rpms/liferea/F-7 liferea-1.2.23-opml.patch, NONE, 1.1 liferea.spec, 1.86, 1.87
Brian Pepple (bpepple)
fedora-extras-commits at redhat.com
Wed Oct 31 18:59:27 UTC 2007
- Previous message (by thread): rpms/liferea/F-8 liferea-1.2.23-opml.patch, NONE, 1.1 liferea.spec, 1.94, 1.95
- Next message (by thread): rpms/xorg-x11-server/devel .cvsignore, 1.26, 1.27 sources, 1.21, 1.22 xorg-x11-server-0.99.3-init-origins-fix.patch, 1.1, 1.2 xorg-x11-server-1.1.0-no-move-damage.patch, 1.1, 1.2 xorg-x11-server-1.1.1-vbe-filter-less.patch, 1.1, 1.2 xorg-x11-server-1.2.0-xf86config-comment-less.patch, 1.1, 1.2 xorg-x11-server-Red-Hat-extramodes.patch, 1.5, 1.6 xorg-x11-server.spec, 1.260, 1.261 xserver-1.3.0-accidental-abi.patch, 1.2, 1.3 xserver-1.3.0-avoid-ps2-probe.patch, 1.1, 1.2 xserver-1.3.0-default-dpi.patch, 1.1, 1.2 xserver-1.3.0-document-fontpath-correctly.patch, 1.1, 1.2 xserver-1.3.0-fbdevhw-magic-numbers.patch, 1.1, 1.2 xserver-1.3.0-honor-displaysize.patch, 1.1, 1.2 xserver-1.3.0-newglx-offscreen-pixmaps.patch, 1.3, 1.4 xserver-1.3.0-no-prerelease-warning.patch, 1.2, 1.3 xserver-1.3.0-no-pseudocolor-composite.patch, 1.1, 1.2 xserver-1.3.0-randr12-config-hack.patch, 1.2, 1.3 xserver-1.3.0-xnest-exposures.patch, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: bpepple
Update of /cvs/pkgs/rpms/liferea/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21592
Modified Files:
liferea.spec
Added Files:
liferea-1.2.23-opml.patch
Log Message:
* Wed Oct 31 2007 Brian Pepple <bpepple at fedoraproject.org> - 1.2.23-4
- Add patch to fix opml security bug: CVE-2007-5751. (#360641)
liferea-1.2.23-opml.patch:
--- NEW FILE liferea-1.2.23-opml.patch ---
diff -urp liferea-1.2.23.OLD/src/common.c liferea-1.2.23/src/common.c
--- liferea-1.2.23.OLD/src/common.c 2007-08-19 13:17:58.000000000 -0400
+++ liferea-1.2.23/src/common.c 2007-10-31 14:18:19.000000000 -0400
@@ -908,6 +908,9 @@ static void common_init_cache_path(void)
g_free(cachePath);
/* lifereaUserPath reused globally */
+
+ /* ensure reasonable default umask */
+ umask (077);
}
const gchar * common_get_cache_path(void) {
diff -urp liferea-1.2.23.OLD/src/export.c liferea-1.2.23/src/export.c
--- liferea-1.2.23.OLD/src/export.c 2007-06-20 18:22:10.000000000 -0400
+++ liferea-1.2.23/src/export.c 2007-10-31 14:19:05.000000000 -0400
@@ -126,15 +126,15 @@ gboolean export_OPML_feedlist(const gcha
error = TRUE;
}
- if(trusted)
- old_umask = umask(077);
+ if(!trusted)
+ old_umask = umask(022);
if(-1 == common_save_xml(doc, backupFilename)) {
g_warning("Could not export to OPML file!!");
error = TRUE;
}
- if(trusted)
+ if(!trusted)
umask(old_umask);
xmlFreeDoc(doc);
Index: liferea.spec
===================================================================
RCS file: /cvs/pkgs/rpms/liferea/F-7/liferea.spec,v
retrieving revision 1.86
retrieving revision 1.87
diff -u -r1.86 -r1.87
--- liferea.spec 24 Oct 2007 19:04:57 -0000 1.86
+++ liferea.spec 31 Oct 2007 18:58:54 -0000 1.87
@@ -2,7 +2,7 @@
Name: liferea
Version: 1.2.23
-Release: 3%{?dist}
+Release: 4%{?dist}
Summary: An RSS/RDF feed reader
Group: Applications/Internet
@@ -10,6 +10,7 @@
URL: http://liferea.sourceforge.net/
Source0: http://download.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
Patch0: %{name}-1.2.10-fedorafeed.patch
+Patch1: %{name}-%{version}-opml.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: gtkhtml2-devel
@@ -42,6 +43,7 @@
%prep
%setup -q -n %{name}-%{version}
%patch0 -p1 -b .fedorafeed
+%patch1 -p1 -b .opml
%build
@@ -114,6 +116,9 @@
%changelog
+* Wed Oct 31 2007 Brian Pepple <bpepple at fedoraproject.org> - 1.2.23-4
+- Add patch to fix opml security bug: CVE-2007-5751. (#360641)
+
* Wed Oct 24 2007 Brian Pepple <bpepple at fedoraproject.org> - 1.2.23-3
- Acutually use the correct version of gecko-libs.
- Previous message (by thread): rpms/liferea/F-8 liferea-1.2.23-opml.patch, NONE, 1.1 liferea.spec, 1.94, 1.95
- Next message (by thread): rpms/xorg-x11-server/devel .cvsignore, 1.26, 1.27 sources, 1.21, 1.22 xorg-x11-server-0.99.3-init-origins-fix.patch, 1.1, 1.2 xorg-x11-server-1.1.0-no-move-damage.patch, 1.1, 1.2 xorg-x11-server-1.1.1-vbe-filter-less.patch, 1.1, 1.2 xorg-x11-server-1.2.0-xf86config-comment-less.patch, 1.1, 1.2 xorg-x11-server-Red-Hat-extramodes.patch, 1.5, 1.6 xorg-x11-server.spec, 1.260, 1.261 xserver-1.3.0-accidental-abi.patch, 1.2, 1.3 xserver-1.3.0-avoid-ps2-probe.patch, 1.1, 1.2 xserver-1.3.0-default-dpi.patch, 1.1, 1.2 xserver-1.3.0-document-fontpath-correctly.patch, 1.1, 1.2 xserver-1.3.0-fbdevhw-magic-numbers.patch, 1.1, 1.2 xserver-1.3.0-honor-displaysize.patch, 1.1, 1.2 xserver-1.3.0-newglx-offscreen-pixmaps.patch, 1.3, 1.4 xserver-1.3.0-no-prerelease-warning.patch, 1.2, 1.3 xserver-1.3.0-no-pseudocolor-composite.patch, 1.1, 1.2 xserver-1.3.0-randr12-config-hack.patch, 1.2, 1.3 xserver-1.3.0-xnest-exposures.patch, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list