From 9ced860187c3f139b8f560e53b35b922df4a53f4 Mon Sep 17 00:00:00 2001 From: Robert Scheck Date: Dec 08 2007 16:41:56 +0000 Subject: Added a patch to fix some stack based overflows (CVE-2007-2807) --- diff --git a/.cvsignore b/.cvsignore index d7bd660..747037d 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1,2 @@ eggdrop1.6.18.tar.gz +01_CVE-2007-2807_servmsg.patch diff --git a/eggdrop.spec b/eggdrop.spec index 93c2a55..d00ef5b 100644 --- a/eggdrop.spec +++ b/eggdrop.spec @@ -1,14 +1,15 @@ Summary: The world's most popular Open Source IRC bot Name: eggdrop Version: 1.6.18 -Release: 10%{?dist} +Release: 12%{?dist} License: GPLv2+ Group: Applications/Communications URL: http://www.eggheads.org/ Source: ftp://ftp.eggheads.org/pub/eggdrop/source/1.6/%{name}%{version}.tar.gz Patch0: eggdrop-1.6.17-conf.patch Patch1: eggdrop-1.6.17-langdir.patch -BuildRequires: tcl-devel >= 8.3, bind-devel, zlib-devel +Patch2: http://nion.modprobe.de/01_CVE-2007-2807_servmsg.patch +BuildRequires: tcl-devel >= 8.3, bind-devel, zlib-devel, gawk BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) %description @@ -21,6 +22,7 @@ able to form botnets, share partylines and userfiles between bots. %setup -q -n %{name}%{version} %patch0 -p1 -b .conf %patch1 -p1 -b .langdir +%patch2 -p0 -b .servmsg %build %configure @@ -62,6 +64,12 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man?/* %changelog +* Sat Dec 08 2007 Robert Scheck 1.6.18-12 +- Added a patch to fix some stack based overflows (CVE-2007-2807) + +* Wed Aug 29 2007 Fedora Release Engineering - 1.6.18-11 +- Rebuild for selinux ppc32 issue. + * Tue Aug 28 2007 Robert Scheck 1.6.18-10 - Updated the license tag according to the guidelines diff --git a/sources b/sources index 0d0a8d7..8f47144 100644 --- a/sources +++ b/sources @@ -1 +1,2 @@ c2734a51926bdf0380d8bb53f5a7b2ee eggdrop1.6.18.tar.gz +2fbfe01fcd56b94d364b5af81569ef7c 01_CVE-2007-2807_servmsg.patch