From f3d8f17097e834fedd4f21a48123406a95af26a4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= <sergio@serjux.com>
Date: Thu, 3 Dec 2015 02:35:02 +0000
Subject: [PATCH] Fix CVE-2015-1038 (#1179505)

---
 p7zip.spec | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/p7zip.spec b/p7zip.spec
index 7edff1a..c4a0887 100644
--- a/p7zip.spec
+++ b/p7zip.spec
@@ -1,7 +1,7 @@
 Summary: Very high compression ratio file archiver
 Name: p7zip
 Version: 15.09
-Release: 3%{?dist}
+Release: 4%{?dist}
 # Files under C/Compress/Lzma/ are dual LGPL or CPL
 License: LGPLv2 and (LGPLv2+ or CPL)
 Group: Applications/Archiving
@@ -17,6 +17,7 @@ URL: http://p7zip.sourceforge.net/
 Source: p7zip_%{version}_src_all-norar.tar.bz2
 Patch0: p7zip_15.09-norar_cmake.patch
 Patch1: p7zip_15.09-s390.patch
+Patch2: p7zip-15.09-CVE-2015-1038.patch
 
 BuildRequires: cmake
 # BuildRequires: wxGTK3-devel wxGTK-devel # for 7zG GUI
@@ -45,6 +46,7 @@ This package contains also a virtual file system for Midnight Commander.
 %setup -q -n %{name}_%{version}
 %patch0 -p1 -b .norar_cmake
 %patch1 -p1 -b .s390
+%patch2 -p1 -b .CVE-2015-1038
 # Move docs early so that they don't get installed by "make install" and we
 # can include them in %%doc
 mv DOC docs
@@ -106,6 +108,9 @@ make install \
 
 
 %changelog
+* Thu Dec 03 2015 Sérgio Basto <sergio@serjux.com> - 15.09-4
+- Fix CVE-2015-1038 (#1179505)
+
 * Wed Dec 02 2015 Sérgio Basto <sergio@serjux.com> - 15.09-3
 - Fix build on s390 architecture (#1286992)