rpms/fbida/FC-5 fbida.CVE-2006-1695.patch, NONE, 1.1 fbida.spec, 1.13, 1.14

Adrian Reber (adrian) fedora-extras-commits at redhat.com
Mon Apr 24 06:35:12 UTC 2006 

Author: adrian

Update of /cvs/extras/rpms/fbida/FC-5
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11485

Modified Files:
	fbida.spec 
Added Files:
	fbida.CVE-2006-1695.patch 
Log Message:
* Mon Apr 24 2006 Adrian Reber <adrian at lisas.de> - 2.03-11
- security fix for #189721


fbida.CVE-2006-1695.patch:

--- NEW FILE fbida.CVE-2006-1695.patch ---
diff -ru fbida-2.01.orig/fbgs fbida-2.01/fbgs
--- fbida-2.01.orig/fbgs	2004-03-28 13:32:16.000000000 +0200
+++ fbida-2.01/fbgs	2006-04-08 02:49:37.000000000 +0200
@@ -1,8 +1,8 @@
 #!/bin/bash
 
 # tmp dir
-DIR="${TMPDIR-/var/tmp}/fbps-$$"
-mkdir -p $DIR	|| exit 1
+DIR=`mktemp -dtp /tmp fbgs-XXXXXX`
+[ -d $DIR ]  || exit 1
 trap "rm -rf $DIR" EXIT
 
 # parse options


Index: fbida.spec
===================================================================
RCS file: /cvs/extras/rpms/fbida/FC-5/fbida.spec,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- fbida.spec	13 Feb 2006 21:01:11 -0000	1.13
+++ fbida.spec	24 Apr 2006 06:35:12 -0000	1.14
@@ -1,11 +1,12 @@
 Summary:        FrameBuffer Imageviewer
 Name:           fbida
 Version:        2.03
-Release:        10%{?dist}
+Release:        11%{?dist}
 License:        GPL
 Group:          Applications/Multimedia
 URL:            http://linux.bytesex.org/fbida/
 Source:         http://dl.bytesex.org/releases/fbida/fbida-2.03.tar.gz
+Patch:          fbida.CVE-2006-1695.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:  libexif-devel fontconfig-devel libjpeg-devel
 BuildRequires:  libpng-devel libtiff-devel pkgconfig
@@ -38,6 +39,7 @@
 
 %prep
 %setup -q
+%patch -p1
 %{__sed} -i -e "s,(INSTALL) -s,(INSTALL) ," mk/Variables.mk
 %{__sed} -i -e "s,/X11R6,,g" GNUmakefile
 %{__sed} -i -e "s,/usr/X11R6/lib/X11,%{_datadir}/X11,g" mk/Autoconf.mk
@@ -80,6 +82,9 @@
 %{_bindir}/fbgs
 
 %changelog
+* Mon Apr 24 2006 Adrian Reber <adrian at lisas.de> - 2.03-11
+- security fix for #189721
+
 * Mon Feb 13 2006 Adrian Reber <adrian at lisas.de> - 2.03-10
 - rebuilt

More information about the scm-commits mailing list