[tuxguitar] - Fix CVE-2010-3385 insecure library loading vulnerability - RHBZ#638396
Orcan Ogetbil
oget at fedoraproject.org
Sat Oct 2 01:55:21 UTC 2010
commit 5c0b833e8bf2452f2603ceedd4addbbd3edf8137
Author: Orcan Ogetbil <oget.fedora at gmail.com>
Date: Fri Oct 1 21:55:16 2010 -0400
- Fix CVE-2010-3385 insecure library loading vulnerability - RHBZ#638396
tuxguitar-build-fedora.xml | 2 +-
tuxguitar.spec | 5 ++++-
2 files changed, 5 insertions(+), 2 deletions(-)
---
diff --git a/tuxguitar-build-fedora.xml b/tuxguitar-build-fedora.xml
index 50adcf2..d869edb 100644
--- a/tuxguitar-build-fedora.xml
+++ b/tuxguitar-build-fedora.xml
@@ -116,7 +116,7 @@
<echo file="${file.script}" append="true"> [ ! -d ${MOZILLA_FIVE_HOME} ] && MOZILLA_FIVE_HOME=/usr/lib${os.lib.suffix}/iceweasel${line.separator}</echo>
<echo file="${file.script}" append="true">fi${line.separator}</echo>
<echo file="${file.script}" append="true">##LIBRARY_PATH${line.separator}</echo>
- <echo file="${file.script}" append="true">LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:${dist.lib.path}${line.separator}</echo>
+ <echo file="${file.script}" append="true">LD_LIBRARY_PATH=${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}${dist.lib.path}${line.separator}</echo>
<echo file="${file.script}" append="true">LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/lib${os.lib.suffix}${line.separator}</echo>
<echo file="${file.script}" append="true">LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/usr/lib${os.lib.suffix}${line.separator}</echo>
<echo file="${file.script}" append="true">LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/usr/lib${os.lib.suffix}/jni${line.separator}</echo>
diff --git a/tuxguitar.spec b/tuxguitar.spec
index db94cd3..2a00082 100644
--- a/tuxguitar.spec
+++ b/tuxguitar.spec
@@ -3,7 +3,7 @@
Summary: A multitrack tablature editor and player written in Java-SWT
Name: tuxguitar
Version: 1.2
-Release: 2%{?dist}
+Release: 3%{?dist}
URL: http://www.tuxguitar.com.ar
Source0: http://downloads.sourceforge.net/%{name}/%{name}-src-%{version}.tar.gz
# Fedora specific build script. Accepted by upstream:
@@ -179,6 +179,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
%{_bindir}/%{name}
%changelog
+* Fri Oct 01 2010 Orcan Ogetbil <oget[DOT]fedora[AT]gmail[DOT]com>> - 1.2-3
+- Fix CVE-2010-3385 insecure library loading vulnerability - RHBZ#638396
+
* Sat Nov 28 2009 Orcan Ogetbil <oget[DOT]fedora[AT]gmail[DOT]com>> - 1.2-2
- Change build system (we'll use our build-fedora.xml rather than patching Debian's
Makefile).
More information about the scm-commits
mailing list