rpms/irssi/devel irssi-CVE-2009-1959.patch, NONE, 1.1 irssi.spec, 1.38, 1.39
Huzaifa Sidhpurwala
huzaifas at fedoraproject.org
Tue Jun 23 10:47:52 UTC 2009
Author: huzaifas
Update of /cvs/pkgs/rpms/irssi/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv12225
Modified Files:
irssi.spec
Added Files:
irssi-CVE-2009-1959.patch
Log Message:
Resolve CVE-2009-1959
irssi-CVE-2009-1959.patch:
--- NEW FILE irssi-CVE-2009-1959.patch ---
--- irssi-0.8.13/src/fe-common/irc/fe-events.c 2008/11/09 23:06:37 4889
+++ irssi-0.8.13/src/fe-common/irc/fe-events.c 2009/05/15 11:54:33 5068
@@ -298,7 +298,7 @@
tmp = g_strdup(data+8);
len = strlen(tmp);
- if (tmp[len-1] == 1) tmp[len-1] = '\0';
+ if (len >= 1 && tmp[len-1] == 1) tmp[len-1] = '\0';
printformat(server, NULL, MSGLEVEL_WALLOPS, IRCTXT_ACTION_WALLOPS, nick, tmp);
g_free(tmp);
}
Index: irssi.spec
===================================================================
RCS file: /cvs/pkgs/rpms/irssi/devel/irssi.spec,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -p -r1.38 -r1.39
--- irssi.spec 1 May 2009 19:37:45 -0000 1.38
+++ irssi.spec 23 Jun 2009 10:47:21 -0000 1.39
@@ -3,14 +3,14 @@
Summary: Modular text mode IRC client with Perl scripting
Name: irssi
Version: 0.8.13
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2+
Group: Applications/Communications
URL: http://irssi.org/
Source0: http://irssi.org/files/irssi-%{version}.tar.gz
Source1: irssi-config.h
-
+Patch0: irssi-CVE-2009-1959.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
BuildRequires: ncurses-devel openssl-devel zlib-devel
BuildRequires: pkgconfig glib2-devel perl-devel perl(ExtUtils::Embed)
@@ -36,7 +36,7 @@ being maintained.
%prep
%setup -q -n %{name}-%{version}
-
+%patch0 -p1
%build
%configure --enable-ipv6 --with-textui \
--with-proxy \
@@ -85,6 +85,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Tue Jun 23 2009 Huzaifa Sidhpurwala <huzaifas at redhat.com> - 0.8.13-2
+- Resolve CVE-2009-1959
+
* Fri May 1 2009 Marek Mahut <mmahut at fedoraproject.org> - 0.8.13-1
- Upstream release
More information about the fedora-extras-commits
mailing list