[spice-gtk/f18] Add patch fixing CVE 2012-4425
Christophe Fergeau
teuf at fedoraproject.org
Fri Sep 14 09:42:40 UTC 2012
commit 001df26918b89ebe81d32c2cee8854f6feccae35
Author: Christophe Fergeau <cfergeau at redhat.com>
Date: Fri Sep 14 11:09:09 2012 +0200
Add patch fixing CVE 2012-4425
0003-CVE-2012-4425.patch | 60 ++++++++++++++++++++++++++++++++++++++++++++++
spice-gtk.spec | 11 ++++++--
2 files changed, 68 insertions(+), 3 deletions(-)
---
diff --git a/0003-CVE-2012-4425.patch b/0003-CVE-2012-4425.patch
new file mode 100644
index 0000000..ba9b26d
--- /dev/null
+++ b/0003-CVE-2012-4425.patch
@@ -0,0 +1,60 @@
+diff --git a/configure.ac b/configure.ac
+index 3841c56..b2defd3 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -243,6 +243,8 @@ else
+ EXTERNAL_PNP_IDS="$with_pnp_ids_path"
+ fi
+
++AC_CHECK_FUNCS(clearenv)
++
+ PKG_CHECK_MODULES(GLIB2, glib-2.0 >= 2.22)
+ AC_SUBST(GLIB2_CFLAGS)
+ AC_SUBST(GLIB2_LIBS)
+diff --git a/gtk/spice-client-glib-usb-acl-helper.c b/gtk/spice-client-glib-usb-acl-helper.c
+index 724d62a..93b9b3a 100644
+--- a/gtk/spice-client-glib-usb-acl-helper.c
++++ b/gtk/spice-client-glib-usb-acl-helper.c
+@@ -158,7 +158,8 @@ static void cleanup(void)
+ if (state == STATE_WAITING_FOR_STDIN_EOF)
+ set_facl(path, getuid(), 0);
+
+- g_main_loop_quit(loop);
++ if (loop)
++ g_main_loop_quit(loop);
+ }
+
+ /* Not available in polkit < 0.101 */
+@@ -311,11 +312,32 @@ polkit_authority_get_sync (GCancellable *cancellable, GError **error)
+ }
+ #endif
+
++#ifndef HAVE_CLEARENV
++extern char **environ;
++
++static int
++clearenv (void)
++{
++ if (environ != NULL)
++ environ[0] = NULL;
++ return 0;
++}
++#endif
++
+ int main(void)
+ {
+ pid_t parent_pid;
+ GInputStream *stdin_unix_stream;
+
++ /* Nuke the environment to get a well-known and sanitized
++ * environment to avoid attacks via e.g. the DBUS_SYSTEM_BUS_ADDRESS
++ * environment variable and similar.
++ */
++ if (clearenv () != 0) {
++ FATAL_ERROR("Error clearing environment: %s\n", g_strerror (errno));
++ return 1;
++ }
++
+ g_type_init();
+
+ loop = g_main_loop_new(NULL, FALSE);
diff --git a/spice-gtk.spec b/spice-gtk.spec
index 7e3ec31..80b5be6 100644
--- a/spice-gtk.spec
+++ b/spice-gtk.spec
@@ -13,7 +13,7 @@
Name: spice-gtk
Version: 0.13.29
-Release: 3%{?dist}
+Release: 4%{?dist}
Summary: A GTK+ widget for SPICE clients
Group: System Environment/Libraries
@@ -23,6 +23,7 @@ URL: http://spice-space.org/page/Spice-Gtk
Source0: http://www.spice-space.org/download/gtk/%{name}-%{version}%{?_version_suffix}.tar.bz2
Patch1: 0001-G_GNUC_DEPRECATED_FOR-must-be-defined-publicly.patch
Patch2: 0002-build-sys-Fix-symbol-versioning.patch
+Patch3: 0003-CVE-2012-4425.patch
BuildRequires: intltool
BuildRequires: gtk2-devel >= 2.14
@@ -50,7 +51,7 @@ BuildRequires: pyparsing
BuildRequires: spice-protocol
# Hack because of bz #613466
BuildRequires: libtool
-# For patch #2
+# For patch #2 and #3
BuildRequires: autoconf automake
Requires: spice-glib%{?_isa} = %{version}-%{release}
@@ -153,7 +154,8 @@ fi
pushd spice-gtk-%{version}
%patch1 -p1
%patch2 -p1
-# Patch 2 changes Makefile.am
+%patch3 -p1
+# Patch 2 changes Makefile.am and patch 3 changes configure.ac
autoreconf -fi
popd
@@ -274,6 +276,9 @@ rm -rf %{buildroot}%{_datadir}/pkgconfig/spice-protocol.pc
%{_bindir}/spicy-stats
%changelog
+* Fri Sep 14 2012 Christophe Fergeau <cfergeau at redhat.com> - 0.13.29-4
+- Add patch fixing CVE 2012-4425
+
* Thu Sep 13 2012 Christophe Fergeau <cfergeau at redhat.com> - 0.13.29-3
- Run autoreconf after applying patch 2 as it only modifies Makefile.am
More information about the scm-commits
mailing list