rpms/wine/FC-3 wine-CVE-2005-4560.patch,NONE,1.1 wine.spec,1.5,1.6
Andreas Bierfert (awjb)
fedora-extras-commits at redhat.com
Sun Jan 8 09:06:39 UTC 2006
Author: awjb
Update of /cvs/extras/rpms/wine/FC-3
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv828/FC-3
Modified Files:
wine.spec
Added Files:
wine-CVE-2005-4560.patch
Log Message:
- fix CVE-2005-4560
wine-CVE-2005-4560.patch:
--- NEW FILE wine-CVE-2005-4560.patch ---
===================================================================
RCS file: /home/wine/wine/dlls/gdi/metafile.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -p -r1.11 -r1.12
--- wine/dlls/gdi/metafile.c 2006/01/03 12:43:52 1.11
+++ wine/dlls/gdi/metafile.c 2006/01/06 20:52:46 1.12
@@ -863,6 +863,13 @@ BOOL WINAPI PlayMetaFileRecord( HDC hdc,
break;
case META_ESCAPE:
+ switch (mr->rdParm[0]) {
+ case GETSCALINGFACTOR: /* get function ... would just NULL dereference */
+ return FALSE;
+ case SETABORTPROC:
+ FIXME("Filtering Escape(SETABORTPROC), possible virus?\n");
+ return FALSE;
+ }
Escape(hdc, mr->rdParm[0], mr->rdParm[1], (LPCSTR)&mr->rdParm[2], NULL);
break;
Index: wine.spec
===================================================================
RCS file: /cvs/extras/rpms/wine/FC-3/wine.spec,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- wine.spec 6 Jan 2006 11:00:54 -0000 1.5
+++ wine.spec 8 Jan 2006 09:06:36 -0000 1.6
@@ -1,6 +1,6 @@
Name: wine
Version: 0.9.5
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: A Windows 16/32/64 bit emulator
Group: Applications/Emulators
@@ -19,6 +19,8 @@
Source105: wine-winemine.desktop
Source106: wine-winhelp.desktop
Patch2: wine-20050524-generated.patch
+# CVS-2005-4560 wmf exploit
+Patch100: wine-CVE-2005-4560.patch
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
ExclusiveArch: %{ix86}
@@ -45,6 +47,7 @@
BuildRequires: zlib-devel
BuildRequires: desktop-file-utils
BuildRequires: fontforge
+BuildRequires: cups-devel
Requires(post): /sbin/ldconfig, /sbin/chkconfig, /sbin/service,
Requires(post): /usr/bin/update-desktop-database
@@ -143,6 +146,7 @@
%prep
%setup -q
%patch2 -p1 -b .generated
+%patch100 -p1
autoconf
%build
@@ -675,10 +679,15 @@
%{_libdir}/wine/*.def
%changelog
+* Sun Jan 08 2006 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
+0.9.5-2
+- fix for CVE-2005-4560
+- add fix BR from devel
+
* Fri Jan 06 2006 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
0.9.5-1
- version upgrade
-- fix #177089
+- fix #177089 (winemine desktop entry should be in Game not in System)
* Wed Jan 04 2006 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
0.9.4-5
More information about the fedora-extras-commits
mailing list