[libotr: 1/2] * Wed Aug 08 2012 Paul Wouters <pwouters at redhat.com> - 3.2.0-6 - Patch for Multiple heap-based buffe

Paul Wouters pwouters at fedoraproject.org
Wed Aug 8 15:28:10 UTC 2012 

commit 758d596a6b1bc9e5f59289b71a224ce3d4cc8c78
Author: Paul Wouters <pwouters at redhat.com>
Date:   Wed Aug 8 11:25:45 2012 -0400

    * Wed Aug 08 2012 Paul Wouters <pwouters at redhat.com> - 3.2.0-6
    - Patch for Multiple heap-based buffer overflows in the Base64 decoder
      (rhbz#846377, upstream will not release 3.2.1 for this)

 libotr.spec |   23 +++++++++++++++++++----
 1 files changed, 19 insertions(+), 4 deletions(-)
---
diff --git a/libotr.spec b/libotr.spec
index 33234b0..79148a9 100644
--- a/libotr.spec
+++ b/libotr.spec
@@ -1,17 +1,22 @@
+%global snapshot 0
 Summary: Off-The-Record Messaging library and toolkit
 Name: libotr
 Version: 3.2.0
-Release: 5%{?dist}
+Release: 6%{?dist}
 License: GPLv2 and LGPLv2
 Group: System Environment/Libraries
 Source0: http://otr.cypherpunks.ca/%{name}-%{version}.tar.gz
+Patch1: libotr-3.2.0-846377.patch
 Url: http://otr.cypherpunks.ca/
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Provides: libotr-toolkit = %{version}
 Obsoletes: libotr-toolkit < %{version}
 Requires: libgcrypt >= 1.2.0
 Requires: pkgconfig
-BuildRequires: libgcrypt-devel >= 1.2.0, libgpg-error-devel 
+BuildRequires: libgcrypt-devel >= 1.2.0, libgpg-error-devel
+%if %{snapshot}
+Buildrequires: libtool automake autoconf
+%endif
 
 %description
 Off-the-Record Messaging Library and Toolkit
@@ -29,9 +34,15 @@ The devel package contains the libotr library and include files.
 
 %prep
 %setup -q
+%patch1 -p1
 
-%build
+%if %{snapshot}
+aclocal
+intltoolize --force --copy
+autoreconf -s -i
+%endif
 
+%build
 %configure --with-pic --disable-rpath --disable-static
 sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
 sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
@@ -52,7 +63,7 @@ rm -rf $RPM_BUILD_ROOT
 
 %postun -p /sbin/ldconfig
 
-%files 
+%files
 %defattr(-,root,root)
 %doc AUTHORS README COPYING COPYING.LIB NEWS Protocol*
 %{_libdir}/libotr.so.*
@@ -70,6 +81,10 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Wed Aug 08 2012 Paul Wouters <pwouters at redhat.com> - 3.2.0-6
+- Patch for Multiple heap-based buffer overflows in the Base64 decoder
+  (rhbz#846377, upstream will not release 3.2.1 for this)
+
 * Mon May 24 2010 Tom "spot" Callaway <tcallawa at redhat.com> - 3.2.0-5
 - disable static libs
 - disable rpath

More information about the scm-commits mailing list