tags 606151 + patch tags 606151 + pending tags 606151 + fixed-upstream thanks
Dear maintainer, I've prepared an NMU for nordugrid-arc-nox (versioned as 1.1.0~rc6-2.1) and uploaded it to DELAYED/1. Please feel free to tell me if I should delay it longer. Regards. -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
diff -Nru nordugrid-arc-nox-1.1.0~rc6/debian/changelog nordugrid-arc-nox-1.1.0~rc6/debian/changelog --- nordugrid-arc-nox-1.1.0~rc6/debian/changelog 2010-04-27 05:17:21.000000000 +0100 +++ nordugrid-arc-nox-1.1.0~rc6/debian/changelog 2010-12-18 13:36:55.000000000 +0000 @@ -1,3 +1,11 @@ +nordugrid-arc-nox (1.1.0~rc6-2.1) unstable; urgency=high + + * Non-maintainer upload. + * CVE-2010-3372: Fix insecure library loading. Patch + cherry-picked from upstream (closes: #606151) + + -- Jonathan Wiltshire <j...@debian.org> Sat, 18 Dec 2010 13:36:49 +0000 + nordugrid-arc-nox (1.1.0~rc6-2) unstable; urgency=low * Fix for glibmm 2.24 (Closes: #577884) diff -Nru nordugrid-arc-nox-1.1.0~rc6/debian/patches/CVE-2010-3372 nordugrid-arc-nox-1.1.0~rc6/debian/patches/CVE-2010-3372 --- nordugrid-arc-nox-1.1.0~rc6/debian/patches/CVE-2010-3372 1970-01-01 01:00:00.000000000 +0100 +++ nordugrid-arc-nox-1.1.0~rc6/debian/patches/CVE-2010-3372 2010-12-18 13:30:05.000000000 +0000 @@ -0,0 +1,57 @@ +Description: fix insecure library loading (CVE-2010-3372) +Origin: http://svn.nordugrid.org/trac/nordugrid/changeset/18980 +Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606151 +Forwarded: not-needed +Last-Update: 2010-12-18 + +--- nordugrid-arc-nox-1.1.0~rc6.orig/src/services/a-rex/a-rex.in ++++ nordugrid-arc-nox-1.1.0~rc6/src/services/a-rex/a-rex.in +@@ -71,10 +71,18 @@ + libdir="$location/lib" + libdir64="$location/lib64" + if [ -d "$libdir64" ] ; then +- LD_LIBRARY_PATH="$libdir64:$LD_LIBRARY_PATH" ++ if [ "x$LD_LIBRARY_PATH" = "x" ]; then ++ LD_LIBRARY_PATH="$libdir64" ++ else ++ LD_LIBRARY_PATH="$libdir64:$LD_LIBRARY_PATH" ++ fi + fi + if [ -d "$libdir" ] ; then +- LD_LIBRARY_PATH="$libdir:$LD_LIBRARY_PATH" ++ if [ "x$LD_LIBRARY_PATH" = "x" ]; then ++ LD_LIBRARY_PATH="$libdir" ++ else ++ LD_LIBRARY_PATH="$libdir:$LD_LIBRARY_PATH" ++ fi + fi + fi + fi +@@ -278,7 +286,11 @@ + add_library_path "$GRIDSITE_LOCATION" + add_library_path "$VOMS_LOCATION" + add_library_path "$GLOBUS_LOCATION" +-LD_LIBRARY_PATH=$ARC_LOCATION/@libsubdir@:$LD_LIBRARY_PATH ++if [ "x$LD_LIBRARY_PATH" = "x" ]; then ++ LD_LIBRARY_PATH=$ARC_LOCATION/@libsubdir@ ++else ++ LD_LIBRARY_PATH=$ARC_LOCATION/@libsubdir@:$LD_LIBRARY_PATH ++fi + SASL_PATH=${SASL_PATH:-$GLOBUS_LOCATION/lib/sasl} + export LD_LIBRARY_PATH SASL_PATH + +--- nordugrid-arc-nox-1.1.0~rc6.orig/src/services/a-rex/lrms/submit_common.sh.in ++++ nordugrid-arc-nox-1.1.0~rc6/src/services/a-rex/lrms/submit_common.sh.in +@@ -312,7 +312,11 @@ + fi + export GLOBUS_LOCATION + export ARC_LOCATION +- export LD_LIBRARY_PATH="$GLOBUS_LOCATION/lib:$LD_LIBRARY_PATH" ++ if [ "x$LD_LIBRARY_PATH" = "x" ]; then ++ export LD_LIBRARY_PATH="$GLOBUS_LOCATION/lib" ++ else ++ export LD_LIBRARY_PATH="$GLOBUS_LOCATION/lib:$LD_LIBRARY_PATH" ++ fi + export SASL_PATH="$GLOBUS_LOCATION/lib/sasl" + export X509_USER_KEY="${RUNTIME_CONTROL_DIR}/job.local.proxy" + export X509_USER_CERT="${RUNTIME_CONTROL_DIR}/job.local.proxy" diff -Nru nordugrid-arc-nox-1.1.0~rc6/debian/patches/series nordugrid-arc-nox-1.1.0~rc6/debian/patches/series --- nordugrid-arc-nox-1.1.0~rc6/debian/patches/series 2010-04-27 05:19:50.000000000 +0100 +++ nordugrid-arc-nox-1.1.0~rc6/debian/patches/series 2010-12-18 13:23:38.000000000 +0000 @@ -1 +1,2 @@ debian-changes-1.1.0~rc6-2 +CVE-2010-3372
signature.asc
Description: Digital signature
