Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/media-sound/banshee/files/banshee-1.8.0-fix-insecure-lib-path.patch
diff options
context:
space:
mode:
Diffstat (limited to 'media-sound/banshee/files/banshee-1.8.0-fix-insecure-lib-path.patch')
-rw-r--r--media-sound/banshee/files/banshee-1.8.0-fix-insecure-lib-path.patch31
1 files changed, 31 insertions, 0 deletions
diff --git a/media-sound/banshee/files/banshee-1.8.0-fix-insecure-lib-path.patch b/media-sound/banshee/files/banshee-1.8.0-fix-insecure-lib-path.patch
new file mode 100644
index 000000000000..5c400124098c
--- /dev/null
+++ b/media-sound/banshee/files/banshee-1.8.0-fix-insecure-lib-path.patch
@@ -0,0 +1,31 @@
+From 835c37e99196303195c88932169b73e975115e52 Mon Sep 17 00:00:00 2001
+From: Aaron Bockover <abockover@novell.com>
+Date: Wed, 20 Oct 2010 16:22:40 +0000
+Subject: Fix insecure LD_LIBRARY_PATH (bnc#642505)
+
+A vulnerability existed where if LD_LIBRARY_PATH were set but empty, a
+trailing : as a path separator would still be appended to the path,
+exposing an insecure/invalid search path. GST_PLUGINS_PATH was similarly
+vulnerable.
+
+Using :+: instead of +: prevents this as ${X:+:$X} returns X iff X is
+set and not empty whereas ${X+:$X} returns X iff X is set (it may be
+empty).
+---
+diff --git a/src/Clients/Booter/banshee-1.linux.in b/src/Clients/Booter/banshee-1.linux.in
+index 9009797..11e8ccd 100644
+--- a/src/Clients/Booter/banshee-1.linux.in
++++ b/src/Clients/Booter/banshee-1.linux.in
+@@ -7,8 +7,8 @@ MONO_EXE="@expanded_libdir@/@PACKAGE@/$exec_asm"
+ BANSHEE_EXEC_NAME=$(basename $0)
+ BANSHEE_CONFIG_DIR="${XDG_CONFIG_HOME:-$HOME/.config}/banshee-1"
+
+-export LD_LIBRARY_PATH=@expanded_libdir@/@PACKAGE@:@expanded_libdir@/@PACKAGE@/Extensions:@expanded_libdir@/@PACKAGE@/Backends:@expanded_libdir@${LD_LIBRARY_PATH+:$LD_LIBRARY_PATH}
+-export GST_PLUGIN_PATH=@expanded_libdir@/@PACKAGE@/gstreamer-0.10${GST_PLUGIN_PATH+:$GST_PLUGIN_PATH}
++export LD_LIBRARY_PATH=@expanded_libdir@/@PACKAGE@:@expanded_libdir@/@PACKAGE@/Extensions:@expanded_libdir@/@PACKAGE@/Backends:@expanded_libdir@${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}
++export GST_PLUGIN_PATH=@expanded_libdir@/@PACKAGE@/gstreamer-0.10${GST_PLUGIN_PATH:+:$GST_PLUGIN_PATH}
+ if [ $BANSHEE_EXEC_NAME = "muinshee" ]; then
+ BANSHEE_CLIENT="Muinshee"
+ export MONO_PATH=@expanded_libdir@/@PACKAGE@/Extensions
+--
+cgit v0.8.3.1