rpms/amarok/FC-6 amarok-1.4.5-CVE-2006-6979.patch, NONE, 1.1 amarok.spec, 1.71, 1.72
Aurelien Bompard (abompard)
fedora-extras-commits at redhat.com
Wed Feb 14 19:13:54 UTC 2007
Author: abompard
Update of /cvs/extras/rpms/amarok/FC-6
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14600/FC-6
Modified Files:
amarok.spec
Added Files:
amarok-1.4.5-CVE-2006-6979.patch
Log Message:
add patch to fix CVE-2006-6979 (bug 228138)
amarok-1.4.5-CVE-2006-6979.patch:
--- NEW FILE amarok-1.4.5-CVE-2006-6979.patch ---
Index: src/magnatunebrowser/magnatunealbumdownloader.cpp
===================================================================
--- amarok/src/magnatunebrowser/magnatunealbumdownloader.cpp (revision 633106)
+++ amarok/src/magnatunebrowser/magnatunealbumdownloader.cpp (working copy)
@@ -89,7 +89,7 @@
//ok, now we have the .zip file downloaded. All we need is to unpack it to the desired location and add it to the collection.
- QString unzipString = "unzip \""+m_tempDir.name() + m_currentAlbumFileName + "\" -d \"" + m_currentAlbumUnpackLocation + "\" &";
+ QString unzipString = KProcess::quote( "unzip \""+m_tempDir.name() + m_currentAlbumFileName + "\" -d \"" + m_currentAlbumUnpackLocation + "\" &" );
debug() << "unpacking: " << unzipString << endl;
Index: amarok.spec
===================================================================
RCS file: /cvs/extras/rpms/amarok/FC-6/amarok.spec,v
retrieving revision 1.71
retrieving revision 1.72
diff -u -r1.71 -r1.72
--- amarok.spec 7 Feb 2007 18:27:50 -0000 1.71
+++ amarok.spec 14 Feb 2007 19:13:22 -0000 1.72
@@ -4,13 +4,14 @@
Name: amarok
Summary: Media player for KDE
Version: 1.4.5
-Release: 1%{?dist}
+Release: 2%{?dist}
Group: Applications/Multimedia
License: GPL
Url: http://amarok.kde.org
# http://download.kde.org/download.php?url=stable/amarok/1.4.3/src
Source0: http://mirrors.isc.org/pub/kde/stable/amarok/%{version}/src/amarok-%{version}.tar.bz2
+Patch0: amarok-1.4.5-CVE-2006-6979.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: kdemultimedia-devel >= 6:3.2
@@ -80,6 +81,7 @@
%prep
%setup -q
+%patch0 -p0 -b .CVE-2006-6979
@@ -233,6 +235,9 @@
%changelog
+* Wed Feb 14 2007 Aurelien Bompard <abompard at fedoraproject.org> 1.4.5-2
+- add patch to fix CVE-2006-6979 (bug 228138)
+
* Sat Feb 03 2007 Aurelien Bompard <abompard at fedoraproject.org> 1.4.5-1
- version 1.4.5
- drop patch0 and patch1 (merged upstream)
More information about the scm-commits
mailing list