From 24ce4518b27914927cac2839fb472abbeb1f1f0b Mon Sep 17 00:00:00 2001
From: Tom Callaway <spot@fedoraproject.org>
Date: Tue, 30 May 2017 12:38:16 -0400
Subject: [PATCH] 2017.3.23

---
 ntfs-3g.spec                                  | 21 +++++-----
 ...3g_ntfsprogs-2016.2.22-CVE-2017-0358.patch | 38 -------------------
 sources                                       |  2 +-
 3 files changed, 10 insertions(+), 51 deletions(-)
 delete mode 100644 ntfs-3g_ntfsprogs-2016.2.22-CVE-2017-0358.patch

diff --git a/ntfs-3g.spec b/ntfs-3g.spec
index 3aa5525..1aae6c6 100644
--- a/ntfs-3g.spec
+++ b/ntfs-3g.spec
@@ -15,8 +15,8 @@
 
 Name:		ntfs-3g
 Summary:	Linux NTFS userspace driver
-Version:	2016.2.22
-Release:	4%{?dist}
+Version:	2017.3.23
+Release:	1%{?dist}
 License:	GPLv2+
 Group:		System Environment/Base
 # Upstream source includes non-free ntfsprogs/boot.c
@@ -43,11 +43,6 @@ Obsoletes:	ntfsprogs-fuse
 Provides:	fuse-ntfs-3g = %{epoch}:%{version}-%{release}
 Patch0:		ntfs-3g_ntfsprogs-2011.10.9-RC-ntfsck-unsupported-return-0.patch
 Patch1:		CVE-2015-3202.patch
-# http://seclists.org/oss-sec/2017/q1/259
-# Fedora doesn't setuid ntfs-3g
-# but since it's possible some users might
-# we will patch it anyways.
-Patch2:		ntfs-3g_ntfsprogs-2016.2.22-CVE-2017-0358.patch
 
 %description
 NTFS-3G is a stable, open source, GPL licensed, POSIX, read/write NTFS 
@@ -93,7 +88,6 @@ included utilities see man 8 ntfsprogs after installation).
 %prep
 %setup -q -n %{name}_ntfsprogs-%{version}%{?subver}
 %patch0 -p1 -b .unsupported
-%patch2 -p1 -b .CVE20170358
 
 cp %{SOURCE2} ntfsprogs/boot.c
 
@@ -211,13 +205,9 @@ cp -a %{SOURCE1} %{buildroot}%{_datadir}/hal/fdi/policy/10osvendor/
 %endif
 %if %{oldrhel}
 /bin/ntfs-3g.probe
-/bin/ntfs-3g.secaudit
-/bin/ntfs-3g.usermap
 /bin/lowntfs-3g
 %else
 %{_bindir}/ntfs-3g.probe
-%{_bindir}/ntfs-3g.secaudit
-%{_bindir}/ntfs-3g.usermap
 %{_bindir}/lowntfs-3g
 %endif
 %if %{oldrhel}
@@ -251,6 +241,8 @@ cp -a %{SOURCE1} %{buildroot}%{_datadir}/hal/fdi/policy/10osvendor/
 /bin/ntfsfix
 /bin/ntfsinfo
 /bin/ntfsls
+/bin/ntfssecaudit
+/bin/ntfsusermap
 %else
 %license COPYING
 %{_bindir}/ntfscat
@@ -259,6 +251,8 @@ cp -a %{SOURCE1} %{buildroot}%{_datadir}/hal/fdi/policy/10osvendor/
 %{_bindir}/ntfsfix
 %{_bindir}/ntfsinfo
 %{_bindir}/ntfsls
+%{_bindir}/ntfssecaudit
+%{_bindir}/ntfsusermap
 %endif
 # Extras
 %if %{oldrhel}
@@ -304,6 +298,9 @@ cp -a %{SOURCE1} %{buildroot}%{_datadir}/hal/fdi/policy/10osvendor/
 %exclude %{_mandir}/man8/ntfs-3g*
 
 %changelog
+* Tue May 30 2017 Tom Callaway <spot@fedoraproject.org> - 2:2017.3.23-1
+- update to 2017.3.23
+
 * Wed Feb  8 2017 Tom Callaway <spot@fedoraproject.org> - 2:2016.2.22-4
 - apply patch for CVE-2017-0358
 - NOTE: Fedora does not setuid ntfs-3g, so it should not be vulnerable 
diff --git a/ntfs-3g_ntfsprogs-2016.2.22-CVE-2017-0358.patch b/ntfs-3g_ntfsprogs-2016.2.22-CVE-2017-0358.patch
deleted file mode 100644
index 025e96a..0000000
--- a/ntfs-3g_ntfsprogs-2016.2.22-CVE-2017-0358.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-diff -up ntfs-3g_ntfsprogs-2016.2.22/src/lowntfs-3g.c.CVE20170358 ntfs-3g_ntfsprogs-2016.2.22/src/lowntfs-3g.c
---- ntfs-3g_ntfsprogs-2016.2.22/src/lowntfs-3g.c.CVE20170358	2017-02-08 16:08:08.133934273 -0500
-+++ ntfs-3g_ntfsprogs-2016.2.22/src/lowntfs-3g.c	2017-02-08 16:08:42.652134630 -0500
-@@ -3827,13 +3827,14 @@ static fuse_fstype load_fuse_module(void
- 	struct stat st;
- 	pid_t pid;
- 	const char *cmd = "/sbin/modprobe";
-+	char *env = (char*)NULL;
- 	struct timespec req = { 0, 100000000 };   /* 100 msec */
- 	fuse_fstype fstype;
-         
- 	if (!stat(cmd, &st) && !geteuid()) {
- 		pid = fork();
- 		if (!pid) {
--			execl(cmd, cmd, "fuse", NULL);
-+			execle(cmd, cmd, "fuse", NULL, &env);
- 			_exit(1);
- 		} else if (pid != -1)
- 			waitpid(pid, NULL, 0);
-diff -up ntfs-3g_ntfsprogs-2016.2.22/src/ntfs-3g.c.CVE20170358 ntfs-3g_ntfsprogs-2016.2.22/src/ntfs-3g.c
---- ntfs-3g_ntfsprogs-2016.2.22/src/ntfs-3g.c.CVE20170358	2017-02-08 16:09:05.923595527 -0500
-+++ ntfs-3g_ntfsprogs-2016.2.22/src/ntfs-3g.c	2017-02-08 16:09:42.448749391 -0500
-@@ -3612,13 +3612,14 @@ static fuse_fstype load_fuse_module(void
- 	struct stat st;
- 	pid_t pid;
- 	const char *cmd = "/sbin/modprobe";
-+	char *env = (char*)NULL;
- 	struct timespec req = { 0, 100000000 };   /* 100 msec */
- 	fuse_fstype fstype;
- 	
- 	if (!stat(cmd, &st) && !geteuid()) {
- 		pid = fork();
- 		if (!pid) {
--			execl(cmd, cmd, "fuse", NULL);
-+			execle(cmd, cmd, "fuse", NULL, &env);
- 			_exit(1);
- 		} else if (pid != -1)
- 			waitpid(pid, NULL, 0);
diff --git a/sources b/sources
index 80db28e..f5e21ef 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-86fff2fe6e775e0fbb7f865a3f534f31  ntfs-3g_ntfsprogs-clean-2016.2.22.tgz
+SHA512 (ntfs-3g_ntfsprogs-clean-2017.3.23.tgz) = 4b9e9e5212bff05c675454a22a9ad5277325ed398dd44b32035f01b6925d648fe69557fc31b6229c6f59cc797870c388ba55ccc58c42d7657f5eb6b1aea8b516