[chm2pdf] Applied patch to fix security bugs #474455 and #474457 modified: chm2pdf.spec

Lakshmi Narasimhan T V narasim at fedoraproject.org
Sun Jan 16 09:00:20 UTC 2011


commit dc4cc52c8248c1778343914e5a123eb1dc8aeb1e
Author: Lakshmi Narasimhan <lakshminaras2002 at gmail.com>
Date:   Sun Jan 16 13:58:33 2011 +0530

    Applied patch to fix security bugs #474455 and #474457
    	modified:   chm2pdf.spec

 chm2pdf.spec |   33 +++++++++++++++++++--------------
 1 files changed, 19 insertions(+), 14 deletions(-)
---
diff --git a/chm2pdf.spec b/chm2pdf.spec
index 8ac0297..b4e7a43 100644
--- a/chm2pdf.spec
+++ b/chm2pdf.spec
@@ -1,25 +1,26 @@
 %{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
 
-Name:		chm2pdf
-Version: 	0.9.1
-Release:	8%{?dist}
-Summary:	A tool to convert CHM files to PDF files
-Group:		Applications/Publishing
-License:	GPLv2+
-URL:		http://code.google.com/p/chm2pdf/
-Source: 	http://chm2pdf.googlecode.com/files/chm2pdf-%{version}.tar.gz
-
-BuildArch: 	noarch
-BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-BuildRequires:	python-devel
-Requires:	python >= 2.5, python-chm, htmldoc
+Name:       chm2pdf
+Version:    0.9.1
+Release:    9%{?dist}
+Summary:    A tool to convert CHM files to PDF files
+Group:      Applications/Publishing
+License:    GPLv2+
+URL:        http://code.google.com/p/chm2pdf/
+Source:     http://chm2pdf.googlecode.com/files/chm2pdf-%{version}.tar.gz
+
+BuildArch:  noarch
+BuildRoot:  %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildRequires:  python-devel
+Requires:   python >= 2.5, python-chm, htmldoc
+Patch1:     chm2pdf_insecure_tempdirs.patch
 
 %description
 A simple Python script that converts CHM files into PDF files.
 
 %prep
 %setup -q
-
+%patch1 -p1 -b .orig
 
 %build
 CFLAGS="$RPM_OPT_FLAGS" %{__python} setup.py build
@@ -39,6 +40,10 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Sun Jan 9 2011 Lakshmi Narasimhan T V <lakshminaras2002 at gmail.com> - 0.9.1-9
+- Applied patch to fix use of fixed temporary directories. Fixes bugs #474455,#474457
+- CVE-2008-5298 and CVE-2008-5299 are fixed by this patch 
+
 * Wed Jul 21 2010 David Malcolm <dmalcolm at redhat.com> - 0.9.1-8
 - Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
 


More information about the scm-commits mailing list