rpms/blender/F-9 blender-2.45-cve-2008-1103-1.patch, NONE, 1.1 blender-2.45-cve-2008-1103-2.patch, NONE, 1.1 blender.spec, 1.76, 1.77

Jochen Schmitt (s4504kr) fedora-extras-commits at redhat.com
Wed May 7 15:45:46 UTC 2008


Author: s4504kr

Update of /cvs/extras/rpms/blender/F-9
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv30076

Modified Files:
	blender.spec 
Added Files:
	blender-2.45-cve-2008-1103-1.patch 
	blender-2.45-cve-2008-1103-2.patch 
Log Message:
Fix CVE-2008-1103

blender-2.45-cve-2008-1103-1.patch:

--- NEW FILE blender-2.45-cve-2008-1103-1.patch ---
diff -urN blender-2.36.orig/source/blender/blenkernel/intern/blender.c blender-2.36/source/blender/blenkernel/intern/blender.c
--- blender-2.36.orig/source/blender/blenkernel/intern/blender.c	2005-03-11 01:54:56.000000000 +0900
+++ blender-2.36/source/blender/blenkernel/intern/blender.c	2005-03-11 01:57:26.000000000 +0900
@@ -647,7 +647,7 @@
 		
 	BLI_make_file_string("/", str, U.tempdir, "quit.blend");
 
-	file = open(str,O_BINARY+O_WRONLY+O_CREAT+O_TRUNC, 0666);
+	file = open(str,O_BINARY+O_WRONLY+O_CREAT+O_TRUNC+O_EXCL, 0666);
 	if(file == -1) {
 		printf("Unable to save %s\n", str);
 		return;

blender-2.45-cve-2008-1103-2.patch:

--- NEW FILE blender-2.45-cve-2008-1103-2.patch ---
diff -up blender-2.45/source/blender/src/usiblender.c.cve3 blender-2.45/source/blender/src/usiblender.c
--- blender-2.45/source/blender/src/usiblender.c.cve3	2007-09-18 06:58:42.000000000 +0200
+++ blender-2.45/source/blender/src/usiblender.c	2008-05-07 17:32:10.000000000 +0200
@@ -172,10 +172,12 @@ static void init_userdef_file(void)
 		U.tb_rightmouse= 5;
 	}
 	if(U.mixbufsize==0) U.mixbufsize= 2048;
-	if (BLI_streq(U.tempdir, "/")) {
+	if (BLI_streq(U.tempdir, "/") || BLI_streq(U.tempdir, "/tmp/")) {
 		char *tmp= getenv("TEMP");
+                char *home= getenv("HOME");
 		
-		strcpy(U.tempdir, tmp?tmp:"/tmp/");
+		strcpy(U.tempdir, tmp?tmp:home);
+                if (!tmp) strcat(U.tempdir, "/.blender/");
 	}
 	if (U.savetime <= 0) {
 		U.savetime = 1;


Index: blender.spec
===================================================================
RCS file: /cvs/extras/rpms/blender/F-9/blender.spec,v
retrieving revision 1.76
retrieving revision 1.77
diff -u -r1.76 -r1.77
--- blender.spec	27 Apr 2008 19:44:14 -0000	1.76
+++ blender.spec	7 May 2008 15:45:06 -0000	1.77
@@ -3,7 +3,7 @@
 
 Name:           blender
 Version:        2.45
-Release: 	13%{?dist}
+Release: 	14%{?dist}
 
 Summary:        3D modeling, animation, rendering and post-production
 
@@ -32,6 +32,8 @@
 Patch5:		blender-2.45-sc.patch
 
 Patch100:	blender-2.45-cve-2008-1102.patch
+Patch101:	blender-2.45-cve-2008-1103-1.patch
+Patch102:	blender-2.45-cve-2008-1103-2.patch
 
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -85,7 +87,9 @@
 %patch4 -p1
 %endif
 
-%patch100 -p1 -b .cve
+%patch100 -p1 -b .cve1
+%patch101 -p1 -b .cve2
+%patch102 -p1 -b .cve3
 
 PYVER=$(%{__python} -c "import sys ; print sys.version[:3]")
 
@@ -189,6 +193,9 @@
 %{_datadir}/mime/packages/blender.xml
 
 %changelog
+* Wed May  7 2008 Jochen Schmitt <Jochen herr-schmitt de> 2.45-14
+- Fix CVE-2008-1103 (#444535)
+
 * Sun Apr 27 2008 Jochen Schmitt <Jochen herr-schmitt de> 2.45-13
 - More generic patch to solve scons issue
 




More information about the fedora-extras-commits mailing list