rpms/geda-gnetlist/F-9 geda-gnetlist-CVE-mktemp.patch, NONE, 1.1 geda-gnetlist.spec, 1.14, 1.15 import.log, 1.1, 1.2

Chitlesh GOORAH chitlesh at fedoraproject.org
Tue Nov 18 21:00:05 UTC 2008 

Author: chitlesh

Update of /cvs/pkgs/rpms/geda-gnetlist/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv15197/F-9

Modified Files:
	geda-gnetlist.spec import.log 
Added Files:
	geda-gnetlist-CVE-mktemp.patch 
Log Message:
security bug on temp file

geda-gnetlist-CVE-mktemp.patch:

--- NEW FILE geda-gnetlist-CVE-mktemp.patch ---
--- scripts/sch2eaglepos.sh	2008-05-16 06:20:10.000000000 +0200
+++ scripts/sch2eaglepos.sh_cht	2008-11-18 21:49:04.000000000 +0100
@@ -2,6 +2,12 @@
 # By Braddock Gaskill (braddock at braddock.com), August 2004.  This
 # software is hereby declared to be in the public domain by Braddock
 # Gaskill, the author.
+
+# Updated by Chitlesh GOORAH - reason : Security bug on temporary file (18Nov2008)
+#  The issue is that the value of TMP is predictable
+#  and a local evildoer could create a symlink causing some data to be overwritten.
+#
+
 FNAME="$1"
 if [ -z "$FNAME" ]; then
     echo "$0 <inputfile.sch>"
@@ -20,8 +26,8 @@
 XSCALE=9000
 YSCALE=9000
 
-TMP=/tmp/$$
-grep -B1 refdes= "$FNAME" |sed 's/=/ /' | cut -d" " -f2,3 |grep -v '^--' >/tmp/$$
+TMP=`mktemp`
+grep -B1 refdes= "$FNAME" |sed 's/=/ /' | cut -d" " -f2,3 |grep -v '^--' > $TMP
 
 3<$TMP
 while read -u 3; do


Index: geda-gnetlist.spec
===================================================================
RCS file: /cvs/pkgs/rpms/geda-gnetlist/F-9/geda-gnetlist.spec,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- geda-gnetlist.spec	11 Nov 2008 22:58:51 -0000	1.14
+++ geda-gnetlist.spec	18 Nov 2008 20:59:35 -0000	1.15
@@ -2,7 +2,7 @@
 
 Name:           geda-gnetlist
 Version:        20080929
-Release:        1%{?dist}
+Release:        2%{?dist}
 
 Summary:        Netlister for the gEDA project
 Group:          Applications/Engineering
@@ -10,6 +10,9 @@
 
 URL:            http://www.geda.seul.org/tools/gnetlist/index.html
 Source:         http://geda.seul.org/release/v1.2/%{relver}/%{name}-%{real_ver}.tar.gz
+
+Patch0:         %{name}-CVE-mktemp.patch
+
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires:  libgeda-devel, libstroke-devel, geda-symbols, groff gawk
@@ -28,6 +31,7 @@
 
 %prep
 %setup -q -n %{name}-%{real_ver}
+%patch0 -b .cve
 
 %build
 
@@ -82,6 +86,9 @@
 %{_docdir}/gEDA/examples/*
 
 %Changelog
+* Tue Nov 18 2008 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> - 20080929-2
+- Security bug patched:  Bug 472114 - CVE-2008-5148 geda-gnetlist insecure temporary file use
+
 * Tue Nov 11 2008 Chitlesh Goorah <chitlesh [AT] fedoraproject DOT org> - 20080929-1
 - New upstream release
 


Index: import.log
===================================================================
RCS file: /cvs/pkgs/rpms/geda-gnetlist/F-9/import.log,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- import.log	11 Nov 2008 22:58:51 -0000	1.1
+++ import.log	18 Nov 2008 20:59:35 -0000	1.2
@@ -1 +1,2 @@
 geda-gnetlist-20080929-1_fc9:F-9:geda-gnetlist-20080929-1.fc9.src.rpm:1226444309
+geda-gnetlist-20080929-2_fc9:F-9:geda-gnetlist-20080929-2.fc9.src.rpm:1227041905

More information about the fedora-extras-commits mailing list