From 048acd811066b4bd27d74d15aa54be198560b7d5 Mon Sep 17 00:00:00 2001 From: Pawel Salek Date: Tue, 9 Mar 2010 20:51:03 +0000 Subject: [PATCH] Fix CVE-2009-2408 (#571817). --- .cvsignore | 3 +-- libesmtp.spec | 8 ++++++-- sources | 2 +- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/.cvsignore b/.cvsignore index 81d258f..fbedc65 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,3 +1,2 @@ -libesmtp-1.0.4-ssl.patch -libesmtp-build.patch libesmtp-1.0.4.tar.bz2 +libesmtp-571817.patch diff --git a/libesmtp.spec b/libesmtp.spec index 9f11beb..f3e5210 100644 --- a/libesmtp.spec +++ b/libesmtp.spec @@ -3,11 +3,12 @@ Summary: SMTP client library Name: libesmtp Version: 1.0.4 -Release: 12%{?dist} +Release: 13%{?dist} License: LGPLv2+ Group: System Environment/Libraries Source: http://www.stafford.uklinux.net/libesmtp/%{name}-%{version}.tar.bz2 Patch1: libesmtp-build.patch +Patch2: libesmtp-571817.patch URL: http://www.stafford.uklinux.net/libesmtp/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: openssl-devel pkgconfig @@ -37,7 +38,7 @@ necessary for building programs against libesmtp. %prep %setup -q %patch1 -p1 -b .build -#%patch2 -p1 -b .ssl +%patch2 -p0 -b .571817 # Keep rpmlint happy about libesmtp-debuginfo... chmod a-x htable.c @@ -101,6 +102,9 @@ rm -rf $RPM_BUILD_ROOT %{_libdir}/pkgconfig/libesmtp.pc %changelog +* Tue Mar 9 2010 Pawel Salek - 1.0.4-13 +- fix CVE-2009-2408 (#571817). + * Fri Aug 21 2009 Tomas Mraz - 1.0.4-12 - rebuilt with new openssl diff --git a/sources b/sources index 39c6642..54215e3 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -8ddc9f7691fa3561e4a73dafb6658369 libesmtp-1.0.4-ssl.patch 8b4e8a794adc46268f0c6a0b3fb79486 libesmtp-1.0.4.tar.bz2 +72783c588531b1ec2cab92b042977945 libesmtp-571817.patch