rpms/bochs/FC-6 bochs-CVE-2007-2893.patch, NONE, 1.1 bochs.spec, 1.22, 1.23

Hans de Goede (jwrdegoede) fedora-extras-commits at redhat.com
Wed Jul 18 20:05:42 UTC 2007 

Author: jwrdegoede

Update of /cvs/extras/rpms/bochs/FC-6
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2334

Modified Files:
	bochs.spec 
Added Files:
	bochs-CVE-2007-2893.patch 
Log Message:
* Wed Jul 18 2007 Hans de Goede <j.w.r.degoede at hhs.nl> 2.3-5
- Fix CVE-2007-2893 (bz 241799)


bochs-CVE-2007-2893.patch:

--- NEW FILE bochs-CVE-2007-2893.patch ---
--- bochs/iodev/ne2k.cc	2007/02/03 17:56:35	1.91
+++ bochs/iodev/ne2k.cc	2007/03/10 15:17:31	1.92
@@ -1278,8 +1278,8 @@
  */
 void bx_ne2k_c::rx_frame(const void *buf, unsigned io_len)
 {
-  unsigned pages;
-  unsigned avail;
+  int pages;
+  int avail;
   unsigned idx;
   int wrapped;
   int nextpage;


Index: bochs.spec
===================================================================
RCS file: /cvs/extras/rpms/bochs/FC-6/bochs.spec,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- bochs.spec	4 Oct 2006 22:26:08 -0000	1.22
+++ bochs.spec	18 Jul 2007 20:05:09 -0000	1.23
@@ -1,6 +1,6 @@
 Name:           bochs
 Version:        2.3
-Release:        3%{?dist}
+Release:        5%{?dist}
 Summary:        Portable x86 PC emulator
 Group:          Applications/Emulators
 License:        LGPL
@@ -9,13 +9,15 @@
 Source1:        http://bochs.sourceforge.net/guestos/dlxlinux4.tar.gz
 Patch0:         %{name}-nonet-build.patch
 Patch1:         %{name}-config.patch
+Patch2:         %{name}-wx28.patch
+Patch3:         %{name}-CVE-2007-2893.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:  docbook-utils
 BuildRequires:  libXt-devel
 BuildRequires:  libXpm-devel
 BuildRequires:  ncurses-devel
 BuildRequires:  SDL-devel
-BuildRequires:  wxGTK-devel
+#BuildRequires:  wxGTK-devel
 %ifarch %{ix86} x86_64
 BuildRequires:  svgalib-devel
 %endif
@@ -64,6 +66,8 @@
 %prep
 %setup -q
 %patch0 -p0 -z .nonet
+%patch2 -p1 -z .wx28
+%patch3 -p1 -z .cve
 cp -p %{SOURCE1} .
 # Fix up some man page paths.
 sed -i \
@@ -94,7 +98,7 @@
   --with-term \
   --with-rfb \
   --with-sdl \
-  --with-wx \
+  --without-wx \
   $ARCH_CONFIGURE_FLAGS"
 export CXXFLAGS="$RPM_OPT_FLAGS -DPARANOID"
 
@@ -113,7 +117,7 @@
 
 make unpack_dlx
 # This needs to be done after "make unpack_dlx".
-%{__patch} -p0 < %{PATCH1}
+patch -p0 < %{PATCH1}
 sed -i -e 's/\r//' dlxlinux/readme.txt dlxlinux/bochsrc.txt
 
 
@@ -160,6 +164,13 @@
 
 
 %changelog
+* Wed Jul 18 2007 Hans de Goede <j.w.r.degoede at hhs.nl> 2.3-5
+- Fix CVE-2007-2893 (bz 241799)
+
+* Mon Dec 18 2006 Hans de Goede <j.w.r.degoede at hhs.nl> 2.3-4
+- rebuilt without wxGTK as wxGTK is even more broken with wxGTK 2.8 then it
+  was with 2.6
+
 * Thu Oct 05 2006 Christian Iseli <Christian.Iseli at licr.org> 2.3-3
  - rebuilt for unwind info generation, broken in gcc-4.1.1-21

More information about the scm-commits mailing list