rpms/ruby-gnome2/devel ruby-gnome2-all-0.16.0-gtk-security.patch, NONE, 1.1 ruby-gnome2.spec, 1.16, 1.17
Allisson Azevedo (allisson)
fedora-extras-commits at redhat.com
Tue Dec 4 20:34:38 UTC 2007
- Previous message (by thread): rpms/pcapy/devel pcapy.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/libvoikko/F-7 .cvsignore, 1.2, 1.3 libvoikko.spec, 1.1, 1.2 sources, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: allisson
Update of /cvs/extras/rpms/ruby-gnome2/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3456/devel
Modified Files:
ruby-gnome2.spec
Added Files:
ruby-gnome2-all-0.16.0-gtk-security.patch
Log Message:
Fix CVE-2007-6183, format string vulnerability (bugzilla #402871)
ruby-gnome2-all-0.16.0-gtk-security.patch:
--- NEW FILE ruby-gnome2-all-0.16.0-gtk-security.patch ---
diff -up ruby-gnome2-all-0.16.0/gtk/src/rbgtkmessagedialog.c.security ruby-gnome2-all-0.16.0/gtk/src/rbgtkmessagedialog.c
--- ruby-gnome2-all-0.16.0/gtk/src/rbgtkmessagedialog.c.security 2007-12-04 10:03:02.000000000 -0300
+++ ruby-gnome2-all-0.16.0/gtk/src/rbgtkmessagedialog.c 2007-12-04 10:04:10.000000000 -0300
@@ -28,7 +28,8 @@ mdiag_initialize(argc, argv, self)
RVAL2GFLAGS(flags, GTK_TYPE_DIALOG_FLAGS),
RVAL2GENUM(type, GTK_TYPE_MESSAGE_TYPE),
RVAL2GENUM(buttons, GTK_TYPE_BUTTONS_TYPE),
- (const gchar*)(NIL_P(message) ? "": RVAL2CSTR(message)));
+ "%s",
+ NIL_P(message) ? "": RVAL2CSTR(message));
RBGTK_INITIALIZE(self, w);
return Qnil;
}
Index: ruby-gnome2.spec
===================================================================
RCS file: /cvs/extras/rpms/ruby-gnome2/devel/ruby-gnome2.spec,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- ruby-gnome2.spec 4 Dec 2007 13:50:46 -0000 1.16
+++ ruby-gnome2.spec 4 Dec 2007 20:34:04 -0000 1.17
@@ -3,7 +3,7 @@
Name: ruby-gnome2
Version: 0.16.0
-Release: 19%{?dist}
+Release: 20%{?dist}
Summary: Ruby binding of libgnome/libgnomeui-2.x
Group: System Environment/Libraries
@@ -15,6 +15,7 @@
Patch10: ruby-gnome2-all-0.16.0-typedef.patch
Patch11: ruby-gnome2-all-0.16.0-newpoppler.patch
Patch12: ruby-gnome2-all-0.16.0-glib-2.14.patch
+Patch13: ruby-gnome2-all-0.16.0-gtk-security.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: ruby ruby-devel gtk2-devel libgnome-devel libgnomeui-devel
@@ -433,6 +434,8 @@
%patch10 -p1 -b .typedef
%patch11 -p1 -b .newpoppler
%patch12 -p1 -b .glib2_14
+%patch13 -p1 -b .security
+
#Because of an error in upstream packaging there is a second ruby-gnome2 dir inside so we delete it
#%{__rm} -rf %{name}
@@ -626,6 +629,10 @@
%changelog
+
+* Tue Dec 4 2007 Allisson Azevedo <allisson at gmail.com> 0.16.0-20
+- Fix CVE-2007-6183, format string vulnerability (bugzilla #402871)
+
* Tue Dec 4 2007 Alex Lancaster <alexlan at fedoraproject.org> 0.16.0-19
- Back to building against gecko 1.8.1.10 (firefox) until #402591 is
fixed.
- Previous message (by thread): rpms/pcapy/devel pcapy.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/libvoikko/F-7 .cvsignore, 1.2, 1.3 libvoikko.spec, 1.1, 1.2 sources, 1.2, 1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list