rpms/tar/F-7 tar.spec,1.58,1.59
Radek Brich (rbrich)
fedora-extras-commits at redhat.com
Tue Aug 28 11:25:59 UTC 2007
Author: rbrich
Update of /cvs/extras/rpms/tar/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26643
Modified Files:
tar.spec
Log Message:
bz#253684
Index: tar.spec
===================================================================
RCS file: /cvs/extras/rpms/tar/F-7/tar.spec,v
retrieving revision 1.58
retrieving revision 1.59
diff -u -r1.58 -r1.59
--- tar.spec 6 Feb 2007 14:51:00 -0000 1.58
+++ tar.spec 28 Aug 2007 11:25:27 -0000 1.59
@@ -2,7 +2,7 @@
Name: tar
Epoch: 2
Version: 1.15.1
-Release: 26%{?dist}
+Release: 27%{?dist}
License: GPL
Group: Applications/Archiving
URL: http://www.gnu.org/software/tar/
@@ -25,6 +25,7 @@
Patch14: tar-1.15.1-incompatibilities.patch
Patch15: tar-1.15.1-xattrs.patch
Patch16: tar-1.15.1-mangling.patch
+Patch17: tar-1.15.1-dot_dot_vuln.patch
Prereq: info
BuildRequires: autoconf automake gzip
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -61,6 +62,7 @@
%patch14 -p1 -b .incompatibilities
%patch15 -p1 -b .xattrs
%patch16 -p1 -b .mangling
+%patch17 -p1 -b .dot_dot_vuln
%build
%configure --bindir=/bin --libexecdir=/sbin
@@ -111,6 +113,9 @@
%{_infodir}/tar.info*
%changelog
+* Tue Aug 28 2007 Radek Brich <rbrich at redhat.com> 2:1.15.1-27
+- fixed CVE-2007-4131 tar directory traversal vulnerability (#253684)
+
* Tue Feb 06 2007 Peter Vrabec <pvrabec at redhat.com> 2:1.15.1-26
- fix spec file to meet Fedora standards (#226478)
More information about the fedora-extras-commits
mailing list