[rocksndiamonds/f15] apply fix for user configuration/cache directory permission issue (CVE-2011-4606, bz766805)
Tom Callaway
spot at fedoraproject.org
Fri Feb 10 20:41:16 UTC 2012
commit 459beb59a404d8e344e7db16b92c04fc4fc631ab
Author: Tom Callaway <spot at fedoraproject.org>
Date: Fri Feb 10 15:41:15 2012 -0500
apply fix for user configuration/cache directory permission issue (CVE-2011-4606, bz766805)
rocksndiamonds-CVE-2011-4606.patch | 29 +++++++++++++++++++++++++++++
rocksndiamonds.spec | 23 ++++++++++++++++-------
2 files changed, 45 insertions(+), 7 deletions(-)
---
diff --git a/rocksndiamonds-CVE-2011-4606.patch b/rocksndiamonds-CVE-2011-4606.patch
new file mode 100644
index 0000000..65a06e6
--- /dev/null
+++ b/rocksndiamonds-CVE-2011-4606.patch
@@ -0,0 +1,29 @@
+diff -up rocksndiamonds-3.3.0.1/src/libgame/setup.c.CVE-2011-4606 rocksndiamonds-3.3.0.1/src/libgame/setup.c
+--- rocksndiamonds-3.3.0.1/src/libgame/setup.c.CVE-2011-4606 2011-12-12 14:28:30.083078680 -0500
++++ rocksndiamonds-3.3.0.1/src/libgame/setup.c 2011-12-12 14:34:36.758744753 -0500
+@@ -1293,11 +1293,14 @@ void sortTreeInfo(TreeInfo **node_first)
+ #define MODE_W_ALL (S_IWUSR | S_IWGRP | S_IWOTH)
+ #define MODE_X_ALL (S_IXUSR | S_IXGRP | S_IXOTH)
+
++#define MODE_R_PRIVATE (S_IRUSR)
+ #define MODE_W_PRIVATE (S_IWUSR)
++#define MODE_X_PRIVATE (S_IXUSR)
++
+ #define MODE_W_PUBLIC (S_IWUSR | S_IWGRP)
+ #define MODE_W_PUBLIC_DIR (S_IWUSR | S_IWGRP | S_ISGID)
+
+-#define DIR_PERMS_PRIVATE (MODE_R_ALL | MODE_X_ALL | MODE_W_PRIVATE)
++#define DIR_PERMS_PRIVATE (MODE_R_PRIVATE | MODE_X_PRIVATE | MODE_W_PRIVATE)
+ #define DIR_PERMS_PUBLIC (MODE_R_ALL | MODE_X_ALL | MODE_W_PUBLIC_DIR)
+
+ #define FILE_PERMS_PRIVATE (MODE_R_ALL | MODE_W_PRIVATE)
+@@ -1456,7 +1459,8 @@ void createDirectory(char *dir, char *te
+ if (running_setgid)
+ posix_umask(last_umask & group_umask);
+ else
+- dir_mode |= MODE_W_ALL;
++ if (permission_class == PERMS_PUBLIC)
++ dir_mode |= MODE_W_ALL;
+
+ if (!fileExists(dir))
+ if (posix_mkdir(dir, dir_mode) != 0)
diff --git a/rocksndiamonds.spec b/rocksndiamonds.spec
index 1872994..f97f042 100644
--- a/rocksndiamonds.spec
+++ b/rocksndiamonds.spec
@@ -1,6 +1,6 @@
Name: rocksndiamonds
Version: 3.3.0.1
-Release: 2%{?dist}
+Release: 5%{?dist}
License: GPL+
Group: Amusements/Games
Summary: Underground digging game
@@ -14,7 +14,7 @@ Patch0: rocksndiamonds-3.2.6.0-nosmpeg.patch
Patch1: rocksndiamonds-highscore.patch
Patch2: rocksndiamonds-YN.patch
Patch3: rocksndiamonds-3.2.6.0-music-info-url.patch
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+Patch4: rocksndiamonds-CVE-2011-4606.patch
BuildRequires: SDL-devel, libX11-devel, desktop-file-utils, xorg-x11-proto-devel
BuildRequires: SDL_image-devel, SDL_mixer-devel, SDL_net-devel
@@ -28,12 +28,12 @@ rocks and strange creatures!
%patch1 -p1
%patch2 -p1
%patch3 -p1
+%patch4 -p1
%build
make %{?_smp_mflags} RO_GAME_DIR=%{_datadir}/%{name}/ RW_GAME_DIR=%{_localstatedir}/games/%{name}/ EXTRA_CFLAGS="$RPM_OPT_FLAGS -DUSE_USERDATADIR_FOR_COMMONDATA"
%install
-rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT%{_datadir}/%{name}
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/games/%{name}
mkdir -p $RPM_BUILD_ROOT%{_datadir}/applications
@@ -47,17 +47,16 @@ done
install -m0644 rocksndiamonds.1 $RPM_BUILD_ROOT%{_mandir}/man1
cp %{SOURCE2} $RPM_BUILD_ROOT%{_datadir}/pixmaps
+# Get rid of unnecessary patch files.
+rm -rf $RPM_BUILD_ROOT%{_datadir}/%{name}/levels/Tutorials/*/*.orig $RPM_BUILD_ROOT%{_datadir}/%{name}/levels/Tutorials/*/tapes/*.orig
+
desktop-file-install \
--vendor fedora \
--dir $RPM_BUILD_ROOT%{_datadir}/applications \
--mode 0644 \
%{SOURCE1}
-%clean
-rm -rf $RPM_BUILD_ROOT
-
%files
-%defattr(-,root,root,-)
%doc ChangeLog COPYING CREDITS INSTALL README
%doc docs/elements/
%{_bindir}/*
@@ -68,6 +67,16 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man1/*
%changelog
+* Fri Feb 10 2012 Tom Callaway <spot at fedoraproject.org> - 3.3.0.1-5
+- apply fix for user configuration/cache directory permission issue (CVE-2011-4606, bz766805)
+
+* Sat Jan 14 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.3.0.1-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Thu Jun 02 2011 Tom Callaway <spot at fedoraproject.org> - 3.3.0.1-3
+- drop unnecessary .orig files (bz597737)
+- clean up spec file
+
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.3.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
More information about the scm-commits
mailing list