
 perl createlinks