rpms/esorex/F-11 esorex-ltdl.patch, NONE, 1.1 esorex.spec, 1.13, 1.14 esorex-pluginpath.patch, 1.1, NONE

Sergio Pascual sergiopr at fedoraproject.org
Thu Feb 18 18:23:04 UTC 2010 

Author: sergiopr

Update of /cvs/pkgs/rpms/esorex/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv12454

Modified Files:
	esorex.spec 
Added Files:
	esorex-ltdl.patch 
Removed Files:
	esorex-pluginpath.patch 
Log Message:
* Wed Feb 17 2010 Sergio Pascual <sergiopr at fedoraproject.org> 3.7.2-3
- Patch to ltdl, fixes security problem CVE-2009-3736, bz #563969


esorex-ltdl.patch:
 ltdl.c |    5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

--- NEW FILE esorex-ltdl.patch ---
diff -pruN libtool-2.2.6.org/libltdl/ltdl.c libtool-2.2.6/libltdl/ltdl.c
--- libtool-2.2.6.org/libltdl/ltdl.c	2008-09-05 05:54:41.000000000 -0600
+++ libtool-2.2.6/libltdl/ltdl.c	2009-11-19 10:30:12.000000000 -0700
@@ -529,7 +529,8 @@ find_module (lt_dlhandle *handle, const 
   /* Try to open the old library first; if it was dlpreopened,
      we want the preopened version of it, even if a dlopenable
      module is available.  */
-  if (old_name && tryall_dlopen (handle, old_name, advise, 0) == 0)
+  if (old_name && tryall_dlopen (handle, old_name,
+			  advise, lt_dlloader_find ("lt_preopen") ) == 0)
     {
       return 0;
     }
@@ -1345,7 +1346,7 @@ try_dlopen (lt_dlhandle *phandle, const 
 	    }
 #endif
 	}
-      if (!file)
+      else
 	{
 	  file = fopen (attempt, LT_READTEXT_MODE);
 	}


Index: esorex.spec
===================================================================
RCS file: /cvs/pkgs/rpms/esorex/F-11/esorex.spec,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -p -r1.13 -r1.14
--- esorex.spec	16 Nov 2009 16:22:15 -0000	1.13
+++ esorex.spec	18 Feb 2010 18:23:04 -0000	1.14
@@ -1,6 +1,6 @@
 Name: esorex
 Version: 3.7.2
-Release: 2%{dist}
+Release: 3%{dist}
 Summary: Recipe Execution Tool of the European Southern Observatory 
 
 Group: Applications/Engineering
@@ -8,6 +8,7 @@ License: GPLv2+
 URL: http://www.eso.org/observing/cpl/esorex.html
 Source0: ftp://ftp.hq.eso.org/pub/cpl/%{name}-%{version}.tar.gz
 Patch0: esorex-configure.patch
+Patch1: esorex-ltdl.patch
 Buildroot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
 
 BuildRequires: cpl-devel
@@ -44,6 +45,9 @@ rm -rf %{buildroot}
 %{_datadir}/*
 
 %changelog
+* Wed Feb 17 2010 Sergio Pascual <sergiopr at fedoraproject.org> 3.7.2-3
+- Patch to ltdl, fixes security problem CVE-2009-3736, bz #563969
+
 * Mon Nov 16 2009 Sergio Pascual <sergiopr at fedoraproject.org> 3.7.2-2
 - EVR bump to allow rebuilding
 


--- esorex-pluginpath.patch DELETED ---

More information about the scm-commits mailing list