rpms/freeciv/FC-3 freeciv-security.patch, 1.1, 1.2 freeciv.spec, 1.7, 1.8

Brian Pepple (bpepple) fedora-extras-commits at redhat.com
Thu Aug 3 00:51:33 UTC 2006


Author: bpepple

Update of /cvs/extras/rpms/freeciv/FC-3
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21334

Modified Files:
	freeciv-security.patch freeciv.spec 
Log Message:
* Wed Aug  2 2006 Brian Pepple <bpepple at fedoraproject.org> - 2.0.8-3
- Update security patch.


freeciv-security.patch:

Index: freeciv-security.patch
===================================================================
RCS file: /cvs/extras/rpms/freeciv/FC-3/freeciv-security.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- freeciv-security.patch	1 Aug 2006 16:50:54 -0000	1.1
+++ freeciv-security.patch	3 Aug 2006 00:51:32 -0000	1.2
@@ -1,17 +1,21 @@
 diff -ur freeciv-2.0.8.OLD/common/packets.c freeciv-2.0.8/common/packets.c
 --- freeciv-2.0.8.OLD/common/packets.c	2006-03-05 22:35:23.000000000 -0500
-+++ freeciv-2.0.8/common/packets.c	2006-08-01 10:47:33.000000000 -0400
-@@ -577,6 +577,7 @@
++++ freeciv-2.0.8/common/packets.c	2006-08-02 18:27:40.000000000 -0400
+@@ -577,8 +577,11 @@
  	  chunk->total_length, chunk->chunk_length);
  
    if (chunk->total_length < 0
 +      || chunk->chunk_length < 0
        || chunk->total_length >= MAX_ATTRIBUTE_BLOCK
        || chunk->offset < 0
++      || chunk->offset > chunk->total_length /* necessary check on 32 bit systems */
++      || chunk->chunk_length > chunk->total_length
        || chunk->offset + chunk->chunk_length > chunk->total_length
+       || (chunk->offset != 0
+           && chunk->total_length != pplayer->attribute_block_buffer.length)) {
 diff -ur freeciv-2.0.8.OLD/server/unithand.c freeciv-2.0.8/server/unithand.c
 --- freeciv-2.0.8.OLD/server/unithand.c	2005-12-26 16:37:53.000000000 -0500
-+++ freeciv-2.0.8/server/unithand.c	2006-08-01 11:03:44.000000000 -0400
++++ freeciv-2.0.8/server/unithand.c	2006-08-02 18:26:15.000000000 -0400
 @@ -1593,7 +1593,8 @@
    struct unit *punit = player_find_unit_by_id(pplayer, packet->unit_id);
    int i;


Index: freeciv.spec
===================================================================
RCS file: /cvs/extras/rpms/freeciv/FC-3/freeciv.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- freeciv.spec	1 Aug 2006 16:50:54 -0000	1.7
+++ freeciv.spec	3 Aug 2006 00:51:32 -0000	1.8
@@ -1,6 +1,6 @@
 Name:           freeciv
 Version:        2.0.8
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        The Freeciv multi-player strategy game
 
 Group:          Amusements/Games
@@ -93,6 +93,9 @@
 %{_mandir}/man6/civclient.6.gz
 
 %changelog
+* Wed Aug  2 2006 Brian Pepple <bpepple at fedoraproject.org> - 2.0.8-3
+- Update security patch.
+
 * Tue Aug  1 2006 Brian Pepple <bpepple at fedoraproject.org> - 2.0.8-2
 - Add patch to fix CVE-2006-3913 vulnerability. (#200545)
 - Replace desktop file category 'Strategy' with 'StrategyGame'. (#198086)




More information about the fedora-extras-commits mailing list