[snapper] - fixed possible security vulnerability in extended attributes handling

okozina okozina at fedoraproject.org
Fri Apr 26 10:58:24 UTC 2013 

commit 98dbe1380db95ce0d98d3c4ed7a7f9850511dcf6
Author: Ondrej Kozina <okozina at redhat.com>
Date:   Fri Apr 26 12:57:34 2013 +0200

    - fixed possible security vulnerability in extended attributes handling

 snapper-0.1.3-fix-xattrs-include.patch |   17 -----------------
 snapper.spec                           |    9 +++++----
 sources                                |    2 +-
 3 files changed, 6 insertions(+), 22 deletions(-)
---
diff --git a/snapper.spec b/snapper.spec
index 7be695f..8ff0705 100644
--- a/snapper.spec
+++ b/snapper.spec
@@ -1,6 +1,6 @@
 Name:		snapper
 Version:	0.1.3
-Release:	1.20130418git7ca81a2%{?dist}
+Release:	1.20130426git35ff4ec%{?dist}
 License:	GPLv2
 Group:		Applications/System
 BuildRequires:	boost-devel doxygen gettext libtool libxml2-devel
@@ -12,11 +12,10 @@ Url:		http://en.opensuse.org/Portal:Snapper
 
 # source tarball creation process from master branch:
 # git clone git://github.com/openSUSE/snapper.git
-# git archive --format=tar --prefix=snapper-0.1.3/ 7ca81a2f78ee0087dd3a6c71dba1af417adafe0e | bzip2 > /tmp/snapper-0.1.3.tar.bz2
+# git archive --format=tar --prefix=snapper-0.1.3/ 35ff4eca49393b033a7cbaf76479addeb6c77a8d | bzip2 > /tmp/snapper-0.1.3.tar.bz2
 Source0:	%{name}-%{version}.tar.bz2
 patch0:		%{name}-remove-ext4-info.patch
 patch1:		%{name}-rename-cron-files.patch
-patch2:		%{name}-%{version}-fix-xattrs-include.patch
 
 %description
 This package contains snapper, a tool for filesystem snapshot management.
@@ -44,7 +43,6 @@ snapper.
 %setup -q
 %patch0 -p1
 %patch1 -p1
-%patch2 -p1
 
 %build
 aclocal
@@ -98,6 +96,9 @@ rm -f %{buildroot}/%{_libdir}/*.la
 %{_includedir}/%{name}
 
 %changelog
+* Fri Apr 26 2013 Ondrej Kozina <okozina at redhat.com> - 0.1.3-1.20130426git35ff4ec
+- fixed possible security vulnerability in extended attributes handling
+
 * Thu Apr 18 2013 Ondrej Kozina <okozina at redhat.com> - 0.1.3-1.20130418git7ca81a2
 - updatet to latest upstream version
 - add support to compare extended attributes ('xadiff' command)
diff --git a/sources b/sources
index b4c8cb2..ae16704 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-87f1d2f18af14c0aa102ae3ebf2a8ed7  snapper-0.1.3.tar.bz2
+b033115f16f3ba54010845a90e009191  snapper-0.1.3.tar.bz2

More information about the scm-commits mailing list