[libXext] Update to git snapshot to fix CVEs listed below

Peter Hutterer whot at fedoraproject.org
Fri May 24 04:03:17 UTC 2013 

commit 704ab7169f263ba0f50b4a0101eb2ede85d52038
Author: Peter Hutterer <peter.hutterer at who-t.net>
Date:   Fri May 24 13:27:52 2013 +1000

    Update to git snapshot to fix CVEs listed below
    
    - CVE-2013-1982

 .gitignore           |    1 +
 commitid             |    1 +
 libXext.spec         |   20 +++++++++++++++++---
 make-git-snapshot.sh |   17 +++++++++++++++++
 sources              |    2 +-
 5 files changed, 37 insertions(+), 4 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index fced03a..609958d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,4 @@ libXext-1.1.2.tar.bz2
 /libXext-1.2.0.tar.bz2
 /libXext-1.3.0.tar.bz2
 /libXext-1.3.1.tar.bz2
+/libXext-20130524.tar.bz2
diff --git a/commitid b/commitid
new file mode 100644
index 0000000..f6993ae
--- /dev/null
+++ b/commitid
@@ -0,0 +1 @@
+dfe6e1f3b8ede3d0bab7a5fa57f73513a09ec649
diff --git a/libXext.spec b/libXext.spec
index 8ff856d..439a0ec 100644
--- a/libXext.spec
+++ b/libXext.spec
@@ -1,12 +1,22 @@
+%global tarball libXext
+%global gitdate 20130524
+%global gitversion dfe6e1f3b
+
 Summary: X.Org X11 libXext runtime library
 Name: libXext
 Version: 1.3.1
-Release: 4%{?dist}
+Release: 3%{?gitdate:.%{gitdate}git%{gitversion}}%{?dist}
 License: MIT
 Group: System Environment/Libraries
 URL: http://www.x.org
 
-Source0: ftp://ftp.x.org/pub/individual/lib/%{name}-%{version}.tar.bz2
+%if 0%{?gitdate}
+Source0:    %{tarball}-%{gitdate}.tar.bz2
+Source1:    make-git-snapshot.sh
+Source2:    commitid
+%else
+Source0: http://xorg.freedesktop.org/archive/individual/lib/%{name}-%{version}.tar.bz2
+%endif
 
 BuildRequires: autoconf automake libtool
 BuildRequires: xorg-x11-proto-devel >= 7.4-23
@@ -28,7 +38,7 @@ Requires: %{name} = %{version}-%{release}
 X.Org X11 libXext development package
 
 %prep
-%setup -q
+%setup -q -n %{tarball}-%{?gitdate:%{gitdate}}%{!?gitdate:%{version}}
 
 %build
 autoreconf -v --install --force
@@ -82,6 +92,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man3/*.3*
 
 %changelog
+* Fri May 24 2013 Peter Hutterer <peter.hutterer at redhat.com> 1.3.1-3.20130524gitdfe6e1f3b
+- Update to git snapshot to fix CVEs listed below
+- CVE-2013-1982
+
 * Thu Mar 07 2013 Peter Hutterer <peter.hutterer at redhat.com> - 1.3.1-4
 - autoreconf for aarch64
 
diff --git a/make-git-snapshot.sh b/make-git-snapshot.sh
new file mode 100755
index 0000000..9399b57
--- /dev/null
+++ b/make-git-snapshot.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+DIRNAME=libXext-$( date +%Y%m%d )
+
+rm -rf $DIRNAME
+git clone git://git.freedesktop.org/git/xorg/lib/libXext $DIRNAME
+cd $DIRNAME
+if [ -z "$1" ]; then
+    git log | head -1
+else
+    git checkout $1
+fi
+git log | head -1 | awk '{ print $2 }' > ../commitid
+git repack -a -d
+cd ..
+tar jcf $DIRNAME.tar.bz2 $DIRNAME
+rm -rf $DIRNAME
diff --git a/sources b/sources
index d295377..fd4cd2f 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-71251a22bc47068d60a95f50ed2ec3cf  libXext-1.3.1.tar.bz2
+bdc37ab05bef1d6b3581db9eaae12228  libXext-20130524.tar.bz2

More information about the scm-commits mailing list