diff options
author | Daniel Gryniewicz <dang@gentoo.org> | 2009-02-24 17:25:43 +0000 |
---|---|---|
committer | Daniel Gryniewicz <dang@gentoo.org> | 2009-02-24 17:25:43 +0000 |
commit | a2039241b51453dd457005f2048004850d09c5f9 (patch) | |
tree | 6d89ad734694b7983d84581811d2940040319ddc /media-gfx/eog | |
parent | Remove bashism in init.d file (diff) | |
download | gentoo-2-a2039241b51453dd457005f2048004850d09c5f9.tar.gz gentoo-2-a2039241b51453dd457005f2048004850d09c5f9.tar.bz2 gentoo-2-a2039241b51453dd457005f2048004850d09c5f9.zip |
Sanitize python paths. Bug #257002
(Portage version: 2.1.6.7/cvs/Linux x86_64)
Diffstat (limited to 'media-gfx/eog')
-rw-r--r-- | media-gfx/eog/ChangeLog | 11 | ||||
-rw-r--r-- | media-gfx/eog/eog-2.22.3-r3.ebuild (renamed from media-gfx/eog/eog-2.22.3-r2.ebuild) | 7 | ||||
-rw-r--r-- | media-gfx/eog/files/eog-2.22.3-CVE-2008-5987.patch | 12 |
3 files changed, 27 insertions, 3 deletions
diff --git a/media-gfx/eog/ChangeLog b/media-gfx/eog/ChangeLog index 3f17e223bb6c..c53583de7092 100644 --- a/media-gfx/eog/ChangeLog +++ b/media-gfx/eog/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for media-gfx/eog # Copyright 2002-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-gfx/eog/ChangeLog,v 1.226 2009/02/23 19:58:36 josejx Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-gfx/eog/ChangeLog,v 1.227 2009/02/24 17:25:43 dang Exp $ + +*eog-2.22.3-r3 (24 Feb 2009) + + 24 Feb 2009; Daniel Gryniewicz <dang@gentoo.org> + +files/eog-2.22.3-CVE-2008-5987.patch, -eog-2.22.3-r2.ebuild, + +eog-2.22.3-r3.ebuild: + Bump to eog-2.22.3-r3 + + - Sanitize python paths. Bug #257002 23 Feb 2009; Joseph Jezak <josejx@gentoo.org> eog-2.24.3.1.ebuild: Marked ~ppc/~ppc64 for bug #242812. diff --git a/media-gfx/eog/eog-2.22.3-r2.ebuild b/media-gfx/eog/eog-2.22.3-r3.ebuild index 057e564c0b36..679b26a96272 100644 --- a/media-gfx/eog/eog-2.22.3-r2.ebuild +++ b/media-gfx/eog/eog-2.22.3-r3.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2008 Gentoo Foundation +# Copyright 1999-2009 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/media-gfx/eog/eog-2.22.3-r2.ebuild,v 1.1 2008/10/11 23:35:20 eva Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-gfx/eog/eog-2.22.3-r3.ebuild,v 1.1 2009/02/24 17:25:43 dang Exp $ inherit eutils gnome2 @@ -59,6 +59,9 @@ src_unpack() { # Don't fail on unrecognized chunks, bug #237835 epatch "${FILESDIR}/${P}-unrecognized-chunks.patch" + + # Sanitize python paths. bug #257002 + epatch "${FILESDIR}"/${P}-CVE-2008-5987.patch } pkg_postinst() { diff --git a/media-gfx/eog/files/eog-2.22.3-CVE-2008-5987.patch b/media-gfx/eog/files/eog-2.22.3-CVE-2008-5987.patch new file mode 100644 index 000000000000..8de379384b36 --- /dev/null +++ b/media-gfx/eog/files/eog-2.22.3-CVE-2008-5987.patch @@ -0,0 +1,12 @@ +--- a/src/eog-python-module.c ++++ b/src/eog-python-module.c +@@ -388,6 +388,9 @@ + + PySys_SetArgv (1, argv); + ++ /* Sanitize sys.path */ ++ PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)"); ++ + if (!check_pygtk2 ()) { + /* Warning message already printed in check_pygtk2 */ + goto python_init_error; |