rpms/udev/F-10 udev-CVE-2009-1186.patch, NONE, 1.1 udev.spec, 1.256, 1.257

Harald Hoyer harald at fedoraproject.org
Thu Apr 16 06:48:20 UTC 2009 

Author: harald

Update of /cvs/pkgs/rpms/udev/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19617

Modified Files:
	udev.spec 
Added Files:
	udev-CVE-2009-1186.patch 
Log Message:
* Thu Apr 16 2009 Harald Hoyer <harald at redhat.com> 127-5
- fix for CVE-2009-1186


udev-CVE-2009-1186.patch:

--- NEW FILE udev-CVE-2009-1186.patch ---
diff -up udev-127/udev/udev_utils_string.c.CVE-2009-1186 udev-127/udev/udev_utils_string.c
--- udev-127/udev/udev_utils_string.c.CVE-2009-1186	2008-08-26 09:21:40.000000000 +0200
+++ udev-127/udev/udev_utils_string.c	2009-04-16 08:47:13.000000000 +0200
@@ -53,7 +53,7 @@ void remove_trailing_chars(char *path, c
 
 size_t path_encode(char *s, size_t len)
 {
-	char t[(len * 3)+1];
+	char t[(len * 4)+1];
 	size_t i, j;
 
 	t[0] = '\0';


Index: udev.spec
===================================================================
RCS file: /cvs/pkgs/rpms/udev/F-10/udev.spec,v
retrieving revision 1.256
retrieving revision 1.257
diff -u -r1.256 -r1.257
--- udev.spec	15 Apr 2009 17:13:46 -0000	1.256
+++ udev.spec	16 Apr 2009 06:47:50 -0000	1.257
@@ -6,7 +6,7 @@
 Summary: A userspace implementation of devfs
 Name: udev
 Version: 127
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: GPLv2
 Group: System Environment/Base
 Provides: udev-persistent = %{version}-%{release}
@@ -23,8 +23,9 @@
 Patch2: udev-127-volume_id-include-config.h.patch
 Patch3: udev-132-memstickrules.patch
 
-Patch101: udev-CVE-2009-1185.patch
-Patch102: udev-118-sysconf.patch
+Patch101: udev-118-sysconf.patch
+Patch102: udev-CVE-2009-1185.patch
+Patch103: udev-CVE-2009-1186.patch
 
 ExclusiveOS: Linux
 URL: http://www.kernel.org/pub/linux/utils/kernel/hotplug/udev.html
@@ -99,8 +100,9 @@
 %patch1 -p1 -b .p1
 %patch2 -p1 -b .p2
 %patch3 -p1 -b .p3
-%patch101 -p1 -b .CVE-2009-1185
-%patch102 -p1 -b .sysconf
+%patch101 -p1 -b .sysconf
+%patch102 -p1 -b .CVE-2009-1185
+%patch103 -p1 -b .CVE-2009-1186
 
 %build
 %configure --with-selinux  --prefix=%{_prefix} --exec-prefix="" --sysconfdir=%{_sysconfdir} --with-libdir-name=%{_lib}  --sbindir="/sbin" --enable-static
@@ -372,6 +374,9 @@
 
 
 %changelog
+* Thu Apr 16 2009 Harald Hoyer <harald at redhat.com> 127-5
+- fix for CVE-2009-1186
+
 * Wed Apr 15 2009 Harald Hoyer <harald at redhat.com> 127-4
 - fix for CVE-2009-1185

More information about the fedora-extras-commits mailing list