rpms/t1lib/F-7 t1lib-cve-2007-4033.patch, NONE, 1.1 .cvsignore, 1.3, 1.4 sources, 1.3, 1.4 t1lib.spec, 1.15, 1.16 t1lib-5.1.0-destdir.patch, 1.1, NONE
José Abílio Oliveira Matos (jamatos)
fedora-extras-commits at redhat.com
Thu Sep 27 15:57:38 UTC 2007
- Previous message (by thread): rpms/online-desktop/devel .cvsignore,1.10,1.11 sources,1.10,1.11
- Next message (by thread): rpms/repoview/devel .cvsignore, 1.8, 1.9 repoview.spec, 1.8, 1.9 sources, 1.8, 1.9
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jamatos
Update of /cvs/pkgs/rpms/t1lib/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14319
Modified Files:
.cvsignore sources t1lib.spec
Added Files:
t1lib-cve-2007-4033.patch
Removed Files:
t1lib-5.1.0-destdir.patch
Log Message:
* Thu Sep 27 2007 José Matos <jamatos[AT]fc.up.pt> - 5.1.1-3
- Apply patch to fix CVE-2007-4033
t1lib-cve-2007-4033.patch:
--- NEW FILE t1lib-cve-2007-4033.patch ---
--- t1lib-5.1.0.orig/lib/t1lib/t1env.c
+++ t1lib-5.1.0/lib/t1lib/t1env.c
@@ -611,6 +611,12 @@
#endif
strcat( pathbuf, DIRECTORY_SEP);
/* And finally the filename: */
+ /* If current pathbuf + StrippedName + 1 byte for NULL is bigger than pathbuf
+ let's try next pathbuf */
+ if( strlen(pathbuf) + strlen(StrippedName) + 1 > sizeof(pathbuf) ) {
+ i++;
+ continue;
+ }
strcat( pathbuf, StrippedName);
/* Check for existence of the path: */
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/t1lib/F-7/.cvsignore,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- .cvsignore 17 Jan 2006 14:04:18 -0000 1.3
+++ .cvsignore 27 Sep 2007 15:57:05 -0000 1.4
@@ -1 +1 @@
-t1lib-5.1.0.tar.gz
+t1lib-5.1.1.tar.gz
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/t1lib/F-7/sources,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- sources 17 Jan 2006 14:04:18 -0000 1.3
+++ sources 27 Sep 2007 15:57:05 -0000 1.4
@@ -1 +1 @@
-a05bed4aa63637052e60690ccde70421 t1lib-5.1.0.tar.gz
+b1b86b5014364d92ab3b7cee6c81e29d t1lib-5.1.1.tar.gz
Index: t1lib.spec
===================================================================
RCS file: /cvs/pkgs/rpms/t1lib/F-7/t1lib.spec,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- t1lib.spec 28 Aug 2007 18:20:35 -0000 1.15
+++ t1lib.spec 27 Sep 2007 15:57:05 -0000 1.16
@@ -1,6 +1,6 @@
Name: t1lib
Version: 5.1.1
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: PostScript Type 1 font rasterizer
@@ -12,7 +12,8 @@
Patch1: t1lib-5.0.0-manpages.patch
Patch2: t1lib-5.0.0-xglyph-env.patch
# From Debian's t1lib-5.0.0-4 (slightly tweaked):
-Patch5: t1lib-5.0.0-t1libconfig.patch
+Patch3: t1lib-5.0.0-t1libconfig.patch
+Patch4: t1lib-cve-2007-4033.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires(post): coreutils, findutils
@@ -39,7 +40,8 @@
%setup -q
%patch1 -p1
%patch2 -p1
-%patch5 -p1
+%patch3 -p1
+%patch4 -p1
%build
@@ -100,6 +102,9 @@
%changelog
+* Thu Sep 27 2007 José Matos <jamatos[AT]fc.up.pt> - 5.1.1-3
+- Apply patch to fix CVE-2007-4033
+
* Tue Aug 28 2007 José Matos <jamatos[AT]fc.up.pt> - 5.1.1-2
- License fix, rebuild for devel (F8).
--- t1lib-5.1.0-destdir.patch DELETED ---
- Previous message (by thread): rpms/online-desktop/devel .cvsignore,1.10,1.11 sources,1.10,1.11
- Next message (by thread): rpms/repoview/devel .cvsignore, 1.8, 1.9 repoview.spec, 1.8, 1.9 sources, 1.8, 1.9
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list