[bristol] New upstream, security fix.
Jon Ciesla
limb at fedoraproject.org
Wed Sep 29 15:04:33 UTC 2010
commit 20bd958f7b24285444589727b354788c5cb56464
Author: Jon Ciesla <limb at jcomserv.net>
Date: Wed Sep 29 10:05:28 2010 -0500
New upstream, security fix.
.gitignore | 1 +
bristol-0.60.6-CVE-2010-3351.patch | 11 +++++++++++
bristol.spec | 15 +++++++++++----
sources | 2 +-
4 files changed, 24 insertions(+), 5 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 7c4f38c..3f0a9d2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
bristol-0.40.7.tar.gz
+/bristol-0.60.6.tar.gz
diff --git a/bristol-0.60.6-CVE-2010-3351.patch b/bristol-0.60.6-CVE-2010-3351.patch
new file mode 100644
index 0000000..b7e4e09
--- /dev/null
+++ b/bristol-0.60.6-CVE-2010-3351.patch
@@ -0,0 +1,11 @@
+--- bin/startBristol.in~ 2010-07-29 02:42:54.000000000 -0500
++++ bin/startBristol.in 2010-09-29 09:51:01.529964644 -0500
+@@ -360,7 +360,7 @@
+ export SLAB_HOME=$BRISTOL
+ export BRIGHTON=$BRISTOL
+
+-export LD_LIBRARY_PATH=/usr/local/lib:usr/lib:${LD_LIBRARY_PATH}:${BRISTOL}/lib
++export LD_LIBRARY_PATH=/usr/local/lib:usr/lib:${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}:${BRISTOL}/lib
+
+ export PATH=${PATH}:$BRISTOL/bin:/usr/local/bin
+
diff --git a/bristol.spec b/bristol.spec
index 4818e6a..d689e75 100644
--- a/bristol.spec
+++ b/bristol.spec
@@ -1,6 +1,6 @@
Name: bristol
-Version: 0.40.7
-Release: 6%{dist}
+Version: 0.60.6
+Release: 1%{dist}
Summary: Synthesizer emulator
Group: Applications/Multimedia
@@ -8,6 +8,7 @@ License: GPLv2+
URL: http://bristol.sourceforge.net
Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
Source1: %{name}.desktop
+Patch0: bristol-0.60.6-CVE-2010-3351.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: libX11-devel alsa-lib-devel jack-audio-connection-kit-devel desktop-file-utils
@@ -29,6 +30,8 @@ This package contains the development libraries for Bristol.
%prep
%setup -q
+%patch0 -p0 -b .libpath
+
find ./bitmaps/ -name '*.gz' | xargs chmod -x
chmod -x ./memory/profiles/*
find . -name '*.c' | xargs chmod -x
@@ -36,10 +39,10 @@ find . -name '*.h' | xargs chmod -x
find . -name '*.xbm' | xargs chmod -x
find . -name '*.svg' | xargs chmod -x
chmod -x NEWS COPYING* README AUTHORS ChangeLog
-chmod -x memory/mixer/another memory/mixer/test memory/mixer/default/memory memory/mini/readme.txt
+chmod -x memory/mixer/default/memory memory/mini/readme.txt
%build
-%configure --enable-static=no
+%configure --enable-static=no --disable-version-check
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
@@ -73,12 +76,16 @@ rm -rf $RPM_BUILD_ROOT
%{_datadir}/pixmaps/*
%{_datadir}/applications/bristol.desktop
%{_libdir}/lib*.so.*
+%{_mandir}/man1/*
%files devel
%defattr(-,root,root,-)
%{_libdir}/lib*.so
%changelog
+* Wed Sep 29 2010 Jon Ciesla <limb at jcomserv.net> - 0.60.6-1
+- New upstream, fix for CVE-2010-3351, BZ 638376.
+
* Tue Jan 26 2010 Jon Ciesla <limb at jcomserv.net> - 0.40.7-6
- Removed INSTALL.
diff --git a/sources b/sources
index 83971a8..e0b2618 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-274ff732ebcfe21c9f043fb466df24e0 bristol-0.40.7.tar.gz
+8bb29a0596d506fa9c6f728d65308414 bristol-0.60.6.tar.gz
More information about the scm-commits
mailing list