rpms/zoo/FC-3 zoo-2.10-pathsize-security.patch, NONE, 1.1 zoo-gcc4.patch, NONE, 1.1 zoo.spec, 1.4, 1.5
Nicolas Mailhot (nim)
fedora-extras-commits at redhat.com
Sun Feb 26 22:44:41 UTC 2006
Author: nim
Update of /cvs/extras/rpms/zoo/FC-3
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11342/FC-3
Modified Files:
zoo.spec
Added Files:
zoo-2.10-pathsize-security.patch zoo-gcc4.patch
Log Message:
auto-import zoo-2.10-6.fc3 on branch FC-3 from zoo-2.10-6.fc3.src.rpm
Apply patch for exploitable buffer overflow (bug #183109)
zoo-2.10-pathsize-security.patch:
--- NEW FILE zoo-2.10-pathsize-security.patch ---
diff -uNr zoo-2.10.orig/misc.c zoo-2.10.new/misc.c
--- zoo-2.10.orig/misc.c 2006-02-26 23:30:55.000000000 +0100
+++ zoo-2.10.new/misc.c 2006-02-26 23:37:17.000000000 +0100
@@ -136,11 +136,14 @@
char *fullpath (direntry)
struct direntry *direntry;
{
- static char result[PATHSIZE];
+ static char result[PATHSIZE+PATHSIZE+12]; // Room for enough space
combine (result,
direntry->dirlen != 0 ? direntry->dirname : "",
(direntry->namlen != 0) ? direntry->lfname : direntry->fname
);
+ if (strlen (result) >= PATHSIZE) {
+ prterror ('f', "Combined dirname and filename too long\n");
+ }
return (result);
}
zoo-gcc4.patch:
--- NEW FILE zoo-gcc4.patch ---
--- zoo-2.10.orig/ar.h 2005-04-05 10:53:38.000000000 +0200
+++ zoo-2.10/ar.h 2005-04-05 10:52:12.000000000 +0200
@@ -117,7 +117,6 @@
void move_left();
#else
# define MOVE_LEFT memmove
- extern VOIDPTR memmove();
#endif
#if 0
Index: zoo.spec
===================================================================
RCS file: /cvs/extras/rpms/zoo/FC-3/zoo.spec,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- zoo.spec 10 Dec 2004 22:03:13 -0000 1.4
+++ zoo.spec 26 Feb 2006 22:44:41 -0000 1.5
@@ -1,26 +1,29 @@
-Name: zoo
-Version: 2.10
-Release: 2
-Epoch: 0
-Summary: File archiving utility with compression
+Name: zoo
+Version: 2.10
+Release: 6%{?dist}
+Summary: File archiving utility with compression
Group: Applications/Archiving
License: Distributable
Source: ftp://ftp.debian.org/debian/pool/non-free/z/zoo/zoo_2.10.orig.tar.gz
Patch0: ftp://ftp.debian.org/debian/pool/non-free/z/zoo/zoo_2.10-9.diff.gz
Patch1: zoo-2.10-tempfile.patch
+Patch2: zoo-gcc4.patch
+Patch3: zoo-2.10-pathsize-security.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
%description
-zoo is a file archiving utility for maintaining collections of files.
-It uses Lempel-Ziv compression to provide space savings in the
-range of 20 to 80 percent depending on the type of data. Written by
+zoo is a file archiving utility for maintaining collections of files.
+It uses Lempel-Ziv compression to provide space savings in the
+range of 20 to 80 percent depending on the type of data. Written by
Rahul Dhesi, and posted to the USENET newsgroup comp.sources.misc.
%prep
%setup -n zoo-2.10.orig
%patch0 -p1 -b .debian
%patch1 -p1 -b .tempfile
+%patch2 -p1 -b .gcc4
+%patch3 -p1 -b .pathsize
%build
make %{?_smp_mflags} OPTIM="%{optflags}" linux
@@ -42,7 +45,19 @@
%attr(0755,root,root) %{_bindir}/*
%changelog
-* Sun Apr 25 2004 Mailhot <Nicolas.Mailhot at laPoste.net> - 0:2.10-0.fdr.2
+* Sun Feb 26 2006 Nicolas Mailhot <nicolas.mailhot at laposte.net> - 2.10-6
+- apply preliminary patch for bug #183109 (just to be sure)
+
+* Mon Feb 13 2006 Nicolas Mailhot <nicolas.mailhot at laposte.net> - 2.10-5
+- rebuilt for new gcc4.1 snapshot and glibc changes
+
+* Mon Jun 16 2005 Nicolas Mailhot <nicolas.mailhot at laposte.net> - 2.10-4
+- rebuild with gcc 4.1
+
+* Tue Apr 05 2005 Adrian Reber <adrian at lisas.de> - 2.10-3
+- fix gcc4 errors
+
+* Sun Apr 25 2004 Nicolas Mailhot <Nicolas.Mailhot at laPoste.net> - 0:2.10-0.fdr.2
* Use debian source
* Tue Apr 20 2004 Nicolas Mailhot <Nicolas.Mailhot at laPoste.net> - 0:2.10-0.fdr.1
More information about the scm-commits
mailing list