Hello community, here is the log from the commit of package arts checked in at Tue Aug 1 16:37:14 CEST 2006. -------- --- KDE/arts/arts.changes 2006-07-04 07:58:06.000000000 +0200 +++ arts/arts.changes 2006-07-28 14:34:47.000000000 +0200 @@ -1,0 +2,6 @@ +Sun Jul 23 20:42:54 CEST 2006 - coolo@suse.de + +- update to aRts 1.5.4: + * add return value checks for set*uid() functions + +------------------------------------------------------------------- Old: ---- arts-1.5.3-autoconf.diff arts-1.5.3.tar.bz2 arts-setuid.diff New: ---- arts-1.5.4.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ arts.spec ++++++ --- /var/tmp/diff_new_pack.LLlTSG/_old 2006-08-01 16:36:03.000000000 +0200 +++ /var/tmp/diff_new_pack.LLlTSG/_new 2006-08-01 16:36:03.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package arts (Version 1.5.3) +# spec file for package arts (Version 1.5.4) # # Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -21,18 +21,16 @@ Provides: kdelibs3-artsd kdelibs-artsd Summary: Modular Software Synthesizer PreReq: permissions -Version: 1.5.3 -Release: 4 +Version: 1.5.4 +Release: 1 Source0: %{name}-%{version}.tar.bz2 #Patch0: 1_5_BRANCH.diff Patch2: no-informational-messages.diff -Patch3: arts-setuid.diff Patch4: resmgr-oss.diff Patch5: arts-vorbis-fix.dif Patch7: fortify_source.patch Patch8: arts-start-on-demand.diff Patch9: avoid_la_files.diff -Patch10: %{name}-%{version}-autoconf.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -85,13 +83,11 @@ %setup -q #%patch0 %patch2 -%patch3 %patch4 %patch5 %patch7 %patch8 %patch9 -%patch10 # no unsermake because of build dependencies hell make -f admin/Makefile.common cvs @@ -189,6 +185,9 @@ /opt/kde3/%_lib/*.la %changelog -n arts +* Sun Jul 23 2006 - coolo@suse.de +- update to aRts 1.5.4: + * add return value checks for set*uid() functions * Tue Jul 04 2006 - cthiel@suse.de - fix build * Wed Jun 07 2006 - dmueller@suse.de ++++++ arts-1.5.3.tar.bz2 -> arts-1.5.4.tar.bz2 ++++++ diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/arts-1.5.3/acinclude.m4 new/arts-1.5.4/acinclude.m4 --- old/arts-1.5.3/acinclude.m4 2006-05-23 22:16:17.000000000 +0200 +++ new/arts-1.5.4/acinclude.m4 2006-07-24 16:50:24.000000000 +0200 @@ -2747,7 +2747,7 @@ EXRSTATUS=old else kde_save_LIBS="$LIBS" - LIBS="$LIBS $all_libraries $USER_LDFLAGS $LIBZ `pkg-config --libs OpenEXR`" + LIBS="$LIBS $all_libraries $USER_LDFLAGS `pkg-config --libs OpenEXR` $LIBZ" AC_LANG_SAVE AC_LANG_CPLUSPLUS kde_save_CXXFLAGS="$CXXFLAGS" diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/arts-1.5.3/admin/acinclude.m4.in new/arts-1.5.4/admin/acinclude.m4.in --- old/arts-1.5.3/admin/acinclude.m4.in 2006-05-23 14:51:55.000000000 +0200 +++ new/arts-1.5.4/admin/acinclude.m4.in 2006-07-24 09:06:25.000000000 +0200 @@ -2747,7 +2747,7 @@ EXRSTATUS=old else kde_save_LIBS="$LIBS" - LIBS="$LIBS $all_libraries $USER_LDFLAGS $LIBZ `pkg-config --libs OpenEXR`" + LIBS="$LIBS $all_libraries $USER_LDFLAGS `pkg-config --libs OpenEXR` $LIBZ" AC_LANG_SAVE AC_LANG_CPLUSPLUS kde_save_CXXFLAGS="$CXXFLAGS" diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/arts-1.5.3/admin/cvs.sh new/arts-1.5.4/admin/cvs.sh --- old/arts-1.5.3/admin/cvs.sh 2006-05-23 14:51:55.000000000 +0200 +++ new/arts-1.5.4/admin/cvs.sh 2006-07-24 09:06:25.000000000 +0200 @@ -32,7 +32,7 @@ required_autoconf_version="2.53 or newer" AUTOCONF_VERSION=`$AUTOCONF --version | head -n 1` case $AUTOCONF_VERSION in - Autoconf*2.5* | autoconf*2.5* ) : ;; + Autoconf*2.5* | autoconf*2.5* | autoconf*2.6* ) : ;; "" ) echo "*** AUTOCONF NOT FOUND!." echo "*** KDE requires autoconf $required_autoconf_version" @@ -47,7 +47,7 @@ AUTOHEADER_VERSION=`$AUTOHEADER --version | head -n 1` case $AUTOHEADER_VERSION in - Autoconf*2.5* | autoheader*2.5* ) : ;; + Autoconf*2.5* | autoheader*2.5* | autoheader*2.6* ) : ;; "" ) echo "*** AUTOHEADER NOT FOUND!." echo "*** KDE requires autoheader $required_autoconf_version" @@ -316,7 +316,7 @@ fi fi if test -z "$VERSION" || test "$VERSION" = "@VERSION@"; then - VERSION="\"3.5.3\"" + VERSION="\"3.5.4\"" fi if test -z "$modulename" || test "$modulename" = "@MODULENAME@"; then modulename=`pwd`; diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/arts-1.5.3/arts.lsm new/arts-1.5.4/arts.lsm --- old/arts-1.5.3/arts.lsm 2006-05-23 13:16:17.000000000 +0200 +++ new/arts-1.5.4/arts.lsm 2006-07-23 16:05:21.000000000 +0200 @@ -1,7 +1,7 @@ Begin4 Title: arts -Version: 1.5.3 -Entered-date: 2006-05-23 +Version: 1.5.4 +Entered-date: 2006-08-02 Description: Soundserver for the K Desktop Environment (KDE) Keywords: KDE X11 desktop Qt Author: http://bugs.kde.org/ (KDE Bugtracking System) diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/arts-1.5.3/configure new/arts-1.5.4/configure --- old/arts-1.5.3/configure 2006-05-23 22:16:55.000000000 +0200 +++ new/arts-1.5.4/configure 2006-07-24 16:50:59.000000000 +0200 @@ -1704,7 +1704,7 @@ ARTS_MAJOR_VERSION=1 ARTS_MINOR_VERSION=5 -ARTS_MICRO_VERSION=3 +ARTS_MICRO_VERSION=4 ARTS_VERSION=$ARTS_MAJOR_VERSION.$ARTS_MINOR_VERSION.$ARTS_MICRO_VERSION am__api_version="1.9" diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/arts-1.5.3/configure.in new/arts-1.5.4/configure.in --- old/arts-1.5.3/configure.in 2006-05-23 22:16:18.000000000 +0200 +++ new/arts-1.5.4/configure.in 2006-07-24 16:50:25.000000000 +0200 @@ -21,7 +21,7 @@ dnl Version (we /might/ want to use libtool versioning, too) ARTS_MAJOR_VERSION=1 ARTS_MINOR_VERSION=5 -ARTS_MICRO_VERSION=3 +ARTS_MICRO_VERSION=4 ARTS_VERSION=$ARTS_MAJOR_VERSION.$ARTS_MINOR_VERSION.$ARTS_MICRO_VERSION dnl Automake doc recommends to do this only here. (Janos) diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/arts-1.5.3/configure.in.in new/arts-1.5.4/configure.in.in --- old/arts-1.5.3/configure.in.in 2006-05-23 13:16:17.000000000 +0200 +++ new/arts-1.5.4/configure.in.in 2006-07-23 16:05:21.000000000 +0200 @@ -17,7 +17,7 @@ dnl Version (we /might/ want to use libtool versioning, too) ARTS_MAJOR_VERSION=1 ARTS_MINOR_VERSION=5 -ARTS_MICRO_VERSION=3 +ARTS_MICRO_VERSION=4 ARTS_VERSION=$ARTS_MAJOR_VERSION.$ARTS_MINOR_VERSION.$ARTS_MICRO_VERSION dnl Automake doc recommends to do this only here. (Janos) diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/arts-1.5.3/flow/gsl/gslmagic.c new/arts-1.5.4/flow/gsl/gslmagic.c --- old/arts-1.5.3/flow/gsl/gslmagic.c 2005-09-10 10:13:33.000000000 +0200 +++ new/arts-1.5.4/flow/gsl/gslmagic.c 2006-07-22 10:07:03.000000000 +0200 @@ -616,7 +616,7 @@ return FALSE; do - ret = fstat (bfile->fd, &buf) < 0; + ret = fstat (bfile->fd, &buf); while (ret < 0 && errno == EINTR); if (ret < 0) { diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/arts-1.5.3/soundserver/artswrapper.c new/arts-1.5.4/soundserver/artswrapper.c --- old/arts-1.5.3/soundserver/artswrapper.c 2005-09-10 10:13:31.000000000 +0200 +++ new/arts-1.5.4/soundserver/artswrapper.c 2006-07-22 10:07:03.000000000 +0200 @@ -95,6 +95,10 @@ #else setreuid(-1, getuid()); #endif + if (geteuid() != getuid()) { + perror("setuid()"); + return 2; + } } if(argc == 0) diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/arts-1.5.3/soundserver/crashhandler.cc new/arts-1.5.4/soundserver/crashhandler.cc --- old/arts-1.5.3/soundserver/crashhandler.cc 2005-09-10 10:13:31.000000000 +0200 +++ new/arts-1.5.4/soundserver/crashhandler.cc 2006-07-22 10:07:03.000000000 +0200 @@ -196,7 +196,12 @@ argv[i++] = NULL; setgid(getgid()); - setuid(getuid()); + if (getuid() != geteuid()) + setuid(getuid()); + if (getuid() != geteuid()) { + perror("setuid()"); + exit(255); + } execvp(crashApp, argv); ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun...