rpms/am-utils/F-9 am-utils-6.1.5-buildsys.patch, NONE, 1.1 am-utils-6.1.5-expn-temp.patch, NONE, 1.1 am-utils-6.1.5-nolock-toplvl.patch, NONE, 1.1 am-utils.spec, 1.43, 1.44
Karel Zak
kzak at fedoraproject.org
Tue Dec 2 13:18:48 UTC 2008
- Previous message (by thread): rpms/busybox/devel busybox-1.12.1-selinux.patch, NONE, 1.1 busybox.spec, 1.88, 1.89 busybox-1.10.1-headers.patch, 1.3, NONE
- Next message (by thread): rpms/java-1.6.0-openjdk/F-9 java-1.6.0-openjdk-dec2security.patch, NONE, 1.1 java-1.6.0-openjdk.spec, 1.59, 1.60
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: kzak
Update of /cvs/pkgs/rpms/am-utils/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv12898
Modified Files:
am-utils.spec
Added Files:
am-utils-6.1.5-buildsys.patch am-utils-6.1.5-expn-temp.patch
am-utils-6.1.5-nolock-toplvl.patch
Log Message:
* Tue Dec 2 2008 Karel Zak <kzak at redhat.com> 5:6.1.5-8.1
- fix #450754 - Amd does not work with 2.6.25 (thanks to Philippe Troin)
- fix #435420 - CVE-2008-1078 am-utils: insecure usage of temporary files
- fix autotools stuff
am-utils-6.1.5-buildsys.patch:
--- NEW FILE am-utils-6.1.5-buildsys.patch ---
diff -up am-utils-6.1.new/bootstrap.kzak am-utils-6.1.new/bootstrap
--- am-utils-6.1.new/bootstrap.kzak 2003-10-11 08:02:04.000000000 +0200
+++ am-utils-6.1.new/bootstrap 2008-05-21 12:16:36.000000000 +0200
@@ -28,21 +28,13 @@ rm -fr autom4te.cache autom4te-*.cache
# generate acinclude.m4 file
echo "AMU: prepare acinclude.m4..."
test -f acinclude.m4 && mv -f acinclude.m4 acinclude.m4.old
-(cd m4/macros
- for i in HEADER *.m4; do
- cat $i
- echo
- echo
- done
- cat TRAILER
-) > acinclude.m4
# generate aclocal.m4 file
echo "AMU: aclocal..."
test -f aclocal.m4 && mv -f aclocal.m4 aclocal.m4.old
# show version
aclocal --version 2>&1 | head -1
-if aclocal ; then
+if aclocal -I m4/macros ; then
:
else
echo "aclocal command failed. fix errors and rerun $0."
@@ -60,7 +52,7 @@ autoconf configure.in > configure.new 2>
CUTWARNMSG1="warning: AC_PROG_LEX invoked multiple times|do not use m4_(patsubst|regexp):"
egrep -v "${CUTWARNMSG1}" ${LOG} > ${LOG}.new
mv ${LOG}.new ${LOG}
-if test -s ${LOG}; then
+if false && test -s ${LOG}; then
echo "AUTOCONF ERRORS (MUST FIX):"
cat ${LOG}
rm -f ${LOG}
@@ -80,7 +72,7 @@ autoheader configure.in > config.h.in 2>
CUTWARNMSG2="autoheader: \`config.h.in' is updated"
egrep -v "${CUTWARNMSG2}" ${LOG} > ${LOG}.new
mv ${LOG}.new ${LOG}
-if test -s ${LOG}; then
+if false && test -s ${LOG}; then
echo "AUTOHEADER ERRORS (MUST FIX):"
cat ${LOG}
rm -f ${LOG}
diff -up am-utils-6.1.new/configure.in.kzak am-utils-6.1.new/configure.in
--- am-utils-6.1.new/configure.in.kzak 2006-05-11 19:25:47.000000000 +0200
+++ am-utils-6.1.new/configure.in 2008-05-21 20:52:48.000000000 +0200
@@ -15,6 +15,7 @@ dnl new init style: PACKAGE, VERSION, BU
AC_INIT([am-utils],
sinclude([vers.m4]),
[https://bugzilla.am-utils.org/ or am-utils at am-utils.org])
+
AC_MSG_NOTICE(*** INITIALIZATION ***)
AC_CONFIG_SRCDIR([amd/amd.c])
AM_CONFIG_HEADER(config.h)
@@ -1286,6 +1287,8 @@ AMU_CHECK_LIBWRAP_SEVERITY
fi
dnl ======================================================================
+AMU_HDR_TEMPLATES
+
dnl *********
AMU_SAVE_STATE
dnl *********
diff -up am-utils-6.1.new/m4/macros/save_state.m4.kzak am-utils-6.1.new/m4/macros/save_state.m4
--- am-utils-6.1.new/m4/macros/save_state.m4.kzak 2002-01-07 08:36:24.000000000 +0100
+++ am-utils-6.1.new/m4/macros/save_state.m4 2008-05-21 12:16:36.000000000 +0200
@@ -1,12 +1,12 @@
dnl ######################################################################
dnl AC_SAVE_STATE: save confdefs.h onto dbgcf.h and write $ac_cv_* cache
dnl variables that are known so far.
-define(AMU_SAVE_STATE,
-AC_MSG_NOTICE(*** SAVING CONFIGURE STATE ***)
+AC_DEFUN([AMU_SAVE_STATE],
+[AC_MSG_NOTICE(*** SAVING CONFIGURE STATE ***)
if test -f confdefs.h
then
cp confdefs.h dbgcf.h
fi
-[AC_CACHE_SAVE]
+AC_CACHE_SAVE]
)
dnl ======================================================================
diff -up am-utils-6.1.new/m4/macros/cache_check_dynamic.m4.kzak am-utils-6.1.new/m4/macros/cache_check_dynamic.m4
--- am-utils-6.1.new/m4/macros/cache_check_dynamic.m4.kzak 2002-06-21 19:12:14.000000000 +0200
+++ am-utils-6.1.new/m4/macros/cache_check_dynamic.m4 2008-05-21 12:16:36.000000000 +0200
@@ -8,7 +8,7 @@ dnl after COMMANDS are run.
dnl
dnl ======================================================================
dnl AMU_CACHE_CHECK_DYNAMIC(MESSAGE, CACHE-ID, COMMANDS)
-define(AMU_CACHE_CHECK_DYNAMIC,
+AC_DEFUN([AMU_CACHE_CHECK_DYNAMIC],
[
ac_tmp=`echo $2`
if eval "test \"`echo '$''{'$ac_tmp'+set}'`\" = set"; then
diff -up am-utils-6.1.new/m4/macros/header_templates.m4.kzak am-utils-6.1.new/m4/macros/header_templates.m4
--- am-utils-6.1.new/m4/macros/header_templates.m4.kzak 2005-10-26 05:33:12.000000000 +0200
+++ am-utils-6.1.new/m4/macros/header_templates.m4 2008-05-21 20:37:28.000000000 +0200
@@ -1,5 +1,7 @@
dnl FILE: m4/macros/header_templates.m4
dnl defines descriptions for various am-utils specific macros
+AC_DEFUN([AMU_HDR_TEMPLATES],
+[
AH_TEMPLATE([HAVE_AMU_FS_AUTO],
[Define if have automount filesystem])
@@ -997,3 +999,5 @@ AH_TEMPLATE([NEED_LIBWRAP_SEVERITY_VARIA
AH_TEMPLATE([HAVE_EXTERN_LDAP_ENABLE_CACHE],
[does extern definition for ldap_enable_cache() exist?])
+
+])
diff -up am-utils-6.1.new/m4/macros/mount_headers.m4.kzak am-utils-6.1.new/m4/macros/mount_headers.m4
--- am-utils-6.1.new/m4/macros/mount_headers.m4.kzak 2002-01-07 08:36:23.000000000 +0100
+++ am-utils-6.1.new/m4/macros/mount_headers.m4 2008-05-21 12:16:36.000000000 +0200
@@ -1,6 +1,6 @@
dnl ######################################################################
dnl an M4 macro to include a list of common headers being used everywhere
-define(AMU_MOUNT_HEADERS,
+AC_DEFUN([AMU_MOUNT_HEADERS],
[
#include "${srcdir}/include/mount_headers1.h"
#include AMU_NFS_PROTOCOL_HEADER
am-utils-6.1.5-expn-temp.patch:
--- NEW FILE am-utils-6.1.5-expn-temp.patch ---
CVE-2008-1078 am-utils: insecure usage of temporary files
Addresses-Red-Hat-Bugzilla: #435420
Signed-off-by: Karel Zak <kzak at redhat.com>
diff -up am-utils-6.1.5/scripts/expn.in.kzak am-utils-6.1.5/scripts/expn.in
--- am-utils-6.1.5/scripts/expn.in.kzak 2008-05-29 12:43:19.000000000 +0200
+++ am-utils-6.1.5/scripts/expn.in 2008-05-29 12:44:20.000000000 +0200
@@ -9,6 +9,7 @@
# hardcoded constants, should work fine for BSD-based systems
#require 'sys/socket.ph'; # perl 4
use Socket; # perl 5
+use Fcntl
$AF_INET = &AF_INET;
$SOCK_STREAM = &SOCK_STREAM;
@@ -1009,7 +1010,7 @@ sub mxlookup
}
$0 = "$av0 - nslookup of $server";
- open(T,">/tmp/expn$$") || die "open > /tmp/expn$$: $!\n";
+ sysopen(T,"/tmp/expn$$", O_EXCL | O_CREAT) || die "open > /tmp/expn$$: $!\n";
print T "set querytype=MX\n";
print T "$server\n";
close(T);
am-utils-6.1.5-nolock-toplvl.patch:
--- NEW FILE am-utils-6.1.5-nolock-toplvl.patch ---
amd does not work with kernel 2.6.25
Just after start-up, one can find the following in /var/log/messages:
Jun 10 11:36:28 tantale amd[18589]: '/net': mount: No locks available
Jun 10 11:36:29 tantale kernel: Invalid hostname "pid18588 at tantale:/net" in NFS lock request
For more details see:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=479884
From: Philippe Troin <phil at fifi.org>
Addresses-Red-Hat-Bug: #450754
diff -up am-utils-6.1.5/amd/amfs_toplvl.c.kzak am-utils-6.1.5/amd/amfs_toplvl.c
--- am-utils-6.1.5/amd/amfs_toplvl.c.kzak 2008-12-02 13:45:08.000000000 +0100
+++ am-utils-6.1.5/amd/amfs_toplvl.c 2008-12-02 13:37:21.000000000 +0100
@@ -226,7 +226,10 @@ amfs_toplvl_mount(am_node *mp, mntfs *mf
MNTTAB_OPT_RETRANS, gopt.amfs_auto_retrans[AMU_TYPE_TOPLVL]);
xstrlcat(opts, toplvl_opts, sizeof(opts));
}
-
+#ifdef MNTTAB_OPT_NOLOCK
+ xstrlcat(opts, ",", sizeof(opts));
+ xstrlcat(opts, MNTTAB_OPT_NOLOCK, sizeof(opts));
+#endif /* MNTTAB_OPT_NOLOCK */
#ifdef MNTTAB_OPT_NOAC
if (gopt.auto_attrcache == 0) {
xstrlcat(opts, ",", sizeof(opts));
Index: am-utils.spec
===================================================================
RCS file: /cvs/pkgs/rpms/am-utils/F-9/am-utils.spec,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -r1.43 -r1.44
--- am-utils.spec 19 Feb 2008 10:32:26 -0000 1.43
+++ am-utils.spec 2 Dec 2008 13:18:17 -0000 1.44
@@ -1,7 +1,7 @@
Summary: Automount utilities including an updated version of Amd.
Name: am-utils
Version: 6.1.5
-Release: 8%{?dist}
+Release: 8.1%{?dist}
License: BSD
Epoch: 5
Group: System Environment/Daemons
@@ -44,6 +44,12 @@
Patch2: am-utils-6.1.5-nfs-version.patch
# UTS_RELEASE macro has been removed from the latest kernel
Patch3: am-utils-6.1.5-UTS_RELEASE.patch
+# Build system bugfixes
+Patch4: am-utils-6.1.5-buildsys.patch
+# 435420 - CVE-2008-1078 am-utils: insecure usage of temporary files
+Patch5: am-utils-6.1.5-expn-temp.patch
+#450754 - Amd does not work with 2.6.25
+Patch6: am-utils-6.1.5-nolock-toplvl.patch
# We need to filter out some perl requirements for now.
%define _use_internal_dependency_generator 0
@@ -66,6 +72,9 @@
%patch1 -p1
%patch2 -p1
%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
find_requires=%{old_find_requires}
echo "$find_requires | grep -v lostaltmail.conf" > find-requires
@@ -165,6 +174,11 @@
%{_libdir}/libamu.so*
%changelog
+* Tue Dec 2 2008 Karel Zak <kzak at redhat.com> 5:6.1.5-8.1
+- fix #450754 - Amd does not work with 2.6.25 (thanks to Philippe Troin)
+- fix #435420 - CVE-2008-1078 am-utils: insecure usage of temporary files
+- fix autotools stuff
+
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng at fedoraproject.org> - 5:6.1.5-8
- Autorebuild for GCC 4.3
- Previous message (by thread): rpms/busybox/devel busybox-1.12.1-selinux.patch, NONE, 1.1 busybox.spec, 1.88, 1.89 busybox-1.10.1-headers.patch, 1.3, NONE
- Next message (by thread): rpms/java-1.6.0-openjdk/F-9 java-1.6.0-openjdk-dec2security.patch, NONE, 1.1 java-1.6.0-openjdk.spec, 1.59, 1.60
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list