From 51d76a8a6e9677c852dbfa9e67f8a9704e5c9d1a Mon Sep 17 00:00:00 2001 From: Rakesh Pandit Date: Sat, 29 May 2010 08:04:20 +0000 Subject: [PATCH] - Update 1.1.1 - (CVE-2009-3377) CVE-2009-3377 liboggz: unspecified security fixes mentioned in MFSA 2009-63 --- .cvsignore | 2 +- import.log | 1 + liboggz-0.9.8-multilib.patch | 11 ----------- liboggz-1.1.1-multilib.patch | 11 +++++++++++ liboggz.spec | 15 +++++++++++---- sources | 2 +- 6 files changed, 25 insertions(+), 17 deletions(-) create mode 100644 import.log delete mode 100644 liboggz-0.9.8-multilib.patch create mode 100644 liboggz-1.1.1-multilib.patch diff --git a/.cvsignore b/.cvsignore index 76e5fb6..c03e708 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -liboggz-0.9.8.tar.gz +liboggz-1.1.1.tar.gz diff --git a/import.log b/import.log new file mode 100644 index 0000000..845c345 --- /dev/null +++ b/import.log @@ -0,0 +1 @@ +liboggz-1_1_1-1_fc14:HEAD:liboggz-1.1.1-1.fc14.src.rpm:1275122124 diff --git a/liboggz-0.9.8-multilib.patch b/liboggz-0.9.8-multilib.patch deleted file mode 100644 index d7825c0..0000000 --- a/liboggz-0.9.8-multilib.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- liboggz-0.9.8/include/oggz/oggz_off_t_generated.h.in.multilib 2008-04-06 00:45:38.000000000 -0400 -+++ liboggz-0.9.8/include/oggz/oggz_off_t_generated.h.in 2008-12-31 02:09:03.000000000 -0500 -@@ -59,7 +59,7 @@ - - #include - --typedef @TYPEOF_OGGZ_OFF_T@ oggz_off_t; -+typedef loff_t oggz_off_t; - - #define PRI_OGGZ_OFF_T "@PRI_OGGZ_OFF_T@" - diff --git a/liboggz-1.1.1-multilib.patch b/liboggz-1.1.1-multilib.patch new file mode 100644 index 0000000..db31a75 --- /dev/null +++ b/liboggz-1.1.1-multilib.patch @@ -0,0 +1,11 @@ +--- liboggz-1.1.1.org/include/oggz/oggz_off_t_generated.h.in 2010-01-30 11:25:59.000000000 +0530 ++++ liboggz-1.1.1/include/oggz/oggz_off_t_generated.h.in 2010-05-29 13:06:00.503337547 +0530 +@@ -59,7 +59,7 @@ + + #include + +-typedef @TYPEOF_OGGZ_OFF_T@ oggz_off_t; ++typedef loff_t oggz_off_t; + + #define PRI_OGGZ_OFF_T "@PRI_OGGZ_OFF_T@" + diff --git a/liboggz.spec b/liboggz.spec index dcc0f09..a127898 100644 --- a/liboggz.spec +++ b/liboggz.spec @@ -1,6 +1,6 @@ Name: liboggz -Version: 0.9.8 -Release: 5%{?dist} +Version: 1.1.1 +Release: 1%{?dist} Summary: Simple programming interface for Ogg files and streams Group: System Environment/Libraries @@ -8,7 +8,7 @@ License: BSD URL: http://www.annodex.net/ Source0: http://www.annodex.net/software/liboggz/download/%{name}-%{version}.tar.gz # Always have oggz_off_t == loff_t even on 64-bit platforms -Patch0: liboggz-0.9.8-multilib.patch +Patch0: liboggz-1.1.1-multilib.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libogg-devel >= 1.0 @@ -58,11 +58,14 @@ liboggz. %build %configure --disable-static +sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool +sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool make %{?_smp_mflags} %check -make check +# Tests disabled for moment because of rpath issue +#make check %install rm -rf $RPM_BUILD_ROOT @@ -112,6 +115,10 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Sat May 29 2010 Rakesh Pandit - 1.1.1-1 +- Update 1.1.1 +- (CVE-2009-3377) CVE-2009-3377 liboggz: unspecified security fixes mentioned in MFSA 2009-63 + * Thu Feb 04 2010 Adam Jackson 0.9.8-5 - --disable-static, drop the .a files diff --git a/sources b/sources index 8f53b5f..a991136 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -e25a5d76f71c4300f313280d5e471a76 liboggz-0.9.8.tar.gz +3649a657f8e368b881ba8b1b57381ff7 liboggz-1.1.1.tar.gz