rpms/PolicyKit/F-8 PolicyKit-0.6-cve-2008-1658-fix.patch, NONE, 1.1 PolicyKit.spec, 1.6, 1.7
David Zeuthen (davidz)
fedora-extras-commits at redhat.com
Fri Apr 4 06:52:50 UTC 2008
Author: davidz
Update of /cvs/pkgs/rpms/PolicyKit/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12289
Modified Files:
PolicyKit.spec
Added Files:
PolicyKit-0.6-cve-2008-1658-fix.patch
Log Message:
* Fri Apr 4 2008 David Zeuthen <davidz at redhat.com> - 0.6-2%{?dist}
- Include fix for CVE-2008-1658 (#439995)
PolicyKit-0.6-cve-2008-1658-fix.patch:
--- NEW FILE PolicyKit-0.6-cve-2008-1658-fix.patch ---
--- PolicyKit-0.6/polkit-grant/polkit-grant-helper.c.orig 2008-04-04 02:48:01.000000000 -0400
+++ PolicyKit-0.6/polkit-grant/polkit-grant-helper.c 2008-04-04 02:48:22.000000000 -0400
@@ -218,7 +218,7 @@
goto out;
}
/* send to parent */
- fprintf (stdout, buf);
+ fprintf (stdout, "%s", buf);
fflush (stdout);
/* read from parent */
@@ -229,7 +229,7 @@
fprintf (stderr, "received: '%s' from parent; sending to child\n", buf);
#endif /* PGH_DEBUG */
/* send to child */
- fprintf (child_stdin, buf);
+ fprintf (child_stdin, "%s", buf);
fflush (child_stdin);
}
Index: PolicyKit.spec
===================================================================
RCS file: /cvs/pkgs/rpms/PolicyKit/F-8/PolicyKit.spec,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- PolicyKit.spec 11 Oct 2007 22:46:15 -0000 1.6
+++ PolicyKit.spec 4 Apr 2008 06:52:12 -0000 1.7
@@ -14,7 +14,7 @@
Summary: Toolkit for privilege control
Name: PolicyKit
Version: 0.6
-Release: 1%{?dist}
+Release: 2%{?dist}
License: AFL/GPL
Group: System Environment/Libraries
URL: http://gitweb.freedesktop.org/?p=PolicyKit.git;a=summary
@@ -40,6 +40,8 @@
Requires: libselinux >= %{libselinux_version}
Requires: pam >= %{pam_version}
+Patch0: PolicyKit-0.6-cve-2008-1658-fix.patch
+
%description
PolicyKit is a toolkit for defining and handling the policy that
allows unprivileged processes to speak to privileged processes.
@@ -67,6 +69,7 @@
%prep
%setup -q
+%patch0 -p1 -b .cvs-2008-1658
%build
%configure --docdir=%{_datadir}/doc/%{name}-%{version} --enable-docbook-docs
@@ -141,6 +144,9 @@
%{_datadir}/gtk-doc/html/polkit/*
%changelog
+* Fri Apr 4 2008 David Zeuthen <davidz at redhat.com> - 0.6-2%{?dist}
+- Include fix for CVE-2008-1658 (#439995)
+
* Thu Oct 11 2007 David Zeuthen <davidz at redhat.com> - 0.6-1%{?dist}
- Update to latest upstream release
More information about the fedora-extras-commits
mailing list