rpms/amarok/FC-5 amarok-1.4.5-CVE-2006-6979.patch, NONE, 1.1 amarok.spec, 1.66, 1.67
Aurelien Bompard (abompard)
fedora-extras-commits at redhat.com
Wed Feb 14 19:13:52 UTC 2007
Author: abompard
Update of /cvs/extras/rpms/amarok/FC-5
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14600/FC-5
Modified Files:
amarok.spec
Added Files:
amarok-1.4.5-CVE-2006-6979.patch
Log Message:
add patch to fix CVE-2006-6979 (bug 228138)
amarok-1.4.5-CVE-2006-6979.patch:
--- NEW FILE amarok-1.4.5-CVE-2006-6979.patch ---
Index: src/magnatunebrowser/magnatunealbumdownloader.cpp
===================================================================
--- amarok/src/magnatunebrowser/magnatunealbumdownloader.cpp (revision 633106)
+++ amarok/src/magnatunebrowser/magnatunealbumdownloader.cpp (working copy)
@@ -89,7 +89,7 @@
//ok, now we have the .zip file downloaded. All we need is to unpack it to the desired location and add it to the collection.
- QString unzipString = "unzip \""+m_tempDir.name() + m_currentAlbumFileName + "\" -d \"" + m_currentAlbumUnpackLocation + "\" &";
+ QString unzipString = KProcess::quote( "unzip \""+m_tempDir.name() + m_currentAlbumFileName + "\" -d \"" + m_currentAlbumUnpackLocation + "\" &" );
debug() << "unpacking: " << unzipString << endl;
Index: amarok.spec
===================================================================
RCS file: /cvs/extras/rpms/amarok/FC-5/amarok.spec,v
retrieving revision 1.66
retrieving revision 1.67
diff -u -r1.66 -r1.67
--- amarok.spec 7 Feb 2007 22:25:05 -0000 1.66
+++ amarok.spec 14 Feb 2007 19:13:19 -0000 1.67
@@ -4,13 +4,14 @@
Name: amarok
Summary: Media player for KDE
Version: 1.4.5
-Release: 1%{?dist}.1
+Release: 2%{?dist}
Group: Applications/Multimedia
License: GPL
Url: http://amarok.kde.org
# http://download.kde.org/download.php?url=stable/amarok/1.4.3/src
Source0: http://mirrors.isc.org/pub/kde/stable/amarok/%{version}/src/amarok-%{version}.tar.bz2
+Patch0: amarok-1.4.5-CVE-2006-6979.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: kdemultimedia-devel >= 6:3.2
@@ -80,6 +81,7 @@
%prep
%setup -q
+%patch0 -p0 -b .CVE-2006-6979
@@ -193,11 +195,9 @@
# SMB
%{_datadir}/services/amarok_smb-device.desktop
%{_libdir}/kde3/libamarok_smb-device.*
-%if "%fedora" >= "6"
# IPod
%{_datadir}/services/amarok_ipod-mediadevice.desktop
%{_libdir}/kde3/libamarok_ipod-mediadevice.*
-%endif
# VFAT
%{_datadir}/services/amarok_generic-mediadevice.desktop
%{_libdir}/kde3/libamarok_generic-mediadevice.*
@@ -235,8 +235,8 @@
%changelog
-* Wed Feb 07 2007 Aurelien Bompard <abompard at fedoraproject.org> 1.4.5-1.1
-- libgpod is not recent enough in FC5
+* Wed Feb 14 2007 Aurelien Bompard <abompard at fedoraproject.org> 1.4.5-2
+- add patch to fix CVE-2006-6979 (bug 228138)
* Sat Feb 03 2007 Aurelien Bompard <abompard at fedoraproject.org> 1.4.5-1
- version 1.4.5
More information about the fedora-extras-commits
mailing list