rpms/blender/devel blender-2.46rc3-cve-2008-1103-1.patch, NONE, 1.1 blender.spec, 1.76, 1.77
Jochen Schmitt (s4504kr)
fedora-extras-commits at redhat.com
Wed May 7 16:50:01 UTC 2008
Author: s4504kr
Update of /cvs/extras/rpms/blender/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6819
Modified Files:
blender.spec
Added Files:
blender-2.46rc3-cve-2008-1103-1.patch
Log Message:
Partionaly fix CVE-2008-1103
blender-2.46rc3-cve-2008-1103-1.patch:
--- NEW FILE blender-2.46rc3-cve-2008-1103-1.patch ---
diff -up blender/source/blender/blenkernel/intern/blender.c.cve blender/source/blender/blenkernel/intern/blender.c
--- blender/source/blender/blenkernel/intern/blender.c.cve 2008-05-07 17:37:52.000000000 +0200
+++ blender/source/blender/blenkernel/intern/blender.c 2008-05-07 17:38:22.000000000 +0200
@@ -716,7 +716,7 @@ void BKE_undo_save_quit(void)
BLI_make_file_string("/", str, btempdir, "quit.blend");
- file = open(str,O_BINARY+O_WRONLY+O_CREAT+O_TRUNC, 0666);
+ file = open(str,O_BINARY+O_WRONLY+O_CREAT+O_TRUNC+O_EXCL, 0666);
if(file == -1) {
error("Unable to save %s, check you have permissions", str);
return;
Index: blender.spec
===================================================================
RCS file: /cvs/extras/rpms/blender/devel/blender.spec,v
retrieving revision 1.76
retrieving revision 1.77
diff -u -r1.76 -r1.77
--- blender.spec 6 May 2008 16:24:16 -0000 1.76
+++ blender.spec 7 May 2008 16:49:17 -0000 1.77
@@ -3,7 +3,7 @@
Name: blender
Version: 2.46
-Release: 0.3%{?dist}
+Release: 0.3.1%{?dist}
Summary: 3D modeling, animation, rendering and post-production
@@ -27,6 +27,8 @@
Patch1: blender-2.44-scons.patch
Patch2: blender-2.44-bid.patch
+Patch100: blender-2.46rc3-cve-2008-1103-1.patch
+
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: desktop-file-utils
@@ -72,6 +74,7 @@
%patch1 -p1 -b .org
%patch2 -p1 -b .bid
+%patch100 -p1 -b .cve
PYVER=$(%{__python} -c "import sys ; print sys.version[:3]")
@@ -174,6 +177,9 @@
%{_datadir}/mime/packages/blender.xml
%changelog
+* Wed May 7 2008 Jochen Schmitt <Jochen herr-schmitt de> 2.46-0.3.1
+- Some fixes for CVE-2008-1003
+
* Tue May 6 2008 Jochen Schmitt <Jochen herr-schmitt de> 2.46-0.3
- Release Canditate for 2.46
More information about the fedora-extras-commits
mailing list