[TeXmacs/el5] Update to fix CVE-2010-3394
tremble
tremble at fedoraproject.org
Wed Sep 17 12:39:54 UTC 2014
commit d15f748713e1a449ac6af961e0ad423fd7faf634
Author: Mark Chappell <mchappel at redhat.com>
Date: Wed Sep 17 14:37:02 2014 +0200
Update to fix CVE-2010-3394
TeXmacs-CVE-2010-3394.patch | 30 ++++++++++++++++++++++++++++++
TeXmacs.spec | 11 ++++++++---
2 files changed, 38 insertions(+), 3 deletions(-)
---
diff --git a/TeXmacs-CVE-2010-3394.patch b/TeXmacs-CVE-2010-3394.patch
new file mode 100644
index 0000000..1d20d4e
--- /dev/null
+++ b/TeXmacs-CVE-2010-3394.patch
@@ -0,0 +1,30 @@
+diff -up TeXmacs-1.0.7.9-src/misc/bundle/TeXmacs.CVE-2010-3394 TeXmacs-1.0.7.9-src/misc/bundle/TeXmacs
+--- TeXmacs-1.0.7.9-src/misc/bundle/TeXmacs.CVE-2010-3394 2010-12-17 20:13:31.000000000 +0100
++++ TeXmacs-1.0.7.9-src/misc/bundle/TeXmacs 2011-02-11 06:42:08.237433283 +0100
+@@ -7,12 +7,12 @@ export LAUNCH_SCRIPT LAUNCH_DIR
+ RESOURCES_DIR="$LAUNCH_DIR/../Resources"
+ #PATH=/opt/local/bin:$PATH
+ PATH="$RESOURCES_DIR/bin:$PATH"
+-DYLD_LIBRARY_PATH="$RESOURCES_DIR/lib${DYLD_LIBRARY_PATH+":$DYLD_LIBRARY_PATH"}"
++DYLD_LIBRARY_PATH="$RESOURCES_DIR/lib"${DYLD_LIBRARY_PATH:+":$DYLD_LIBRARY_PATH"}
+ export RESOURCES_DIR PATH DYLD_LIBRARY_PATH
+
+ TEXMACS_PATH="$RESOURCES_DIR/share/TeXmacs"
+ PATH="$TEXMACS_PATH/bin:$PATH"
+-DYLD_LIBRARY_PATH="$TEXMACS_PATH/lib${DYLD_LIBRARY_PATH+":$DYLD_LIBRARY_PATH"}"
++DYLD_LIBRARY_PATH="$TEXMACS_PATH/lib"${DYLD_LIBRARY_PATH:+":$DYLD_LIBRARY_PATH"}
+ export TEXMACS_PATH PATH DYLD_LIBRARY_PATH
+
+ #GS_LIB=".:$RESOURCES_DIR/ghostscript/8.61/lib:$RESOURCES_DIR/ghostscript/8.61/Resource:$RESOURCES_DIR/ghostscript/fonts:$RESOURCES_DIR/fonts/default/ghostscript:$RESOURCES_DIR/fonts/default/Type1:$RESOURCES_DIR/fonts/default/TrueType:/usr/lib/DPS/outline/base:/usr/openwin/lib/X11/fonts/Type1:/usr/openwin/lib/X11/fonts/TrueType:/usr/share/cups/fonts"
+diff -up TeXmacs-1.0.7.9-src/plugins/mupad/bin/tm_mupad_help.CVE-2010-3394 TeXmacs-1.0.7.9-src/plugins/mupad/bin/tm_mupad_help
+--- TeXmacs-1.0.7.9-src/plugins/mupad/bin/tm_mupad_help.CVE-2010-3394 2010-12-17 20:13:17.000000000 +0100
++++ TeXmacs-1.0.7.9-src/plugins/mupad/bin/tm_mupad_help 2011-02-11 06:45:01.507533316 +0100
+@@ -26,7 +26,7 @@ export MuPAD_ROOT_PATH
+
+ SYSINFO=`$MuPAD_ROOT_PATH/share/bin/sysinfo`
+ export SYSINFO
+-LD_LIBRARY_PATH=$LD_LIBRARY_PATH:${MuPAD_ROOT_PATH}/${SYSINFO}/lib:/usr/local/X11R6/motif-2.0/lib:/usr/local/X11R6/lib:$MuPAD_ROOT_PATH/$SYSINFO/bin
++LD_LIBRARY_PATH=${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}${MuPAD_ROOT_PATH}/${SYSINFO}/lib:/usr/local/X11R6/motif-2.0/lib:/usr/local/X11R6/lib:$MuPAD_ROOT_PATH/$SYSINFO/bin
+ export LD_LIBRARY_PATH
+
+ XKEYSYMDB=$MuPAD_ROOT_PATH/share/unix/XKeysymDB
diff --git a/TeXmacs.spec b/TeXmacs.spec
index 93d455a..23fa02f 100644
--- a/TeXmacs.spec
+++ b/TeXmacs.spec
@@ -1,14 +1,15 @@
Name: TeXmacs
Version: 1.0.7.2
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: Structured wysiwyg scientific text editor
Group: Applications/Editors
License: GPLv2+
URL: http://www.texmacs.org
Source: ftp://ftp.texmacs.org/pub/TeXmacs/targz/TeXmacs-%{version}-src.tar.gz
-Patch5: TeXmacs-1.6.0.7-rdelim.patch
-Patch7: TeXmacs-psfix.patch
+Patch4: TeXmacs-CVE-2010-3394.patch
+Patch5: TeXmacs-1.6.0.7-rdelim.patch
+Patch7: TeXmacs-psfix.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: tetex
Requires: tetex-fonts
@@ -62,6 +63,7 @@ Development files required to create TeXmacs plugins.
%prep
%setup -q -n TeXmacs-%{version}-src
+%patch4 -p1
%patch5 -p1
%patch7 -p1
sed -i "s|LDPATH = \@CONFIG_BPATH\@|LDPATH =|" src/makefile.in
@@ -170,6 +172,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Wed Sep 17 2014 Mark Chappell <tremble at tremble.org.uk> - 1.0.7.2-3
+- Patch for CVE-2010-3394
+
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.7.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
More information about the scm-commits
mailing list