[udisks/f19] Resolves: #CVE-2014-0004
Huzaifa Sidhpurwala
huzaifas at fedoraproject.org
Fri Mar 14 05:32:52 UTC 2014
commit c9657c5310e4015125609ac10c72fe87d59a97b2
Author: Huzaifa Sidhpurwala <huzaifas at redhat.com>
Date: Fri Mar 14 11:07:55 2014 +0530
Resolves: #CVE-2014-0004
sources | 1 +
udisks.spec | 7 ++++++-
2 files changed, 7 insertions(+), 1 deletions(-)
---
diff --git a/sources b/sources
index 9406fae..7694cf0 100644
--- a/sources
+++ b/sources
@@ -1 +1,2 @@
86c63b2b5484f2060499a052b5b6256b udisks-1.0.4.tar.gz
+55a027cbee416985f9998bd8fbd016d3 buffer-overflow.patch
diff --git a/udisks.spec b/udisks.spec
index 4886efc..e8740c5 100644
--- a/udisks.spec
+++ b/udisks.spec
@@ -14,7 +14,7 @@
Summary: Storage Management Service
Name: udisks
Version: 1.0.4
-Release: 11%{?dist}
+Release: 12%{?dist}
License: GPLv2+
Group: System Environment/Libraries
URL: http://www.freedesktop.org/wiki/Software/udisks
@@ -72,6 +72,7 @@ Provides: DeviceKit-disks = 010
Patch0: udisks-1.0.4-neuter-stdout-and-stderr.patch
Patch1: fix_bash_completion.patch
+Patch2: buffer-overflow.patch
%description
udisks provides a daemon, D-Bus API and command line tools
@@ -94,6 +95,7 @@ D-Bus interface definitions and documentation for udisks.
%setup -q
%patch0 -p1
%patch1 -p1
+%patch2 -p1 -b .buffer-overflow
# https://bugzilla.redhat.com/show_bug.cgi?id=673544#c15
rm -f src/*-glue.h tools/*-glue.h
@@ -159,6 +161,9 @@ mv $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/udisks-bash-completion.sh \
# Note: please don't forget the %{?dist} in the changelog. Thanks
%changelog
+* Fri Mar 14 2014 Huzaifa Sidhpurwala <huzaifas at redhat.com> - 1.0.4-12
+- fix CVE-2014-0004
+
* Tue Feb 26 2013 Ville Skyttä <ville.skytta at iki.fi> - 1.0.4-11
- Move bash completion to %%{_sysconfdir}/bash_completion.d (#584569).
More information about the scm-commits
mailing list