Avoid directory traversal CVE-2015-0552. rhbz#1179126

This commit is contained in:
Marc-André Lureau 2015-01-06 12:33:15 +01:00
parent bdeea204f7
commit 112040abc1

View File

@ -1,12 +1,13 @@
Name: gcab Name: gcab
Version: 0.4 Version: 0.4
Release: 6%{?dist} Release: 7%{?dist}
Summary: Cabinet file library and tool Summary: Cabinet file library and tool
License: LGPLv2+ License: LGPLv2+
#VCS: git:git://git.gnome.org/gcab #VCS: git:git://git.gnome.org/gcab
URL: http://ftp.gnome.org/pub/GNOME/sources/gcab URL: http://ftp.gnome.org/pub/GNOME/sources/gcab
Source0: http://ftp.gnome.org/pub/GNOME/sources/gcab/%{version}/%{name}-%{version}.tar.xz Source0: http://ftp.gnome.org/pub/GNOME/sources/gcab/%{version}/%{name}-%{version}.tar.xz
Patch0001: 0001-Avoid-path-traversal.patch
BuildRequires: intltool BuildRequires: intltool
BuildRequires: vala-tools BuildRequires: vala-tools
@ -35,6 +36,7 @@ Libraries, includes, etc. to compile with the gcab library.
%prep %prep
%setup -q %setup -q
%patch0001 -p1
%build %build
# --enable-fast-install is needed to fix libtool "cannot relink `gcab'" # --enable-fast-install is needed to fix libtool "cannot relink `gcab'"
@ -72,6 +74,9 @@ rm -f %{buildroot}%{_libdir}/*.la
%{_libdir}/pkgconfig/libgcab-1.0.pc %{_libdir}/pkgconfig/libgcab-1.0.pc
%changelog %changelog
* Tue Jan 06 2015 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.4-7
- Avoid directory traversal CVE-2015-0552. rhbz#1179126
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4-6 * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild