diff options
| -rw-r--r-- | libtool-1.5.24-relativepath.patch | 14 | ||||
| -rw-r--r-- | libtool.spec | 7 |
2 files changed, 5 insertions, 16 deletions
diff --git a/libtool-1.5.24-relativepath.patch b/libtool-1.5.24-relativepath.patch deleted file mode 100644 index 1549b2f..0000000 --- a/libtool-1.5.24-relativepath.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff -up libtool-1.5.24/libltdl/ltdl.c.relativepath libtool-1.5.24/libltdl/ltdl.c ---- libtool-1.5.24/libltdl/ltdl.c.relativepath 2007-06-01 07:04:54.000000000 +0200 -+++ libtool-1.5.24/libltdl/ltdl.c 2007-07-24 12:56:22.000000000 +0200 -@@ -3225,7 +3225,9 @@ try_dlopen (phandle, filename) - } - if (!file) - { -- file = fopen (filename, LT_READTEXT_MODE); -+ /* don't open .la files in current directory, root might get tricked to run a binary in a prepared directory */ -+ if(!strncmp((filename + strlen(filename) - 3), LTDL_ARCHIVE_EXT,3) || strstr(filename,"/")) -+ file = fopen (filename, LT_READTEXT_MODE); - } - - /* If we didn't find the file by now, it really isn't there. Set diff --git a/libtool.spec b/libtool.spec index 679f41f..88de92d 100644 --- a/libtool.spec +++ b/libtool.spec @@ -1,9 +1,9 @@ -%define gcc_version 4.4.1 +%define gcc_version 4.4.2 Summary: The GNU Portable Library Tool Name: libtool Version: 2.2.6b -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ and LGPLv2+ and GFDL Group: Development/Tools Source: http://ftp.gnu.org/gnu/libtool/libtool-%{version}.tar.lzma @@ -142,6 +142,9 @@ fi %changelog +* Wed Dec 02 2009 Karsten Hopp <karsten@redhat.com> 2.2.6b-2 +- fix gcc version + * Tue Dec 01 2009 Karsten Hopp <karsten@redhat.com> 2.2.6b-1 - update to 2.2.6b, fixes CVE-2009-3736: libltdl may load and execute code from a library in the current directory |