rpms/coccinelle/F-11 coccinelle-0.1.8-debian-unsafe-tmp-handling.patch, NONE, 1.1 .cvsignore, 1.2, 1.3 coccinelle.spec, 1.1, 1.2 sources, 1.2, 1.3 coccinelle-0.1.4-python26.patch, 1.1, NONE
Richard W.M. Jones
rjones at fedoraproject.org
Fri May 22 11:23:55 UTC 2009
- Previous message (by thread): rpms/coccinelle/F-10 coccinelle-0.1.8-debian-unsafe-tmp-handling.patch, NONE, 1.1 .cvsignore, 1.2, 1.3 coccinelle.spec, 1.2, 1.3 sources, 1.2, 1.3 coccinelle-0.1.4-python26.patch, 1.1, NONE
- Next message (by thread): rpms/wxGTK/F-10 .cvsignore, 1.11, 1.12 sources, 1.11, 1.12 wxGTK.spec, 1.41, 1.42
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: rjones
Update of /cvs/pkgs/rpms/coccinelle/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv24751
Modified Files:
.cvsignore coccinelle.spec sources
Added Files:
coccinelle-0.1.8-debian-unsafe-tmp-handling.patch
Removed Files:
coccinelle-0.1.4-python26.patch
Log Message:
* Fri May 22 2009 Richard W.M. Jones <rjones at redhat.com> - 0.1.8-1
- New upstream version 0.1.8.
- Include patch from Debian to fix CVE-2009-1753 (RHBZ#502174).
coccinelle-0.1.8-debian-unsafe-tmp-handling.patch:
--- NEW FILE coccinelle-0.1.8-debian-unsafe-tmp-handling.patch ---
Patch fixes unsafe temporary file handling (reported to upstream).
Signed-off-by: Eugeniy Meshcheryakov <eugen at debian.org>
diff -ur coccinelle-0.1.8/main.ml coccinelle-0.1.8.unsafe-tmp-handling/main.ml
--- coccinelle-0.1.8/main.ml 2009-05-08 18:58:02.000000000 +0100
+++ coccinelle-0.1.8.unsafe-tmp-handling/main.ml 2009-05-22 12:09:23.094841485 +0100
@@ -798,9 +798,11 @@
if !output_file =$= ""
then begin
+ (*
let tmpfile = "/tmp/"^Common.basename infile in
pr2 (spf "One file modified. Result is here: %s" tmpfile);
Common.command2 ("cp "^outfile^" "^tmpfile);
+ *)
end
));
if !output_file <> "" then
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/coccinelle/F-11/.cvsignore,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- .cvsignore 18 Mar 2009 09:32:42 -0000 1.2
+++ .cvsignore 22 May 2009 11:23:24 -0000 1.3
@@ -1 +1 @@
-coccinelle-0.1.5.tgz
+coccinelle-0.1.8.tgz
Index: coccinelle.spec
===================================================================
RCS file: /cvs/pkgs/rpms/coccinelle/F-11/coccinelle.spec,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- coccinelle.spec 18 Mar 2009 09:32:42 -0000 1.1
+++ coccinelle.spec 22 May 2009 11:23:24 -0000 1.2
@@ -7,8 +7,8 @@
%endif
Name: coccinelle
-Version: 0.1.5
-Release: 3%{?dist}
+Version: 0.1.8
+Release: 1%{?dist}
Summary: Semantic patching for Linux (spatch)
Group: Development/Libraries
@@ -19,8 +19,8 @@ BuildRoot: %{_tmppath}/%{name}-%{ve
URL: http://www.emn.fr/x-info/coccinelle/
Source0: http://www.emn.fr/x-info/coccinelle/distrib/%{name}-%{version}.tgz
-# Patch for Python 2.6, sent upstream on 2009-03-17.
-Patch0: coccinelle-0.1.4-python26.patch
+# RHBZ#502174, CVE-2009-1753
+Patch0: coccinelle-0.1.8-debian-unsafe-tmp-handling.patch
BuildRequires: ocaml >= 3.10.0
BuildRequires: ocaml-findlib-devel
@@ -62,7 +62,7 @@ The %{name}-examples package contains ex
%prep
%setup -q
-%patch0 -p0
+%patch0 -p1
# Remove .cvsignore files.
find -name .cvsignore -delete
@@ -155,6 +155,10 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Fri May 22 2009 Richard W.M. Jones <rjones at redhat.com> - 0.1.8-1
+- New upstream version 0.1.8.
+- Include patch from Debian to fix CVE-2009-1753 (RHBZ#502174).
+
* Tue Mar 17 2009 Richard W.M. Jones <rjones at redhat.com> - 0.1.5-3
- Make the documentation subpackage "-doc" not "-docs".
- Comment about patch0 and send upstream.
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/coccinelle/F-11/sources,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- sources 18 Mar 2009 09:32:42 -0000 1.2
+++ sources 22 May 2009 11:23:24 -0000 1.3
@@ -1 +1 @@
-c6a8cdb9bb2bd22cb48cca456be63837 coccinelle-0.1.5.tgz
+29565a4b1904809b57ed255f1df67567 coccinelle-0.1.8.tgz
--- coccinelle-0.1.4-python26.patch DELETED ---
- Previous message (by thread): rpms/coccinelle/F-10 coccinelle-0.1.8-debian-unsafe-tmp-handling.patch, NONE, 1.1 .cvsignore, 1.2, 1.3 coccinelle.spec, 1.2, 1.3 sources, 1.2, 1.3 coccinelle-0.1.4-python26.patch, 1.1, NONE
- Next message (by thread): rpms/wxGTK/F-10 .cvsignore, 1.11, 1.12 sources, 1.11, 1.12 wxGTK.spec, 1.41, 1.42
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list