jreznik pushed to kdelibs3 (epel7). "fix security issues in libltdl bundle within kdelibs CVE-2009-3736"

notifications at fedoraproject.org notifications at fedoraproject.org
Thu Apr 2 15:36:02 UTC 2015 

>From ada66a22acc625cef5fcec66e1ad887b6761e481 Mon Sep 17 00:00:00 2001
From: Than Ngo <than at fedoraproject.org>
Date: Mon, 7 Dec 2009 15:16:22 +0000
Subject: fix security issues in libltdl bundle within kdelibs CVE-2009-3736


diff --git a/kdelibs3.spec b/kdelibs3.spec
index 06d0254..0801e41 100644
--- a/kdelibs3.spec
+++ b/kdelibs3.spec
@@ -27,7 +27,7 @@
 
 Summary: K Desktop Environment 3 - Libraries
 Version: 3.5.10
-Release: 20%{?dist}
+Release: 21%{?dist}
 
 Name: kdelibs3
 Obsoletes: kdelibs < 6:%{version}-%{release}
@@ -97,6 +97,8 @@ Patch204: kdelibs-3.5.10-cve-2009-1698.patch
 Patch205: kdelibs-3.5.10-CVE-2009-2702.patch
 # fix oCERT-2009-015 - unrestricted XMLHttpRequest access to local URLs
 Patch206: kdelibs-3.5.10-oCERT-2009-015-xmlhttprequest.patch
+# CVE-2009-3736, libltdl may load and execute code from a library in the current directory
+Patch207: libltdl-CVE-2009-3736.patch
 
 Requires: hicolor-icon-theme
 %if %{kde_settings}
@@ -249,6 +251,7 @@ format for easy browsing
 %patch204 -p1 -b .cve-2009-1698
 %patch205 -p1 -b .cve-2009-2702
 %patch206 -p0 -b .oCERT-2009-015-xmlhttprequest
+%patch207 -p1 -b .CVE-2009-3736
 
 sed -i -e "s,^#define KDE_VERSION_STRING .*,#define KDE_VERSION_STRING \"%{version}-%{release} %{distname}\"," kdecore/kdeversion.h
 
@@ -572,6 +575,9 @@ touch --no-create %{_datadir}/icons/crystalsvg 2> /dev/null || :
 
 
 %changelog
+* Mon Dec 07 2009 Than Ngo <than at redhat.com> - 3.5.10-21
+- fix security issues in libltdl bundle within kdelibs CVE-2009-3736
+
 * Mon Nov  2 2009 Lukáš Tinkl <ltinkl at redhat.com> - 3.5.10-20
 - fix unrestricted XMLHttpRequest access to local URLs (oCERT-2009-015), #532428
 
diff --git a/libltdl-CVE-2009-3736.patch b/libltdl-CVE-2009-3736.patch
new file mode 100644
index 0000000..d49c117
--- /dev/null
+++ b/libltdl-CVE-2009-3736.patch
@@ -0,0 +1,22 @@
+diff -ur arts-orig/libltdl/ltdl.c arts-1.1.3/libltdl/ltdl.c
+--- arts-orig/libltdl/ltdl.c	2003-07-13 21:33:39.000000000 +0200
++++ arts-1.1.3/libltdl/ltdl.c	2009-11-19 16:09:29.000000000 +0100
+@@ -1544,7 +1544,8 @@
+   /* try to open the old library first; if it was dlpreopened,
+      we want the preopened version of it, even if a dlopenable
+      module is available */
+-  if (old_name && tryall_dlopen(handle, old_name) == 0)
++  if (old_name && tryall_dlopen(handle, old_name,
++                                advise, lt_dlloader_find ("lt_preopen") ) == 0)
+     {
+       return 0;
+     }
+@@ -2158,7 +2159,7 @@
+ 	  }
+ #endif
+       }
+-    if (!file)
++    else
+       {
+ 	file = fopen (filename, LT_READTEXT_MODE);
+       }
-- 
cgit v0.10.2


	http://pkgs.fedoraproject.org/cgit/kdelibs3.git/commit/?h=epel7&id=ada66a22acc625cef5fcec66e1ad887b6761e481

More information about the scm-commits mailing list