rpms/libmodplug/FC-4 libmodplug-0.8-CVE-2006-4192.patch, NONE, 1.1 libmodplug.spec, 1.7, 1.8

Tue Oct 3 17:05:02 UTC 2006

Author: scop

Update of /cvs/extras/rpms/libmodplug/FC-4
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2325/FC-4

Modified Files:
	libmodplug.spec 
Added Files:
	libmodplug-0.8-CVE-2006-4192.patch 
Log Message:
* Tue Oct  3 2006 Ville SkyttÃ¤ <ville.skytta at iki.fi>
- Apply patch for CVE-2006-4192 (from Debian).


libmodplug-0.8-CVE-2006-4192.patch:

--- NEW FILE libmodplug-0.8-CVE-2006-4192.patch ---
--- libmodplug-0.8/src/sndfile.cpp~	2006-03-20 05:22:32.000000000 +0200
+++ libmodplug-0.8/src/sndfile.cpp	2006-10-03 19:21:17.000000000 +0300
@@ -1081,7 +1081,7 @@
 {
 	UINT len = 0, mem = pIns->nLength+6;
 
-	if ((!pIns) || (pIns->nLength < 4) || (!lpMemFile)) return 0;
+	if ((!pIns) || ((int)pIns->nLength < 4) || (!lpMemFile)) return 0;
 	if (pIns->nLength > MAX_SAMPLE_LENGTH) pIns->nLength = MAX_SAMPLE_LENGTH;
 	pIns->uFlags &= ~(CHN_16BIT|CHN_STEREO);
 	if (nFlags & RSF_16BIT)


Index: libmodplug.spec
===================================================================
RCS file: /cvs/extras/rpms/libmodplug/FC-4/libmodplug.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- libmodplug.spec	23 Aug 2005 16:09:03 -0000	1.7
+++ libmodplug.spec	3 Oct 2006 17:05:02 -0000	1.8
@@ -1,6 +1,6 @@
 Name:           libmodplug
 Version:        0.7
-Release:        3%{?dist}
+Release:        4%{?dist}
 Epoch:          1
 Summary:        Modplug mod music file format library
 
@@ -9,6 +9,7 @@
 URL:            http://modplug-xmms.sourceforge.net/
 Source0:        http://dl.sf.net/modplug-xmms/%{name}-%{version}.tar.gz
 Patch0:         %{name}-64bit.patch
+Patch1:         %{name}-0.8-CVE-2006-4192.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 %description
@@ -27,6 +28,7 @@
 %prep
 %setup -q
 %patch0 -p1
+%patch1 -p1
 
 
 %build
@@ -66,6 +68,9 @@
 
 
 %changelog
+* Tue Oct  3 2006 Ville SkyttÃ¤ <ville.skytta at iki.fi> - 1:0.7-4
+- Apply patch for CVE-2006-4192 (from Debian).
+
 * Tue Aug 23 2005 Ville SkyttÃ¤ <ville.skytta at iki.fi> - 1:0.7-3
 - Fix x86_64, thanks to Adam Goode (#166127).
 


