rpms/fetchmail/F-12 fetchmail-6.3.11-CVE-2010-0562.patch, NONE, 1.1 fetchmail.spec, 1.70, 1.71
vcrhonek
vcrhonek at fedoraproject.org
Tue Feb 9 12:49:14 UTC 2010
- Previous message: File kdelibs-4.4.0.tar.bz2 uploaded to lookaside cache by rdieter
- Next message: rpms/seahorse/devel .cvsignore, 1.36, 1.37 seahorse.spec, 1.89, 1.90 sources, 1.38, 1.39 property-get.patch, 1.2, NONE seahorse-2.29.4-missing-null.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: vcrhonek
Update of /cvs/pkgs/rpms/fetchmail/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv15433
Modified Files:
fetchmail.spec
Added Files:
fetchmail-6.3.11-CVE-2010-0562.patch
Log Message:
Fix CVE-2010-0562
fetchmail-6.3.11-CVE-2010-0562.patch:
sdump.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- NEW FILE fetchmail-6.3.11-CVE-2010-0562.patch ---
diff -up fetchmail-6.3.11/sdump.c_old fetchmail-6.3.11/sdump.c
--- fetchmail-6.3.11/sdump.c_old 2010-02-09 13:23:44.148879304 +0100
+++ fetchmail-6.3.11/sdump.c 2010-02-09 13:25:14.049889396 +0100
@@ -36,7 +36,7 @@ char *sdump(const char *in, size_t len)
if (isprint((unsigned char)in[i])) {
*(oi++) = in[i];
} else {
- oi += sprintf(oi, "\\x%02X", in[i]);
+ oi += sprintf(oi, "\\x%02X", (unsigned char)in[i]);
}
}
*oi = '\0';
Index: fetchmail.spec
===================================================================
RCS file: /cvs/pkgs/rpms/fetchmail/F-12/fetchmail.spec,v
retrieving revision 1.70
retrieving revision 1.71
diff -u -p -r1.70 -r1.71
--- fetchmail.spec 21 Aug 2009 13:22:44 -0000 1.70
+++ fetchmail.spec 9 Feb 2010 12:49:14 -0000 1.71
@@ -4,13 +4,14 @@
Summary: A remote mail retrieval and forwarding utility
Name: fetchmail
Version: 6.3.11
-Release: 3%{?dist}
+Release: 4%{?dist}
Requires: procmail
Source0: http://download.berlios.de/fetchmail/fetchmail-%{version}.tar.bz2
Source1: http://download.berlios.de/fetchmail/fetchmail-%{version}.tar.bz2.asc
# See http://bugs.gentoo.org/show_bug.cgi?id=280760
# Upstream has commited this in fetchmail SVN repository already
Patch0: fetchmail-6.3.11-regression.patch
+Patch1: fetchmail-6.3.11-CVE-2010-0562.patch
URL: http://fetchmail.berlios.de/
# For a breakdown of the licensing, see COPYING
License: GPL+ and Public Domain
@@ -49,6 +50,7 @@ need to have Python and Tk installed in
%prep
%setup -q
%patch0 -p1 -b .regression
+%patch1 -p1 -b .CVE-2010-0562
%build
%configure --enable-POP3 --enable-IMAP --with-ssl --with-hesiod \
@@ -87,6 +89,9 @@ rm -rf $RPM_BUILD_ROOT
%endif
%changelog
+* Tue Feb 9 2010 Vitezslav Crhonek <vcrhonek at redhat.com> - 6.3.11-4
+- Fix CVE-2010-0562
+
* Fri Aug 21 2009 Tomas Mraz <tmraz at redhat.com> - 6.3.11-3
- rebuilt with new openssl
- Previous message: File kdelibs-4.4.0.tar.bz2 uploaded to lookaside cache by rdieter
- Next message: rpms/seahorse/devel .cvsignore, 1.36, 1.37 seahorse.spec, 1.89, 1.90 sources, 1.38, 1.39 property-get.patch, 1.2, NONE seahorse-2.29.4-missing-null.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list