rpms/coccinelle/devel coccinelle-0.1.8-debian-unsafe-tmp-handling.patch, NONE, 1.1 .cvsignore, 1.2, 1.3 coccinelle.spec, 1.2, 1.3 sources, 1.2, 1.3 coccinelle-0.1.4-python26.patch, 1.1, NONE
Richard W.M. Jones
rjones at fedoraproject.org
Fri May 22 11:23:43 UTC 2009
- Previous message (by thread): rpms/netatalk/F-10 netatalk-2.0.3-fpsyncdir.patch, NONE, 1.1 netatalk.spec, 1.48, 1.49
- Next message (by thread): rpms/coccinelle/F-10 coccinelle-0.1.8-debian-unsafe-tmp-handling.patch, NONE, 1.1 .cvsignore, 1.2, 1.3 coccinelle.spec, 1.2, 1.3 sources, 1.2, 1.3 coccinelle-0.1.4-python26.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: rjones
Update of /cvs/pkgs/rpms/coccinelle/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv24613
Modified Files:
.cvsignore coccinelle.spec sources
Added Files:
coccinelle-0.1.8-debian-unsafe-tmp-handling.patch
Removed Files:
coccinelle-0.1.4-python26.patch
Log Message:
* Fri May 22 2009 Richard W.M. Jones <rjones at redhat.com> - 0.1.8-1
- New upstream version 0.1.8.
- Include patch from Debian to fix CVE-2009-1753 (RHBZ#502174).
coccinelle-0.1.8-debian-unsafe-tmp-handling.patch:
--- NEW FILE coccinelle-0.1.8-debian-unsafe-tmp-handling.patch ---
Patch fixes unsafe temporary file handling (reported to upstream).
Signed-off-by: Eugeniy Meshcheryakov <eugen at debian.org>
diff -ur coccinelle-0.1.8/main.ml coccinelle-0.1.8.unsafe-tmp-handling/main.ml
--- coccinelle-0.1.8/main.ml 2009-05-08 18:58:02.000000000 +0100
+++ coccinelle-0.1.8.unsafe-tmp-handling/main.ml 2009-05-22 12:09:23.094841485 +0100
@@ -798,9 +798,11 @@
if !output_file =$= ""
then begin
+ (*
let tmpfile = "/tmp/"^Common.basename infile in
pr2 (spf "One file modified. Result is here: %s" tmpfile);
Common.command2 ("cp "^outfile^" "^tmpfile);
+ *)
end
));
if !output_file <> "" then
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/coccinelle/devel/.cvsignore,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- .cvsignore 18 Mar 2009 09:32:42 -0000 1.2
+++ .cvsignore 22 May 2009 11:23:11 -0000 1.3
@@ -1 +1 @@
-coccinelle-0.1.5.tgz
+coccinelle-0.1.8.tgz
Index: coccinelle.spec
===================================================================
RCS file: /cvs/pkgs/rpms/coccinelle/devel/coccinelle.spec,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- coccinelle.spec 16 Apr 2009 09:26:11 -0000 1.2
+++ coccinelle.spec 22 May 2009 11:23:11 -0000 1.3
@@ -7,8 +7,8 @@
%endif
Name: coccinelle
-Version: 0.1.5
-Release: 3%{?dist}
+Version: 0.1.8
+Release: 1%{?dist}
Summary: Semantic patching for Linux (spatch)
Group: Development/Libraries
@@ -20,8 +20,8 @@ ExcludeArch: sparc64 s390 s390x
URL: http://www.emn.fr/x-info/coccinelle/
Source0: http://www.emn.fr/x-info/coccinelle/distrib/%{name}-%{version}.tgz
-# Patch for Python 2.6, sent upstream on 2009-03-17.
-Patch0: coccinelle-0.1.4-python26.patch
+# RHBZ#502174, CVE-2009-1753
+Patch0: coccinelle-0.1.8-debian-unsafe-tmp-handling.patch
BuildRequires: ocaml >= 3.10.0
BuildRequires: ocaml-findlib-devel
@@ -63,7 +63,7 @@ The %{name}-examples package contains ex
%prep
%setup -q
-%patch0 -p0
+%patch0 -p1
# Remove .cvsignore files.
find -name .cvsignore -delete
@@ -156,6 +156,10 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Fri May 22 2009 Richard W.M. Jones <rjones at redhat.com> - 0.1.8-1
+- New upstream version 0.1.8.
+- Include patch from Debian to fix CVE-2009-1753 (RHBZ#502174).
+
* Thu Apr 16 2009 S390x secondary arch maintainer <fedora-s390x at lists.fedoraproject.org>
- ExcludeArch sparc64, s390, s390x as we don't have OCaml on those archs
(added sparc64 per request from the sparc maintainer)
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/coccinelle/devel/sources,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- sources 18 Mar 2009 09:32:42 -0000 1.2
+++ sources 22 May 2009 11:23:11 -0000 1.3
@@ -1 +1 @@
-c6a8cdb9bb2bd22cb48cca456be63837 coccinelle-0.1.5.tgz
+29565a4b1904809b57ed255f1df67567 coccinelle-0.1.8.tgz
--- coccinelle-0.1.4-python26.patch DELETED ---
- Previous message (by thread): rpms/netatalk/F-10 netatalk-2.0.3-fpsyncdir.patch, NONE, 1.1 netatalk.spec, 1.48, 1.49
- Next message (by thread): rpms/coccinelle/F-10 coccinelle-0.1.8-debian-unsafe-tmp-handling.patch, NONE, 1.1 .cvsignore, 1.2, 1.3 coccinelle.spec, 1.2, 1.3 sources, 1.2, 1.3 coccinelle-0.1.4-python26.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list