From e401cfbc4c416c64406f03168764c90c04b4387d Mon Sep 17 00:00:00 2001
From: Patrick Laughton <jima@fedoraproject.org>
Date: Apr 30 2007 16:59:26 +0000
Subject: - New upstream version (mostly bugfixes)

- Previous release pre-emptively fixed CVE-2006-7162/BZ#231726
- Added patch to make "private" files (keys/logs) non-executable

---

diff --git a/.cvsignore b/.cvsignore
index e7ae832..17c5d73 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1,2 +1,2 @@
-putty-0.59.tar.gz
-putty-0.59.tar.gz.RSA
+putty-0.60.tar.gz
+putty-0.60.tar.gz.RSA
diff --git a/putty-perms.patch b/putty-perms.patch
new file mode 100644
index 0000000..36b6099
--- /dev/null
+++ b/putty-perms.patch
@@ -0,0 +1,11 @@
+--- putty-0.60/unix/uxmisc.c.orig	2007-01-20 08:13:57.000000000 -0600
++++ putty-0.60/unix/uxmisc.c	2007-04-30 11:26:17.000000000 -0500
+@@ -143,7 +143,7 @@
+ 	int fd;
+ 	assert(mode[0] == 'w');	       /* is_private is meaningless for read */
+ 	fd = open(filename.path, O_WRONLY | O_CREAT | O_TRUNC,
+-		      0700);
++		      0600);
+ 	if (fd < 0)
+ 	    return NULL;
+ 	return fdopen(fd, mode);
diff --git a/putty.spec b/putty.spec
index 5736f55..1558395 100644
--- a/putty.spec
+++ b/putty.spec
@@ -1,5 +1,5 @@
 Name:		putty
-Version:	0.59
+Version:	0.60
 Release:	1%{?dist}
 Summary:	SSH, Telnet and Rlogin client
 License:	MIT
@@ -9,6 +9,7 @@ Source0:	http://the.earth.li/~sgtatham/putty/latest/%{name}-%{version}.tar.gz
 Source1:	http://the.earth.li/~sgtatham/putty/latest/%{name}-%{version}.tar.gz.RSA
 Source2:	putty.desktop
 Source3:	putty.png
+Patch0:		putty-perms.patch
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:	gtk+-devel desktop-file-utils sed
 
@@ -18,6 +19,7 @@ Putty is a SSH, Telnet & Rlogin client - this time for Linux.
 %prep
 
 %setup -q
+%patch0 -p1
 
 %build
 %{__sed} -i -e "/.*sbcsdat.c/d" manifest
@@ -60,6 +62,11 @@ install -m644 -D -p %{SOURCE3} $RPM_BUILD_ROOT%{_datadir}/pixmaps/putty.png
 rm -rf $RPM_BUILD_ROOT
 
 %changelog
+* Mon Apr 30 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 0.60-1
+- New upstream version (mostly bugfixes)
+- Previous release pre-emptively fixed CVE-2006-7162/BZ#231726
+- Added patch to make "private" files (keys/logs) non-executable
+
 * Thu Jan 25 2007 Patrick "Jima" Laughton <jima@beer.tclug.org> 0.59-1
 - New upstream version
 - Macro-ized Source filenames
diff --git a/sources b/sources
index e022a80..b97610e 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-2c90f3aecd2e4b41df61fb047a6c8f11  putty-0.59.tar.gz
-fc538a0396a66be1424477c669d84c66  putty-0.59.tar.gz.RSA
+07e65fd98b16d115ae38a180bfb242e2  putty-0.60.tar.gz
+6e81a3ce4c32b02d656b1654d4cdf193  putty-0.60.tar.gz.RSA