rpms/blam/F-8 blam-CVE-2005-4790.patch, NONE, 1.1 blam.spec, 1.19, 1.20
Peter Gordon (pgordon)
fedora-extras-commits at redhat.com
Thu Nov 22 20:20:18 UTC 2007
Author: pgordon
Update of /cvs/pkgs/rpms/blam/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8779/F-8
Modified Files:
blam.spec
Added Files:
blam-CVE-2005-4790.patch
Log Message:
Backport upstream fix for CVE-2005-4790.
blam-CVE-2005-4790.patch:
--- NEW FILE blam-CVE-2005-4790.patch ---
--- blam-1.8.3/blam.in 2006-11-16 16:06:40.000000000 -0800
+++ blam-1.8.4/blam.in 2007-01-06 05:43:35.000000000 -0800
@@ -1,12 +1,4 @@
-#!/bin/sh
+#!/bin/bash
-MOZILLA_HOME=@MOZILLA_HOME@
-export MOZILLA_HOME
-
-MOZILLA_FIVE_HOME=@MOZILLA_HOME@
-export MOZILLA_FIVE_HOME
-
-LD_LIBRARY_PATH="@prefix@/lib/blam:@MOZILLA_HOME@:$LD_LIBRARY_PATH"
-export LD_LIBRARY_PATH
-
-exec mono @prefix@/lib/blam/blam.exe $@
+LD_LIBRARY_PATH="@prefix@/lib/blam:@MOZILLA_HOME@${LD_LIBRARY_PATH+:$LD_LIBRARY_PATH}" MOZILLA_FIVE_HOME=@MOZILLA_HOME@ \
+MOZILLA_HOME=@MOZILLA_HOME@ exec -a 'blam' mono @prefix@/lib/blam/blam.exe $@
Index: blam.spec
===================================================================
RCS file: /cvs/pkgs/rpms/blam/F-8/blam.spec,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- blam.spec 13 Nov 2007 23:36:47 -0000 1.19
+++ blam.spec 22 Nov 2007 20:19:45 -0000 1.20
@@ -5,7 +5,7 @@
Name: blam
Version: 1.8.3
-Release: 10%{?dist}
+Release: 11%{?dist}
Summary: An RSS/RDF feed reader
Group: Applications/Internet
@@ -13,9 +13,11 @@
URL: http://www.cmartin.tk/blam.html
Source0: http://www.cmartin.tk/blam/%{name}-%{version}.tar.bz2
+
Patch0: %{name}-fix-PrintJob-ambiguous-reference.patch
Patch1: %{name}-fedora-people-in-default-collection.patch
Patch2: %{name}-fix-THEME_DIR-path.patch
+Patch3: %{name}-CVE-2005-4790.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
## Various Mono dependencies are not available for ppc64; see bug 241850.
@@ -63,6 +65,7 @@
%patch0 -p0 -b .fix-PrintJob-ambiguous-reference-compile-error
%patch1 -p0 -b .add-fedora-people-feed-to-default-collection.xml
%patch2 -p0 -b .fix-THEME_DIR-path
+%patch3 -p1 -b .CVE-2005-4790
%build
@@ -126,6 +129,9 @@
%{_mandir}/man?/%{name}.1*
%changelog
+* Thu Nov 22 2007 Peter Gordon <peter at thecodergeek.com> - 1.8.3-11
+- Fix CVE-2005-4790 (bug 252294).
+
* Tue Nov 13 2007 Peter Gordon <peter at thecodergeek.com> - 1.8.3-10
- Rebuild for new Gecko (Firefox 2.0.0.9).
More information about the fedora-extras-commits
mailing list