rpms/gcc/F-12 gcc44-CVE-2009-3736.patch, NONE, 1.1 gcc.spec, 1.94, 1.95
Jakub Jelinek
jakub at fedoraproject.org
Wed Dec 2 22:55:27 UTC 2009
- Previous message (by thread): rpms/midori/devel .cvsignore,1.15,1.16 sources,1.15,1.16
- Next message (by thread): rpms/midori/F-12 .cvsignore, 1.15, 1.16 midori.spec, 1.28, 1.29 sources, 1.15, 1.16
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jakub
Update of /cvs/pkgs/rpms/gcc/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv29193
Modified Files:
gcc.spec
Added Files:
gcc44-CVE-2009-3736.patch
Log Message:
4.4.2-13
gcc44-CVE-2009-3736.patch:
acinclude.m4 | 2 +-
configure | 8 ++++----
ltdl.c | 23 +++++++++++++++--------
3 files changed, 20 insertions(+), 13 deletions(-)
--- NEW FILE gcc44-CVE-2009-3736.patch ---
2009-12-02 Jakub Jelinek <jakub at redhat.com>
* acinclude.m4: Regenerated to pick:
2007-06-22 Ralf Wildenhues <Ralf.Wildenhues at gmx.de>
* libtool.m4 (AC_LIBTOOL_SYS_DYNAMIC_LINKER) [linux]:
Ignore lines in ld.so.conf starting with 'hwcap '.
* configure: Regenerated.
2009-11-24 Peter O'Gorman <peter at pogma.com>
Backport of libltdl changes from the 2.26b release.
* ltdl.c: Backport changes.
--- libjava/libltdl/ltdl.c.jj 2008-09-05 12:57:53.000000000 +0200
+++ libjava/libltdl/ltdl.c 2009-12-02 18:19:11.000000000 +0100
@@ -2175,7 +2175,8 @@ static int trim LT_PARAMS((char *
static int try_dlopen LT_PARAMS((lt_dlhandle *handle,
const char *filename));
static int tryall_dlopen LT_PARAMS((lt_dlhandle *handle,
- const char *filename));
+ const char *filename,
+ const char * useloader));
static int unload_deplibs LT_PARAMS((lt_dlhandle handle));
static int lt_argz_insert LT_PARAMS((char **pargz,
size_t *pargz_len,
@@ -2361,9 +2362,10 @@ lt_dlexit ()
}
static int
-tryall_dlopen (handle, filename)
+tryall_dlopen (handle, filename, useloader)
lt_dlhandle *handle;
const char *filename;
+ const char *useloader;
{
lt_dlhandle cur;
lt_dlloader *loader;
@@ -2430,6 +2432,11 @@ tryall_dlopen (handle, filename)
while (loader)
{
+ if (useloader && strcmp(loader->loader_name, useloader))
+ {
+ loader = loader->next;
+ continue;
+ }
lt_user_data data = loader->dlloader_data;
cur->module = loader->module_open (data, filename);
@@ -2499,7 +2506,7 @@ tryall_dlopen_module (handle, prefix, di
error += tryall_dlopen_module (handle,
(const char *) 0, prefix, filename);
}
- else if (tryall_dlopen (handle, filename) != 0)
+ else if (tryall_dlopen (handle, filename, NULL) != 0)
{
++error;
}
@@ -2520,7 +2527,7 @@ find_module (handle, dir, libdir, dlname
/* Try to open the old library first; if it was dlpreopened,
we want the preopened version of it, even if a dlopenable
module is available. */
- if (old_name && tryall_dlopen (handle, old_name) == 0)
+ if (old_name && tryall_dlopen (handle, old_name, "dlpreload") == 0)
{
return 0;
}
@@ -2784,7 +2791,7 @@ find_handle_callback (filename, data, ig
/* Try to dlopen the file, but do not continue searching in any
case. */
- if (tryall_dlopen (handle, filename) != 0)
+ if (tryall_dlopen (handle, filename,NULL) != 0)
*handle = 0;
return 1;
@@ -3072,7 +3079,7 @@ try_dlopen (phandle, filename)
/* lt_dlclose()ing yourself is very bad! Disallow it. */
LT_DLSET_FLAG (*phandle, LT_DLRESIDENT_FLAG);
- if (tryall_dlopen (&newhandle, 0) != 0)
+ if (tryall_dlopen (&newhandle, 0, NULL) != 0)
{
LT_DLFREE (*phandle);
return 1;
@@ -3194,7 +3201,7 @@ try_dlopen (phandle, filename)
}
#endif
}
- if (!file)
+ else
{
file = fopen (filename, LT_READTEXT_MODE);
}
@@ -3378,7 +3385,7 @@ try_dlopen (phandle, filename)
#endif
)))
{
- if (tryall_dlopen (&newhandle, filename) != 0)
+ if (tryall_dlopen (&newhandle, filename, NULL) != 0)
{
newhandle = NULL;
}
--- libjava/libltdl/acinclude.m4.jj 2008-09-05 12:57:53.000000000 +0200
+++ libjava/libltdl/acinclude.m4 2009-12-02 19:47:40.000000000 +0100
@@ -1527,7 +1527,7 @@ linux*)
# Append ld.so.conf contents to the search path
if test -f /etc/ld.so.conf; then
- lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:,\t]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
fi
--- libjava/libltdl/configure.jj 2009-09-01 11:05:06.000000000 +0200
+++ libjava/libltdl/configure 2009-12-02 19:50:23.000000000 +0100
@@ -9160,7 +9160,7 @@ linux*)
# Append ld.so.conf contents to the search path
if test -f /etc/ld.so.conf; then
- lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:,\t]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
fi
@@ -12576,7 +12576,7 @@ linux*)
# Append ld.so.conf contents to the search path
if test -f /etc/ld.so.conf; then
- lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:,\t]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
fi
@@ -15489,7 +15489,7 @@ linux*)
# Append ld.so.conf contents to the search path
if test -f /etc/ld.so.conf; then
- lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:,\t]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
fi
@@ -17916,7 +17916,7 @@ linux*)
# Append ld.so.conf contents to the search path
if test -f /etc/ld.so.conf; then
- lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;s/[:,\t]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
sys_lib_dlsearch_path_spec="/lib${libsuff} /usr/lib${libsuff} $lt_ld_extra"
fi
Index: gcc.spec
===================================================================
RCS file: /cvs/pkgs/rpms/gcc/F-12/gcc.spec,v
retrieving revision 1.94
retrieving revision 1.95
diff -u -p -r1.94 -r1.95
--- gcc.spec 2 Dec 2009 14:58:27 -0000 1.94
+++ gcc.spec 2 Dec 2009 22:55:26 -0000 1.95
@@ -3,7 +3,7 @@
%global gcc_version 4.4.2
# Note, gcc_release must be integer, if you want to add suffixes to
# %{release}, append them after %{gcc_release} on Release: line.
-%global gcc_release 12
+%global gcc_release 13
%global _unpackaged_files_terminate_build 0
%global multilib_64_archs sparc64 ppc64 s390x x86_64
%global include_gappletviewer 1
@@ -161,6 +161,7 @@ Patch16: gcc44-unwind-debug-hook.patch
Patch17: gcc44-pr38757.patch
Patch18: gcc44-libstdc++-docs.patch
Patch19: gcc44-ppc64-aixdesc.patch
+Patch20: gcc44-CVE-2009-3736.patch
Patch1000: fastjar-0.97-segfault.patch
@@ -466,6 +467,7 @@ which are required to compile with the G
%patch18 -p0 -b .libstdc++-docs~
%endif
%patch19 -p0 -b .ppc64-aixdesc~
+%patch20 -p0 -b .CVE-2009-3736~
# This testcase doesn't compile.
rm libjava/testsuite/libjava.lang/PR35020*
@@ -1849,6 +1851,9 @@ fi
%doc rpm.doc/changelogs/libmudflap/ChangeLog*
%changelog
+* Wed Dec 2 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-13
+- fix security issues in libltdl bundled within libgcj (CVE-2009-3736)
+
* Wed Dec 2 2009 Jakub Jelinek <jakub at redhat.com> 4.4.2-12
- update from gcc-4_4-branch
- PRs c++/42234, fortran/41278, fortran/41807, fortran/42162, target/42113,
- Previous message (by thread): rpms/midori/devel .cvsignore,1.15,1.16 sources,1.15,1.16
- Next message (by thread): rpms/midori/F-12 .cvsignore, 1.15, 1.16 midori.spec, 1.28, 1.29 sources, 1.15, 1.16
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list