rpms/rb_libtorrent/F-7 rb_libtorrent.spec,1.4,1.5
Peter Gordon (pgordon)
fedora-extras-commits at redhat.com
Tue Jan 29 08:10:19 UTC 2008
- Previous message (by thread): rpms/file/devel file-4.23-ELF.patch, NONE, 1.1 file-4.23-fsdump.patch, NONE, 1.1 file-4.23-msoffice.patch, NONE, 1.1 .cvsignore, 1.19, 1.20 file.spec, 1.66, 1.67 sources, 1.19, 1.20 file-4.13-fsdump.patch, 1.1, NONE file-4.17-bash.patch, 1.2, NONE file-4.17-powerpoint.patch, 1.1, NONE file-4.19-ELF.patch, 1.1, NONE file-4.20-unused.patch, 1.1, NONE file-4.21-core_from.patch, 1.1, NONE file-4.21-msoffice.patch, 1.1, NONE
- Next message (by thread): rpms/rb_libtorrent/F-7 rb_libtorrent-svn1968-bdecode_recursive-security-fix.patch, NONE, 1.1
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: pgordon
Update of /cvs/pkgs/rpms/rb_libtorrent/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20468/F-7
Modified Files:
rb_libtorrent.spec
Log Message:
Add upstream patch to fix potential stack overflow in bdecode_recursive routine.
Index: rb_libtorrent.spec
===================================================================
RCS file: /cvs/pkgs/rpms/rb_libtorrent/F-7/rb_libtorrent.spec,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- rb_libtorrent.spec 10 Jul 2007 07:29:01 -0000 1.4
+++ rb_libtorrent.spec 29 Jan 2008 08:09:42 -0000 1.5
@@ -1,6 +1,6 @@
Name: rb_libtorrent
Version: 0.12
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: A C++ BitTorrent library aiming to be the best alternative
Group: System Environment/Libraries
@@ -12,11 +12,15 @@
Source2: %{name}-COPYING.Boost
Source3: %{name}-COPYING.zlib
+Patch0: %{name}-svn1968-bdecode_recursive-security-fix.patch
+
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: boost-devel
BuildRequires: zlib-devel
BuildRequires: libtool
+## Necessary for 'rename'...
+BuildRequires: util-linux-ng
## The following is taken from it's website listing...mostly.
%description
@@ -80,6 +84,9 @@
## Fix the installed pkgconfig file: we don't need linkage that the
## libtorrent DSO already ensures.
sed -i -e 's/^Libs:.*$/Libs: -L${libdir} -ltorrent/' libtorrent.pc.in
+## SECURITY: Fix potential stack overflow in bencode_recursive with
+## malformed messages.
+%patch0 -p3 -b .bdecode_recursive-security-fix
%build
@@ -137,6 +144,12 @@
%changelog
+* Mon Jan 28 2008 Peter Gordon <peter at thecodergeek.com> - 0.12-2
+- Add upstream patch (changeset 1968) to fix potential security vulnerability:
+ malformed messages passed through the bdecode_recursive routine could cause
+ a potential stack overflow.
+ + svn1968-bdecode_recursive-security-fix.patch
+
* Thu Jun 07 2007 Peter Gordon <peter at thecodergeek.com> - 0.12-1
- Update to new upstream release (0.12 Final)
- Split examples into a subpackage. Applications that use rb_libtorrent
- Previous message (by thread): rpms/file/devel file-4.23-ELF.patch, NONE, 1.1 file-4.23-fsdump.patch, NONE, 1.1 file-4.23-msoffice.patch, NONE, 1.1 .cvsignore, 1.19, 1.20 file.spec, 1.66, 1.67 sources, 1.19, 1.20 file-4.13-fsdump.patch, 1.1, NONE file-4.17-bash.patch, 1.2, NONE file-4.17-powerpoint.patch, 1.1, NONE file-4.19-ELF.patch, 1.1, NONE file-4.20-unused.patch, 1.1, NONE file-4.21-core_from.patch, 1.1, NONE file-4.21-msoffice.patch, 1.1, NONE
- Next message (by thread): rpms/rb_libtorrent/F-7 rb_libtorrent-svn1968-bdecode_recursive-security-fix.patch, NONE, 1.1
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list