[gnome-subtitles] - Switched to upstreams approach for the security fix - Use the new macros properly

[belegdol]

commit dda64b4435620e4b9b840e7ccf164860b1789231
Author: Julian Sikorski <belegdol at gmail.com>
Date:   Sun Oct 3 20:42:11 2010 +0200

    - Switched to upstreams approach for the security fix
    - Use the new macros properly

 ...t-bug-638384-CVE-2010-3357-CVE-2010-3357-.patch |   25 ++++++++++++++++++++
 gnome-subtitles-ldlibpath.patch                    |   16 ------------
 gnome-subtitles.spec                               |   16 ++++++++----
 3 files changed, 35 insertions(+), 22 deletions(-)
---
diff --git a/0001-Fixed-RedHat-bug-638384-CVE-2010-3357-CVE-2010-3357-.patch b/0001-Fixed-RedHat-bug-638384-CVE-2010-3357-CVE-2010-3357-.patch
new file mode 100644
index 0000000..0dd389b
--- /dev/null
+++ b/0001-Fixed-RedHat-bug-638384-CVE-2010-3357-CVE-2010-3357-.patch
@@ -0,0 +1,25 @@
+From 44370dc2a87f7fa0d6c9730979514bd407a37c65 Mon Sep 17 00:00:00 2001
+From: Pedro Castro <mail at pedrocastro.org>
+Date: Sat, 2 Oct 2010 00:32:13 +0100
+Subject: [PATCH] Fixed RedHat bug #638384 - (CVE-2010-3357) CVE-2010-3357 gnome-subtitles: insecure library loading vulnerability
+
+---
+ src/GnomeSubtitles/Execution/gnome-subtitles.in |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/src/GnomeSubtitles/Execution/gnome-subtitles.in b/src/GnomeSubtitles/Execution/gnome-subtitles.in
+index 698fe4a..6689357 100644
+--- a/src/GnomeSubtitles/Execution/gnome-subtitles.in
++++ b/src/GnomeSubtitles/Execution/gnome-subtitles.in
+@@ -6,7 +6,7 @@ libdir=@libdir@
+ 
+ sublibdir=@SUBLIB_DLL_DIR@
+ 
+-export LD_LIBRARY_PATH="$libdir/gnome-subtitles:$LD_LIBRARY_PATH"
++export LD_LIBRARY_PATH=$libdir/gnome-subtitles${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}
+ export MONO_PATH=$sublibdir:$MONO_PATH
+ exec -a gnome-subtitles @MONO@ $libdir/gnome-subtitles/gnome-subtitles.exe "$@"
+ 
+-- 
+1.7.2.3
+
diff --git a/gnome-subtitles.spec b/gnome-subtitles.spec
index d465611..69106be 100644
--- a/gnome-subtitles.spec
+++ b/gnome-subtitles.spec
@@ -1,6 +1,6 @@
 Name:           gnome-subtitles
 Version:        1.0
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        Subtitle editor for Gnome
 
 Group:          Applications/Multimedia
@@ -8,7 +8,7 @@ Group:          Applications/Multimedia
 License:        GPLv2+ and (MPLv1.1 or GPLv2+ or LGPLv2+)
 URL:            http://gnome-subtitles.sourceforge.net
 Source0:        http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
-Patch0:         %{name}-ldlibpath.patch
+Patch0:         0001-Fixed-RedHat-bug-638384-CVE-2010-3357-CVE-2010-3357-.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires:  desktop-file-utils
@@ -42,7 +42,7 @@ translation and synchronization.
 
 %prep
 %setup -q
-%patch0 -p1 -b .ldlibpath
+%patch0 -p1 -b .cve20103357
 
 
 %build
@@ -65,16 +65,16 @@ desktop-file-install --vendor=fedora \
 
 
 %pre
-%gconf_schema_prepare %{name}.schemas
+%gconf_schema_prepare %{name}
 
 
 %post
-%gconf_schema_upgrade %{name}.schemas
+%gconf_schema_upgrade %{name}
 update-desktop-database &> /dev/null || :
 
 
 %preun
-%gconf_schema_remove %{name}.schemas
+%gconf_schema_remove %{name}
 
 
 %postun
@@ -96,6 +96,10 @@ update-desktop-database &> /dev/null || :
 
 
 %changelog
+* Sun Oct 03 2010 Julian Sikorski <belegdol at fedoraproject.org> - 1.0-3
+- Switched to upstreams approach for the security fix
+- Use the new macros properly
+
 * Thu Sep 30 2010 Julian Sikorski <belegdol at fedoraproject.org> - 1.0-2
 - Fixed security vulnrerability CVE-2010-3357
 - Updated scriptlets to the latest spec