[SCM] Packaging for Red Eclipse branch, master, updated. debian/1.2-2-22-g39236fe
Martin Erik Werner
martinerikwerner at gmail.com
Tue Aug 7 19:29:46 UTC 2012
The following commit has been merged in the master branch:
commit 515d331cc9e8bd723f143b3fb65dc21f5f8b2588
Author: Martin Erik Werner <martinerikwerner at gmail.com>
Date: Mon Jul 23 23:44:16 2012 +0200
add security-text-command-fix.patch
File access security fix.
diff --git a/debian/changelog b/debian/changelog
index 9c6b1cd..bef6d69 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,6 @@
redeclipse (1.2-3) UNRELEASED; urgency=low
- * Add unversion lib dependency alternatives
+ * Add unversioned lib dependency alternatives
- libgl1-mesa-dev | libgl-dev
- libsdl1.2-dev | libsdl-dev
- lib1g-dev | libz-dev
@@ -11,6 +11,8 @@ redeclipse (1.2-3) UNRELEASED; urgency=low
- Removed build-with-debug-symbols.patch:
Now handled in d/rules instead
* Enable parallel build
+ * Add debian/patches/security-text-command-fix.patch
+ - File access security fix
-- Martin Erik Werner <martinerikwerner at gmail.com> Mon, 27 Feb 2012 13:53:19 +0100
diff --git a/debian/patches/security-text-command-fix.patch b/debian/patches/security-text-command-fix.patch
new file mode 100644
index 0000000..9121d8f
--- /dev/null
+++ b/debian/patches/security-text-command-fix.patch
@@ -0,0 +1,24 @@
+From 52fdd35c3ffc1ce2e568180eac2da93e179fef2a Mon Sep 17 00:00:00 2001
+From: eihrul <eihrul at 2cd6abe5-5779-42d9-9038-cec04ae5ff40>
+Date: Sun, 22 Jul 2012 21:22:55 +0000
+Subject: [PATCH] text command fix
+Comment:
+ This patch fixes a file access security issue which could allow a remote
+ attacker access local files by transmitting map script files.
+
+git-svn-id: https://redeclipse.svn.sourceforge.net/svnroot/redeclipse@3764 2cd6abe5-5779-42d9-9038-cec04ae5ff40
+---
+ src/engine/textedit.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/src/engine/textedit.h
++++ b/src/engine/textedit.h
+@@ -690,7 +690,7 @@
+
+ #define TEXTCOMMAND(f, s, d, body) ICOMMAND(0, f, s, d,\
+ editor *top = currentfocus();\
+- if(!top) return;\
++ if(!top || identflags&IDF_WORLD) return;\
+ body\
+ )
+
diff --git a/debian/patches/series b/debian/patches/series
index 15b0306..df1a5cf 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -2,3 +2,4 @@ windowed-by-default.patch
build-with-system-enet.patch
backported-fix-icon-sizes.patch
build-with-ldflags.patch
+security-text-command-fix.patch
--
Packaging for Red Eclipse
More information about the Pkg-games-commits
mailing list