rpms/mingw32-filesystem/devel mingw32-filesystem.spec, 1.28, 1.29 mingw32-scripts.sh, 1.3, 1.4

epienbro epienbro at fedoraproject.org
Tue Sep 1 21:42:50 UTC 2009 

Author: epienbro

Update of /cvs/pkgs/rpms/mingw32-filesystem/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv25784

Modified Files:
	mingw32-filesystem.spec mingw32-scripts.sh 
Log Message:
* Tue Sep  1 2009 Erik van Pienbroek <epienbro at fedoraproject.org> - 55-1
- The wrapper scripts i686-pc-mingw32-pkg-config, mingw32-pkg-config,
  mingw32-configure, mingw32-make and mingw32-cmake had a bug where
  quoted arguments could get interpreted incorrect.
  Thanks to Michael Ploujnikov for helping out with this issue



Index: mingw32-filesystem.spec
===================================================================
RCS file: /cvs/pkgs/rpms/mingw32-filesystem/devel/mingw32-filesystem.spec,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -p -r1.28 -r1.29
--- mingw32-filesystem.spec	29 Aug 2009 14:35:44 -0000	1.28
+++ mingw32-filesystem.spec	1 Sep 2009 21:42:50 -0000	1.29
@@ -1,7 +1,7 @@
 %define debug_package %{nil}
 
 Name:           mingw32-filesystem
-Version:        54
+Version:        55
 Release:        1%{?dist}
 Summary:        MinGW base filesystem and environment
 
@@ -166,6 +166,12 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Tue Sep  1 2009 Erik van Pienbroek <epienbro at fedoraproject.org> - 55-1
+- The wrapper scripts i686-pc-mingw32-pkg-config, mingw32-pkg-config,
+  mingw32-configure, mingw32-make and mingw32-cmake had a bug where
+  quoted arguments could get interpreted incorrect.
+  Thanks to Michael Ploujnikov for helping out with this issue
+
 * Sat Aug 29 2009 Erik van Pienbroek <epienbro at fedoraproject.org> - 54-1
 - Added the file /usr/bin/i686-pc-mingw32-pkg-config which is a wrapper script
   which calls pkg-config with the right environment variables set (BZ #513825)


Index: mingw32-scripts.sh
===================================================================
RCS file: /cvs/pkgs/rpms/mingw32-filesystem/devel/mingw32-scripts.sh,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -p -r1.3 -r1.4
--- mingw32-scripts.sh	29 Aug 2009 14:40:08 -0000	1.3
+++ mingw32-scripts.sh	1 Sep 2009 21:42:50 -0000	1.4
@@ -26,4 +26,8 @@ if [ "`basename $0`" = "i686-pc-mingw32-
 else
     NAME="_`basename $0|tr -- - _`"
 fi
-eval "`rpm --eval "%{$NAME}"`" "$@"
+
+# NOTE: The use of 'eval' in combination with '$@' is a potential security risk
+#       We should find a more safe replacement for this command
+#       Suggestions are welcome at the Fedora MinGW mailing list
+eval "`rpm --eval "%{$NAME}"`" '"$@"'

More information about the scm-commits mailing list