[CVS] OpenPKG: OPENPKG_2_0_SOLID: openpkg-src/cvs/ cvs.patch cvs.spec

Wed, 19 May 2004 12:09:32 -0700 

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Ralf S. Engelschall
  Root:   /e/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src                      Date:   19-May-2004 21:09:34
  Branch: OPENPKG_2_0_SOLID                Handle: 2004051920093300

  Modified files:           (Branch: OPENPKG_2_0_SOLID)
    openpkg-src/cvs         cvs.patch cvs.spec

  Log:
    apply security bugfix (OpenPKG-SA-2004.022-cvs, CAN-2004-0396)

  Summary:
    Revision    Changes     Path
    1.4.2.2     +27 -0      openpkg-src/cvs/cvs.patch
    1.82.2.3    +1  -1      openpkg-src/cvs/cvs.spec
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-src/cvs/cvs.patch
  ============================================================================
  $ cvs diff -u -r1.4.2.1 -r1.4.2.2 cvs.patch
  --- openpkg-src/cvs/cvs.patch 14 Apr 2004 17:46:50 -0000      1.4.2.1
  +++ openpkg-src/cvs/cvs.patch 19 May 2004 19:09:33 -0000      1.4.2.2
  @@ -70,3 +70,30 @@
        /* if this is a directory to ignore, add it to that list */
        if (mname[0] == '!' && mname[1] != '\0')
        {
  +
  +=============================================================================
  +
  +Security Bugfixes
  +(OpenPKG-SA-2004.022-cvs, CAN-2004-0396)
  +
  +Index: src/server.c
  +--- src/server.c.orig        2004-05-19 21:05:23.000000000 +0200
  ++++ src/server.c     2004-05-19 21:05:34.000000000 +0200
  +@@ -1618,7 +1618,7 @@
  +         && strncmp (arg, name, cp - name) == 0)
  +     {
  +         timefield = strchr (cp + 1, '/') + 1;
  +-        if (*timefield != '=')
  ++        if (*timefield == '/')
  +         {
  +             cp = timefield + strlen (timefield);
  +             cp[1] = '\0';
  +@@ -1661,7 +1661,7 @@
  +         && strncmp (arg, name, cp - name) == 0)
  +     {
  +         timefield = strchr (cp + 1, '/') + 1;
  +-        if (!(timefield[0] == 'M' && timefield[1] == '/'))
  ++        if (*timefield == '/')
  +         {
  +             cp = timefield + strlen (timefield);
  +             cp[1] = '\0';
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/cvs/cvs.spec
  ============================================================================
  $ cvs diff -u -r1.82.2.2 -r1.82.2.3 cvs.spec
  --- openpkg-src/cvs/cvs.spec  14 Apr 2004 17:46:50 -0000      1.82.2.2
  +++ openpkg-src/cvs/cvs.spec  19 May 2004 19:09:33 -0000      1.82.2.3
  @@ -38,7 +38,7 @@
   Group:        SCM
   License:      GPL
   Version:      %{V_cvs}
  -Release:      2.0.1
  +Release:      2.0.2
   
   #   package options
   %option       with_fsl         yes
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [EMAIL PROTECTED]

Reply via email to