rpms/wyrd/F-7 wyrd-1.4.3b-02-CVE-2008-0806.patch, NONE, 1.1 sources, 1.2, 1.3 wyrd.spec, 1.2, 1.3
Till Maas (till)
fedora-extras-commits at redhat.com
Thu Feb 21 09:10:30 UTC 2008
Author: till
Update of /cvs/pkgs/rpms/wyrd/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13503
Modified Files:
sources wyrd.spec
Added Files:
wyrd-1.4.3b-02-CVE-2008-0806.patch
Log Message:
* Thu Feb 21 2008 Till Maas <opensource till name> - 1.4.3b-1
- update to latest version
- include patch from debian to fix CVE-2008-0806
wyrd-1.4.3b-02-CVE-2008-0806.patch:
--- NEW FILE wyrd-1.4.3b-02-CVE-2008-0806.patch ---
#! /bin/sh /usr/share/dpatch/dpatch-run
## 02-CVE-2008-0806.dpatch by Nico Golde <nion at debian.org>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.
@DPATCH@
diff -urNad wyrd-1.4.3b~/interface_main.ml wyrd-1.4.3b/interface_main.ml
--- wyrd-1.4.3b~/interface_main.ml 2007-08-20 03:24:26.000000000 +0200
+++ wyrd-1.4.3b/interface_main.ml 2008-02-20 19:51:39.000000000 +0100
@@ -1066,9 +1066,9 @@
in
Hashtbl.iter find_binding Rcfile.table_commandstr_command;
let sorted_list = List.fast_sort Pervasives.compare !bindings in
- let out_channel = open_out Rcfile.tmpfile in
+ let out_channel = Rcfile.tmpfd in
List.iter (output_string out_channel) sorted_list;
- close_out out_channel;
+ flush out_channel;
def_prog_mode ();
endwin ();
let _ = Unix.system ("less " ^ Rcfile.tmpfile) in
@@ -1786,8 +1786,9 @@
let i = draw_msg iface in
handle_refresh i reminders
|Rcfile.Quit ->
- let new_iface = {iface with run_wyrd = false} in
- (new_iface, reminders)
+ let out_channel = Rcfile.tmpfd in
+ close_out out_channel;Sys.remove Rcfile.tmpfile;let new_iface = {iface with run_wyrd = false} in
+ (new_iface, reminders)
with Not_found ->
let _ = beep () in
draw_error iface "key is not bound." false;
diff -urNad wyrd-1.4.3b~/rcfile.ml wyrd-1.4.3b/rcfile.ml
--- wyrd-1.4.3b~/rcfile.ml 2007-08-20 03:24:26.000000000 +0200
+++ wyrd-1.4.3b/rcfile.ml 2008-02-20 19:51:19.000000000 +0100
@@ -136,7 +136,7 @@
(* Final hash table that maps from object to color_pair index *)
let object_palette = Hashtbl.create 20
-let tmpfile = "/tmp/wyrd-tmp." ^ (string_of_int (Unix.getuid ()))
+let tmpfile,tmpfd = Filename.open_temp_file "wyrd" "-temp"
(* Turn colors on and off *)
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/wyrd/F-7/sources,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- sources 21 Oct 2007 17:54:19 -0000 1.2
+++ sources 21 Feb 2008 09:09:46 -0000 1.3
@@ -1 +1 @@
-defb0708a77bc1433607cbaf8273323a wyrd-1.4.3.tar.gz
+d428191d81769894cf773b8de6cae7ac wyrd-1.4.3b.tar.gz
Index: wyrd.spec
===================================================================
RCS file: /cvs/pkgs/rpms/wyrd/F-7/wyrd.spec,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- wyrd.spec 21 Oct 2007 18:27:18 -0000 1.2
+++ wyrd.spec 21 Feb 2008 09:09:46 -0000 1.3
@@ -1,6 +1,6 @@
Name: wyrd
-Version: 1.4.3
-Release: 3%{?dist}
+Version: 1.4.3b
+Release: 1%{?dist}
Summary: A ncurses frontend for the calendar application remind
Group: Applications/Productivity
@@ -9,6 +9,7 @@
Source0: http://www.eecs.umich.edu/~pelzlpj/wyrd/wyrd-%{version}.tar.gz
Source1: wyrd-wyrdrc.local
Patch0: wyrd-1.4.3-wyrdrc-local.patch
+Patch1: wyrd-1.4.3b-02-CVE-2008-0806.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
# There is no ocaml for ppc64
@@ -31,6 +32,7 @@
%prep
%setup -q
%patch0 -p1
+%patch1 -p1 -b .02-CVE-2008-0806
%build
@@ -60,6 +62,10 @@
%changelog
+* Thu Feb 21 2008 Till Maas <opensource till name> - 1.4.3b-1
+- update to latest version
+- include patch from debian to fix CVE-2008-0806
+
* Sun Oct 21 2007 Till Maas <opensource till name> - 1.4.3-3
- fix permissions of local config file
- use globbing for manpages (the may not be gzipped)
More information about the fedora-extras-commits
mailing list