From 8c4b7f61f8b8b47856e6f1d7abedd1c6cc4105c5 Mon Sep 17 00:00:00 2001
From: Ray Strode <rstrode@fedoraproject.org>
Date: Jan 26 2009 17:43:12 +0000
Subject: - Fix up python plugin path to close up a security attack vectors (bug

    481556).

---

diff --git a/gedit-2.25.5-fix-python-path.patch b/gedit-2.25.5-fix-python-path.patch
new file mode 100644
index 0000000..8d3a21a
--- /dev/null
+++ b/gedit-2.25.5-fix-python-path.patch
@@ -0,0 +1,13 @@
+diff -up gedit-2.25.5/plugin-loaders/python/gedit-plugin-loader-python.c.fix-python-path gedit-2.25.5/plugin-loaders/python/gedit-plugin-loader-python.c
+--- gedit-2.25.5/plugin-loaders/python/gedit-plugin-loader-python.c.fix-python-path	2009-01-26 12:36:50.289751027 -0500
++++ gedit-2.25.5/plugin-loaders/python/gedit-plugin-loader-python.c	2009-01-26 12:39:23.668963430 -0500
+@@ -541,6 +541,9 @@ gedit_python_init (GeditPluginLoaderPyth
+ 
+ 	PySys_SetArgv (1, argv);
+ 
++	/* Sanitize sys.path, see http://bugzilla.gnome.org/show_bug.cgi?id=569214 */
++	PyRun_SimpleString ("import sys; sys.path = filter(None, sys.path)");
++
+ 	if (!gedit_check_pygtk2 ())
+ 	{
+ 		/* Warning message already printed in check_pygtk2 */
diff --git a/gedit.spec b/gedit.spec
index 63ce86b..dc90608 100644
--- a/gedit.spec
+++ b/gedit.spec
@@ -18,7 +18,7 @@
 Summary:	Text editor for the GNOME desktop
 Name:		gedit
 Version: 	2.25.5
-Release: 	1%{?dist}
+Release: 	2%{?dist}
 Epoch:		1
 License:	GPLv2+ and GFDL
 Group:		Applications/Editors
@@ -42,6 +42,9 @@ Requires(postun):       desktop-file-utils >= %{desktop_file_utils_version}
 Patch1: gedit-2.13.90-libdir.patch
 %endif
 
+# http://bugzilla.gnome.org/show_bug.cgi?id=569214
+Patch2: gedit-2.25.5-fix-python-path.patch
+
 BuildRequires: gnome-common
 BuildRequires: glib2-devel >= %{glib2_version}
 BuildRequires: pango-devel >= %{pango_version}
@@ -106,6 +109,8 @@ Install gedit-devel if you want to write plugins for gedit.
 %patch1 -p1 -b .libdir
 %endif
 
+%patch2 -p1 -b .fix-python-path
+
 %build
 autoreconf -f -i
 %configure \
@@ -220,6 +225,10 @@ fi
 
 
 %changelog
+* Mon Jan 26 2009 Ray Strode <rstrode@redhat.com> - 1:2.25.5-2
+- Fix up python plugin path to close up a security attack
+  vectors (bug 481556).
+
 * Tue Jan 20 2009 Matthias Clasen <mclasen@redhat.com> - 1:2.25.5-1
 - Update to 2.25.5