Security fix for CVE-2017-9239 (#1455859,#1455860)

2017-05-28 17:17:58 -05:00 · 2017-05-28 17:17:58 -05:00 · 520be409c7
commit 520be409c7
parent 00e309b52e
3 changed files with 8 additions and 2 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,3 @@
 /exiv2-0.25.tar.gz
 /exiv2-0.26-trunk.tar.gz
+/0006-1296-Fix-submitted.patch
--- a/exiv2.spec
+++ b/exiv2.spec
@ -6,13 +6,14 @@
 Summary: Exif and Iptc metadata manipulation library
 Name:	 exiv2
 Version: 0.26
-Release: 3%{?dist}
+Release: 4%{?dist}

 License: GPLv2+
 URL: 	 http://www.exiv2.org/
 Source0: http://www.exiv2.org/builds/exiv2-%{version}-trunk.tar.gz

-## upstream patches
+## upstream patches (lookaside cache)
+Patch6: 0006-1296-Fix-submitted.patch

 ## upstreamable patches
 Patch100: exiv2-doxygen.patch
@ -149,6 +150,9 @@ test -x %{buildroot}%{_libdir}/libexiv2.so


 %changelog
+* Sun May 28 2017 Rex Dieter <rdieter@fedoraproject.org> - 0.26-4
+- Security fix for CVE-2017-9239 (#1455859,#1455860)
+
 * Sat May 20 2017 Rex Dieter <rdieter@fedoraproject.org> - 0.26-3
 - -libs: use Recommends: instead (#1452938)

--- a/1
+++ b/1
@ -1 +1,2 @@
 SHA512 (exiv2-0.26-trunk.tar.gz) = 0caab1aeaab171201c1d19d21b8484a91d076e78c93c4a5fbb7e21510cc0eaff81b04f45434207d857ba0de5bd6e368743a1cc571d78a27b44e157f6b031f481
+SHA512 (0006-1296-Fix-submitted.patch) = 3f9242dbd4bfa9dcdf8c9820243b13dc14990373a800c4ebb6cf7eac5653cfefe6f2c47a94fbee4ed24f0d8c2842729d721f6100a2b215e0f663c89bfefe9e32