[blender/f18] Porting blender-2.49b-cve.patch (#855092, CVE-2008-1103)
Jochen Schmitt
s4504kr at fedoraproject.org
Fri Sep 7 09:20:15 UTC 2012
commit 7e97ef55fe68f06cb5cc131d796821b248446103
Author: Jochen Schmitt <Jochen at herr-schmitt.de>
Date: Thu Sep 6 22:25:08 2012 +0200
Porting blender-2.49b-cve.patch (#855092, CVE-2008-1103)
blender-2.63a-cve.patch | 42 ++++++++++++++++++++++++++++++++++++++++++
blender.spec | 10 +++++++++-
2 files changed, 51 insertions(+), 1 deletions(-)
---
diff --git a/blender-2.63a-cve.patch b/blender-2.63a-cve.patch
new file mode 100644
index 0000000..90fbc0b
--- /dev/null
+++ b/blender-2.63a-cve.patch
@@ -0,0 +1,42 @@
+diff -up blender-2.63a/source/blender/blenkernel/intern/blender.c.cve blender-2.63a/source/blender/blenkernel/intern/blender.c
+--- blender-2.63a/source/blender/blenkernel/intern/blender.c.cve 2012-05-10 16:50:20.000000000 +0200
++++ blender-2.63a/source/blender/blenkernel/intern/blender.c 2012-09-07 10:10:05.518999947 +0200
+@@ -40,6 +40,7 @@
+ # define write _write
+ #endif
+
++#include <errno.h>
+ #include <stdlib.h>
+ #include <stdio.h>
+ #include <stddef.h>
+@@ -706,7 +707,8 @@ void BKE_undo_save_quit(void)
+ {
+ UndoElem *uel;
+ MemFileChunk *chunk;
+- int file;
++ int file = -1;
++ int flags = O_BINARY+O_WRONLY+O_CREAT+O_TRUNC;
+ char str[FILE_MAX];
+
+ if ( (U.uiflag & USER_GLOBALUNDO)==0) return;
+@@ -722,10 +724,16 @@ void BKE_undo_save_quit(void)
+
+ BLI_make_file_string("/", str, BLI_temporary_dir(), "quit.blend");
+
+- file = BLI_open(str,O_BINARY+O_WRONLY+O_CREAT+O_TRUNC, 0666);
+- if (file == -1) {
+- //XXX error("Unable to save %s, check you have permissions", str);
+- return;
++ while (file == -1) {
++ file = BLI_open(str,flags, 0666);
++ if (file == -1) {
++ if (errno == EEXIST) {
++ flags ^= O_CREAT;
++ } else {
++ //XXX error("Unable to save %s, check you have permissions", str);
++ return;
++ }
++ }
+ }
+
+ chunk= uel->memfile.chunks.first;
diff --git a/blender.spec b/blender.spec
index 69af3e9..7d44f24 100644
--- a/blender.spec
+++ b/blender.spec
@@ -13,7 +13,7 @@
Name: blender
Epoch: 1
Version: %{blender_api}a
-Release: 7%{?dist}
+Release: 8%{?dist}
Summary: 3D modeling, animation, rendering and post-production
@@ -37,6 +37,9 @@ Patch10: blender-2.58-python_include.patch
Patch11: blender-2.61-openjpeg_stdbool.patch
Patch12: blender-boost150.patch
+# Security Patch for CVE-2008-1103
+Patch13: blender-2.63a-cve.patch
+
BuildRequires: desktop-file-utils
BuildRequires: gettext
BuildRequires: libtool
@@ -150,6 +153,8 @@ addon packages to extend blender.
%patch11 -p1 -b .openjpeg_stdbool
%patch12 -p0 -b .boost
+%patch13 -p1 -b .cve
+
find -name '.svn' -print | xargs rm -rf
%build
@@ -295,6 +300,9 @@ fi || :
%{_sysconfdir}/rpm/macros.blender
%changelog
+* Fri Sep 7 2012 Jochen Schmitt <JOchen herr-schmitt de> - 1:2.63a-8
+- Porting blender-2.49b-cve.patch (#855092, CVE-2008-1103)
+
* Fri Aug 10 2012 Richard Shaw <hobbes1069 at gmail.com> - 1:2.63a-7
- Rebuild for libboost 1.50.
More information about the scm-commits
mailing list