[bristol] New upstream, security fix.

Jon Ciesla limb at fedoraproject.org
Wed Sep 29 15:04:33 UTC 2010 

commit 20bd958f7b24285444589727b354788c5cb56464
Author: Jon Ciesla <limb at jcomserv.net>
Date:   Wed Sep 29 10:05:28 2010 -0500

    New upstream, security fix.

 .gitignore                         |    1 +
 bristol-0.60.6-CVE-2010-3351.patch |   11 +++++++++++
 bristol.spec                       |   15 +++++++++++----
 sources                            |    2 +-
 4 files changed, 24 insertions(+), 5 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 7c4f38c..3f0a9d2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 bristol-0.40.7.tar.gz
+/bristol-0.60.6.tar.gz
diff --git a/bristol-0.60.6-CVE-2010-3351.patch b/bristol-0.60.6-CVE-2010-3351.patch
new file mode 100644
index 0000000..b7e4e09
--- /dev/null
+++ b/bristol-0.60.6-CVE-2010-3351.patch
@@ -0,0 +1,11 @@
+--- bin/startBristol.in~	2010-07-29 02:42:54.000000000 -0500
++++ bin/startBristol.in	2010-09-29 09:51:01.529964644 -0500
+@@ -360,7 +360,7 @@
+ export SLAB_HOME=$BRISTOL
+ export BRIGHTON=$BRISTOL
+ 
+-export LD_LIBRARY_PATH=/usr/local/lib:usr/lib:${LD_LIBRARY_PATH}:${BRISTOL}/lib
++export LD_LIBRARY_PATH=/usr/local/lib:usr/lib:${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}:${BRISTOL}/lib
+ 
+ export PATH=${PATH}:$BRISTOL/bin:/usr/local/bin
+ 
diff --git a/bristol.spec b/bristol.spec
index 4818e6a..d689e75 100644
--- a/bristol.spec
+++ b/bristol.spec
@@ -1,6 +1,6 @@
 Name:		bristol
-Version:	0.40.7
-Release:	6%{dist}
+Version:	0.60.6
+Release:	1%{dist}
 Summary:	Synthesizer emulator
 
 Group:		Applications/Multimedia
@@ -8,6 +8,7 @@ License:	GPLv2+
 URL:		http://bristol.sourceforge.net
 Source0:	http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
 Source1:	%{name}.desktop
+Patch0:		bristol-0.60.6-CVE-2010-3351.patch
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires:	libX11-devel alsa-lib-devel jack-audio-connection-kit-devel desktop-file-utils
@@ -29,6 +30,8 @@ This package contains the development libraries for Bristol.
 %prep
 %setup -q
 
+%patch0 -p0 -b .libpath
+
 find ./bitmaps/ -name '*.gz' | xargs chmod -x 
 chmod -x ./memory/profiles/*
 find . -name '*.c' | xargs chmod -x
@@ -36,10 +39,10 @@ find . -name '*.h' | xargs chmod -x
 find . -name '*.xbm' | xargs chmod -x
 find . -name '*.svg' | xargs chmod -x
 chmod -x NEWS COPYING* README AUTHORS ChangeLog
-chmod -x memory/mixer/another memory/mixer/test memory/mixer/default/memory memory/mini/readme.txt
+chmod -x memory/mixer/default/memory memory/mini/readme.txt
 
 %build
-%configure --enable-static=no
+%configure --enable-static=no --disable-version-check
 sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
 sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
 
@@ -73,12 +76,16 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/pixmaps/*
 %{_datadir}/applications/bristol.desktop
 %{_libdir}/lib*.so.*
+%{_mandir}/man1/*
 
 %files devel
 %defattr(-,root,root,-)
 %{_libdir}/lib*.so
 
 %changelog
+* Wed Sep 29 2010 Jon Ciesla <limb at jcomserv.net> - 0.60.6-1
+- New upstream, fix for CVE-2010-3351, BZ 638376.
+
 * Tue Jan 26 2010 Jon Ciesla <limb at jcomserv.net> - 0.40.7-6
 - Removed INSTALL.
 
diff --git a/sources b/sources
index 83971a8..e0b2618 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-274ff732ebcfe21c9f043fb466df24e0  bristol-0.40.7.tar.gz
+8bb29a0596d506fa9c6f728d65308414  bristol-0.60.6.tar.gz

More information about the scm-commits mailing list