- update to 2.2.6b, fixes CVE-2009-3736: libltdl may load and execute codelibtool-2_2_6-16_fc12

from a library in the current directory
author: Karsten Hopp <karsten@fedoraproject.org> 2009-12-02 11:20:28 +0000
committer: Karsten Hopp <karsten@fedoraproject.org> 2009-12-02 11:20:28 +0000
commit: d71ca8096fd34ca18767405357be87da7e63af8a (patch)
tree: bfa0bbe87d5ef50aa00279967545df4eb1a25260
parent: 4fe6c734d04c4cf0150999c950ca426850e730d1 (diff)
2 files changed, 7 insertions, 3 deletions
diff --git a/libtool.spec b/libtool.spec
index 7a30ae6..b5f5915 100644
--- a/libtool.spec
+++ b/libtool.spec
@@ -3,10 +3,10 @@
 Summary: The GNU Portable Library Tool
 Name:    libtool
 Version: 2.2.6
-Release: 15%{?dist}
+Release: 16%{?dist}
 License: GPLv2+ and LGPLv2+ and GFDL
 Group:   Development/Tools
-Source:  http://ftp.gnu.org/gnu/libtool/libtool-%{version}a.tar.lzma
+Source:  http://ftp.gnu.org/gnu/libtool/libtool-%{version}b.tar.lzma
 Patch0:  libtool-2.2.6a-rpath.patch
 URL:     http://www.gnu.org/software/libtool/
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-%(%{__id_u} -n)
@@ -142,6 +142,10 @@ fi
 
 
 %changelog
+* Wed Dec 02 2009 Karsten Hopp <karsten@redhat.com> 2.2.6-16
+- update to 2.2.6b, fixes CVE-2009-3736:
+  libltdl may load and execute code from a library in the current directory
+
 * Mon Oct 19 2009 Jakub Jelinek <jakub@redhat.com> 2.2.6-15
 - Rebuild for gcc 4.4.2
 
diff --git a/sources b/sources
index 81ee173..2d32d92 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-b121e4848cc53fdd69e796aed73b9ccf  libtool-2.2.6a.tar.lzma
+a4b36980765003b47dd75ac9429f4f11  libtool-2.2.6b.tar.lzma
author	Karsten Hopp <karsten@fedoraproject.org>	2009-12-02 11:20:28 +0000
committer	Karsten Hopp <karsten@fedoraproject.org>	2009-12-02 11:20:28 +0000
commit	d71ca8096fd34ca18767405357be87da7e63af8a (patch)
tree	bfa0bbe87d5ef50aa00279967545df4eb1a25260
parent	4fe6c734d04c4cf0150999c950ca426850e730d1 (diff)