rpms/libcdaudio/F-8 libcdaudio-0.99-CAN-2005-0706.patch, NONE, 1.1 libcdaudio.spec, 1.2, 1.3
Axel Thimm
athimm at fedoraproject.org
Sat Dec 27 19:01:46 UTC 2008
Author: athimm
Update of /cvs/extras/rpms/libcdaudio/F-8
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv13166/F-8
Modified Files:
libcdaudio.spec
Added Files:
libcdaudio-0.99-CAN-2005-0706.patch
Log Message:
Fix CAN-2005-0706
libcdaudio-0.99-CAN-2005-0706.patch:
--- NEW FILE libcdaudio-0.99-CAN-2005-0706.patch ---
--- libcdaudio-0.99.10/src/cddb.c.orig 2005-04-03 15:37:04.180240520 +0200
+++ libcdaudio-0.99.10/src/cddb.c 2005-04-03 15:38:07.389631232 +0200
@@ -1034,7 +1034,7 @@
}
query->query_matches = 0;
- while(!cddb_read_line(sock, inbuffer, 256)) {
+ while(query->query_matches < MAX_INEXACT_MATCHES && !cddb_read_line(sock, inbuffer, 256)) {
slashed = 0;
if(strchr(inbuffer, '/') != NULL && parse_disc_artist) {
index = 0;
Index: libcdaudio.spec
===================================================================
RCS file: /cvs/extras/rpms/libcdaudio/F-8/libcdaudio.spec,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- libcdaudio.spec 25 Aug 2008 12:07:57 -0000 1.2
+++ libcdaudio.spec 27 Dec 2008 19:01:16 -0000 1.3
@@ -1,7 +1,7 @@
Summary: Control operation of a CD-ROM when playing audio CDs
Name: libcdaudio
Version: 0.99.12p2
-Release: 10%{?dist}
+Release: 11%{?dist}
# COPYING is a copy of GPLv2, but the code and the README clearly indicate
# that the code is LGPLv2+. Probably want to let upstream know about COPYING.
License: LGPLv2+
@@ -10,6 +10,7 @@
Source0: http://prdownloads.sourceforge.net/libcdaudio/%{name}-%{version}.tar.gz
Patch0: libcdaudio-0.99.12-buffovfl.patch
Patch1: libcdaudio-0.99.12p2-libdir.patch
+Patch2: libcdaudio-0.99-CAN-2005-0706.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
BuildRequires: gcc-c++
@@ -31,6 +32,7 @@
%setup -q
%patch0 -p0
%patch1 -p1
+%patch2 -p1
%build
%configure \
@@ -65,6 +67,9 @@
%{_libdir}/pkgconfig/libcdaudio.pc
%changelog
+* Sat Dec 27 2008 Axel Thimm <Axel.Thimm at ATrpms.net> - 0.99.12p2-11
+- Fix CVE-2005-0706.
+
* Wed May 21 2008 Tom "spot" Callaway <tcallawa at redhat.com> - 0.99.12p2-10
- took COPYING out of doc (it is simply wrong)
- fixed license tag
More information about the fedora-extras-commits
mailing list