rpms/wine/devel wine-CVE-2005-4560.patch, NONE, 1.1 wine.spec, 1.9, 1.10

Andreas Bierfert (awjb) fedora-extras-commits at redhat.com
Sun Jan 8 09:07:13 UTC 2006 

Author: awjb

Update of /cvs/extras/rpms/wine/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv828/devel

Modified Files:
	wine.spec 
Added Files:
	wine-CVE-2005-4560.patch 
Log Message:
- fix CVE-2005-4560


wine-CVE-2005-4560.patch:

--- NEW FILE wine-CVE-2005-4560.patch ---
===================================================================
RCS file: /home/wine/wine/dlls/gdi/metafile.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -p -r1.11 -r1.12
--- wine/dlls/gdi/metafile.c	2006/01/03 12:43:52	1.11
+++ wine/dlls/gdi/metafile.c	2006/01/06 20:52:46	1.12
@@ -863,6 +863,13 @@ BOOL WINAPI PlayMetaFileRecord( HDC hdc,
         break;
 
     case META_ESCAPE:
+        switch (mr->rdParm[0]) {
+        case GETSCALINGFACTOR: /* get function ... would just NULL dereference */
+             return FALSE;
+        case SETABORTPROC:
+             FIXME("Filtering Escape(SETABORTPROC), possible virus?\n");
+             return FALSE;
+        }
         Escape(hdc, mr->rdParm[0], mr->rdParm[1], (LPCSTR)&mr->rdParm[2], NULL);
         break;


Index: wine.spec
===================================================================
RCS file: /cvs/extras/rpms/wine/devel/wine.spec,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- wine.spec	7 Jan 2006 23:15:33 -0000	1.9
+++ wine.spec	8 Jan 2006 09:07:13 -0000	1.10
@@ -2,7 +2,7 @@
 
 Name:		wine
 Version:	0.9.5
-Release:	1%{?dist}
+Release:	2%{?dist}
 Summary:	A Windows 16/32/64 bit emulator
 
 Group:		Applications/Emulators
@@ -21,6 +21,10 @@
 Source105:      wine-winemine.desktop
 Source106:      wine-winhelp.desktop
 Patch2:		wine-20050524-generated.patch
+# CVS-2005-4560 wmf exploit from wine cvs
+# http://cvs.winehq.org/cvsweb/wine/dlls/gdi/metafile.c.diff?r1=text&tr1=1.11&r2=text&tr2=1.12
+Patch100:       wine-CVE-2005-4560.patch
+
 Buildroot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 ExclusiveArch: %{ix86}
@@ -155,6 +159,7 @@
 %prep
 %setup -q
 %patch2 -p1 -b .generated
+%patch100 -p1
 autoconf
 
 %build
@@ -688,6 +693,10 @@
 %{_libdir}/wine/*.def
 
 %changelog
+* Sun Jan 08 2006 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
+0.9.5-2
+- fix for CVE-2005-4560
+
 * Fri Jan 06 2006 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
 0.9.5-1
 - version upgrade

More information about the fedora-extras-commits mailing list