[blender/f17] Porting blender-2.49b-cve.patch (#855092, CVE-2008-1103)
Jochen Schmitt
s4504kr at fedoraproject.org
Fri Sep 7 09:32:28 UTC 2012
commit 21d6b5274519b60b98f6cf8c25a7dedd4257b092
Author: Jochen Schmitt <Jochen at herr-schmitt.de>
Date: Thu Sep 6 22:25:08 2012 +0200
Porting blender-2.49b-cve.patch (#855092, CVE-2008-1103)
blender-2.63a-cve.patch | 42 ++++++++++++++++++++++++++++++++++++++++++
blender.spec | 14 +++++++++++---
2 files changed, 53 insertions(+), 3 deletions(-)
---
diff --git a/blender-2.63a-cve.patch b/blender-2.63a-cve.patch
new file mode 100644
index 0000000..90fbc0b
--- /dev/null
+++ b/blender-2.63a-cve.patch
@@ -0,0 +1,42 @@
+diff -up blender-2.63a/source/blender/blenkernel/intern/blender.c.cve blender-2.63a/source/blender/blenkernel/intern/blender.c
+--- blender-2.63a/source/blender/blenkernel/intern/blender.c.cve 2012-05-10 16:50:20.000000000 +0200
++++ blender-2.63a/source/blender/blenkernel/intern/blender.c 2012-09-07 10:10:05.518999947 +0200
+@@ -40,6 +40,7 @@
+ # define write _write
+ #endif
+
++#include <errno.h>
+ #include <stdlib.h>
+ #include <stdio.h>
+ #include <stddef.h>
+@@ -706,7 +707,8 @@ void BKE_undo_save_quit(void)
+ {
+ UndoElem *uel;
+ MemFileChunk *chunk;
+- int file;
++ int file = -1;
++ int flags = O_BINARY+O_WRONLY+O_CREAT+O_TRUNC;
+ char str[FILE_MAX];
+
+ if ( (U.uiflag & USER_GLOBALUNDO)==0) return;
+@@ -722,10 +724,16 @@ void BKE_undo_save_quit(void)
+
+ BLI_make_file_string("/", str, BLI_temporary_dir(), "quit.blend");
+
+- file = BLI_open(str,O_BINARY+O_WRONLY+O_CREAT+O_TRUNC, 0666);
+- if (file == -1) {
+- //XXX error("Unable to save %s, check you have permissions", str);
+- return;
++ while (file == -1) {
++ file = BLI_open(str,flags, 0666);
++ if (file == -1) {
++ if (errno == EEXIST) {
++ flags ^= O_CREAT;
++ } else {
++ //XXX error("Unable to save %s, check you have permissions", str);
++ return;
++ }
++ }
+ }
+
+ chunk= uel->memfile.chunks.first;
diff --git a/blender.spec b/blender.spec
index b40554e..b5f1cf2 100644
--- a/blender.spec
+++ b/blender.spec
@@ -12,7 +12,7 @@
Name: blender
Epoch: 1
Version: %{blender_api}a
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: 3D modeling, animation, rendering and post-production
@@ -35,6 +35,9 @@ Patch5: blender-2.50-uninit-var.patch
Patch10: blender-2.58-python_include.patch
Patch11: blender-2.61-openjpeg_stdbool.patch
+# Security Patch for CVE-2008-1103
+Patch13: blender-2.63a-cve.patch
+
BuildRequires: desktop-file-utils
BuildRequires: gettext
BuildRequires: libtool
@@ -147,6 +150,8 @@ addon packages to extend blender.
%patch10 -p1
%patch11 -p1 -b .openjpeg_stdbool
+%patch13 -p1 -b .cve
+
find -name '.svn' -print | xargs rm -rf
%build
@@ -291,8 +296,11 @@ fi || :
%{_sysconfdir}/rpm/macros.blender
%changelog
-* Thu Jun 14 2012 Jochen Schmitt <Jochen herr-schmitt de> 1:2.63a-2
-- Rebuild for new OpenImageIO release
+* Fri Sep 7 2012 Jochen Schmitt <JOchen herr-schmitt de> - 1:2.63a-8
+- Porting blender-2.49b-cve.patch (#855092, CVE-2008-1103)
+
+* Tue Jun 26 2012 Richard Shaw <hobbes1069 at gmail.com> 1:2.63a-2
+- Bump revision to be >= f17 for AutoQA.
* Fri May 11 2012 Jochen Schmitt <Jochen herr-schmitt de> 1:2.63a-1
- New upstream release
More information about the scm-commits
mailing list