rpms/gedit/F-10 gedit-2.24.3-fix-python-path.patch, NONE, 1.1 gedit.spec, 1.174, 1.175

Ray Strode rstrode at fedoraproject.org
Mon Jan 26 17:51:23 UTC 2009 

Author: rstrode

Update of /cvs/pkgs/rpms/gedit/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv11967

Modified Files:
	gedit.spec 
Added Files:
	gedit-2.24.3-fix-python-path.patch 
Log Message:
- Fix up python plugin path to close up a security attack
  vectors (bug 481556).


gedit-2.24.3-fix-python-path.patch:

--- NEW FILE gedit-2.24.3-fix-python-path.patch ---
diff -up gedit-2.25.5/plugin-loaders/python/gedit-plugin-loader-python.c.fix-python-path gedit-2.25.5/plugin-loaders/python/gedit-plugin-loader-python.c
--- gedit-2.24.3/gedit/gedit-python-module.c.fix-python-path	2009-01-26 12:36:50.289751027 -0500
+++ gedit-2.24.3/gedit/gedit-python-module.c	2009-01-26 12:39:23.668963430 -0500
@@ -541,6 +541,9 @@ gedit_python_init (GeditPluginLoaderPyth
 
 	PySys_SetArgv (1, argv);
 
+	/* Sanitize sys.path, see http://bugzilla.gnome.org/show_bug.cgi?id=569214 */
+	PyRun_SimpleString ("import sys; sys.path = filter(None, sys.path)");
+
 	if (!gedit_check_pygtk2 ())
 	{
 		/* Warning message already printed in check_pygtk2 */


Index: gedit.spec
===================================================================
RCS file: /cvs/pkgs/rpms/gedit/F-10/gedit.spec,v
retrieving revision 1.174
retrieving revision 1.175
diff -u -r1.174 -r1.175
--- gedit.spec	16 Jan 2009 02:00:53 -0000	1.174
+++ gedit.spec	26 Jan 2009 17:50:52 -0000	1.175
@@ -18,7 +18,7 @@
 Summary:	gEdit is a small but powerful text editor for GNOME
 Name:		gedit
 Version: 	2.24.3
-Release: 	1%{?dist}
+Release: 	2%{?dist}
 Epoch:		1
 License:	GPLv2+ and GFDL
 Group:		Applications/Editors
@@ -42,6 +42,9 @@
 Patch1: gedit-2.13.90-libdir.patch
 %endif
 
+# http://bugzilla.gnome.org/show_bug.cgi?id=569214
+Patch2: gedit-2.24.3-fix-python-path.patch
+
 BuildRequires: gnome-common
 BuildRequires: glib2-devel >= %{glib2_version}
 BuildRequires: pango-devel >= %{pango_version}
@@ -104,6 +107,8 @@
 %patch1 -p1 -b .libdir
 %endif
 
+%patch2 -p1 -b .fix-python-path
+
 %build
 autoreconf
 %configure \
@@ -218,6 +223,10 @@
 
 
 %changelog
+* Mon Jan 26 2009 Ray Strode <rstrode at redhat.com> - 1:2.24.3-2
+- Fix up python plugin path to close up a security attack
+  vectors (bug 481556).
+
 * Thu Jan 15 2009 Matthias Clasen <mclasen at redhat.com> - 1:2.24.3-1
 - Update to 2.24.3

More information about the fedora-extras-commits mailing list