rpms/blender/devel blender-2.46rc3-cve-2008-1103-1.patch, NONE, 1.1 blender.spec, 1.76, 1.77

Jochen Schmitt (s4504kr) fedora-extras-commits at redhat.com
Wed May 7 16:50:01 UTC 2008 

Author: s4504kr

Update of /cvs/extras/rpms/blender/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6819

Modified Files:
	blender.spec 
Added Files:
	blender-2.46rc3-cve-2008-1103-1.patch 
Log Message:
Partionaly fix CVE-2008-1103

blender-2.46rc3-cve-2008-1103-1.patch:

--- NEW FILE blender-2.46rc3-cve-2008-1103-1.patch ---
diff -up blender/source/blender/blenkernel/intern/blender.c.cve blender/source/blender/blenkernel/intern/blender.c
--- blender/source/blender/blenkernel/intern/blender.c.cve	2008-05-07 17:37:52.000000000 +0200
+++ blender/source/blender/blenkernel/intern/blender.c	2008-05-07 17:38:22.000000000 +0200
@@ -716,7 +716,7 @@ void BKE_undo_save_quit(void)
 		
 	BLI_make_file_string("/", str, btempdir, "quit.blend");
 
-	file = open(str,O_BINARY+O_WRONLY+O_CREAT+O_TRUNC, 0666);
+	file = open(str,O_BINARY+O_WRONLY+O_CREAT+O_TRUNC+O_EXCL, 0666);
 	if(file == -1) {
 		error("Unable to save %s, check you have permissions", str);
 		return;


Index: blender.spec
===================================================================
RCS file: /cvs/extras/rpms/blender/devel/blender.spec,v
retrieving revision 1.76
retrieving revision 1.77
diff -u -r1.76 -r1.77
--- blender.spec	6 May 2008 16:24:16 -0000	1.76
+++ blender.spec	7 May 2008 16:49:17 -0000	1.77
@@ -3,7 +3,7 @@
 
 Name:           blender
 Version:        2.46
-Release: 	0.3%{?dist}
+Release: 	0.3.1%{?dist}
 
 Summary:        3D modeling, animation, rendering and post-production
 
@@ -27,6 +27,8 @@
 Patch1:         blender-2.44-scons.patch
 Patch2:		blender-2.44-bid.patch
 
+Patch100:	blender-2.46rc3-cve-2008-1103-1.patch
+
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires:  desktop-file-utils
@@ -72,6 +74,7 @@
 %patch1 -p1 -b .org
 %patch2 -p1 -b .bid
 
+%patch100 -p1 -b .cve
 
 PYVER=$(%{__python} -c "import sys ; print sys.version[:3]")
 
@@ -174,6 +177,9 @@
 %{_datadir}/mime/packages/blender.xml
 
 %changelog
+* Wed May  7 2008 Jochen Schmitt <Jochen herr-schmitt de> 2.46-0.3.1
+- Some fixes for CVE-2008-1003
+
 * Tue May  6 2008 Jochen Schmitt <Jochen herr-schmitt de> 2.46-0.3
 - Release Canditate for 2.46

More information about the fedora-extras-commits mailing list