[redeclipse] 388/494: add security-text-command-fix.patch

Martin Werner arand-guest at moszumanska.debian.org
Sun Jun 21 20:52:55 UTC 2015 

This is an automated email from the git hooks/post-receive script.

arand-guest pushed a commit to branch debdir
in repository redeclipse.

commit 6ee683ac7d9d4423187c0c808075846e59b74ae2
Author: Martin Erik Werner <martinerikwerner at gmail.com>
Date:   Mon Jul 23 23:44:16 2012 +0200

    add security-text-command-fix.patch
    
    File access security fix.
    
    Conflicts:
    	debian/changelog
    	debian/patches/series
---
 patches/security-text-command-fix.patch | 24 ++++++++++++++++++++++++
 patches/series                          |  1 +
 2 files changed, 25 insertions(+)

diff --git a/patches/security-text-command-fix.patch b/patches/security-text-command-fix.patch
new file mode 100644
index 0000000..9121d8f
--- /dev/null
+++ b/patches/security-text-command-fix.patch
@@ -0,0 +1,24 @@
+From 52fdd35c3ffc1ce2e568180eac2da93e179fef2a Mon Sep 17 00:00:00 2001
+From: eihrul <eihrul at 2cd6abe5-5779-42d9-9038-cec04ae5ff40>
+Date: Sun, 22 Jul 2012 21:22:55 +0000
+Subject: [PATCH] text command fix
+Comment:
+ This patch fixes a file access security issue which could allow a remote
+ attacker access local files by transmitting map script files.
+
+git-svn-id: https://redeclipse.svn.sourceforge.net/svnroot/redeclipse@3764 2cd6abe5-5779-42d9-9038-cec04ae5ff40
+---
+ src/engine/textedit.h |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/src/engine/textedit.h
++++ b/src/engine/textedit.h
+@@ -690,7 +690,7 @@
+ 
+ #define TEXTCOMMAND(f, s, d, body) ICOMMAND(0, f, s, d,\
+     editor *top = currentfocus();\
+-    if(!top) return;\
++    if(!top || identflags&IDF_WORLD) return;\
+     body\
+ )
+ 
diff --git a/patches/series b/patches/series
index 96b12ab..3c8e89e 100644
--- a/patches/series
+++ b/patches/series
@@ -2,3 +2,4 @@ windowed-by-default.patch
 build-with-debug-symbols.patch
 build-with-system-enet.patch
 backported-fix-icon-sizes.patch
+security-text-command-fix.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-games/redeclipse.git

More information about the Pkg-games-commits mailing list