Hello community, here is the log from the commit of package rhythmbox for openSUSE:Factory checked in at 2012-07-24 16:11:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rhythmbox (Old) and /work/SRC/openSUSE:Factory/.rhythmbox.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rhythmbox", Maintainer is "gnome-maintainers@suse.de" Changes: -------- --- /work/SRC/openSUSE:Factory/rhythmbox/rhythmbox.changes 2012-06-26 17:29:12.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.rhythmbox.new/rhythmbox.changes 2012-07-24 17:22:31.000000000 +0200 @@ -1,0 +2,6 @@ +Tue Jul 24 11:15:36 UTC 2012 - vuntz@opensuse.org + +- Add rhythmbox-CVE-2012-3355.patch: fix insecure temporary + directory use in context plugin. Fix bnc#768681, CVE-2012-3355. + +------------------------------------------------------------------- New: ---- rhythmbox-CVE-2012-3355.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rhythmbox.spec ++++++ --- /var/tmp/diff_new_pack.xIBa2h/_old 2012-07-24 17:22:38.000000000 +0200 +++ /var/tmp/diff_new_pack.xIBa2h/_new 2012-07-24 17:22:38.000000000 +0200 @@ -24,6 +24,8 @@ Group: Productivity/Multimedia/Sound/Players Url: http://www.gnome.org/projects/rhythmbox/ Source: http://download.gnome.org/sources/rhythmbox/2.97/%{name}-%{version}.tar.xz +# PATCH-FIX-UPSTREAM rhythmbox-CVE-2012-3355.patch CVE-2012-3355 bnc#768681 vuntz@opensuse.org -- Fix insecure temporary directory use in context plugin +Patch0: rhythmbox-CVE-2012-3355.patch BuildRequires: gnome-doc-utils-devel BuildRequires: gobject-introspection-devel BuildRequires: intltool @@ -97,6 +99,7 @@ %prep %setup -q translation-update-upstream +%patch0 -p1 %build export MOZILLA_PLUGINDIR=%{_libdir}/browser-plugins ++++++ rhythmbox-CVE-2012-3355.patch ++++++
From 01a829f549a0fd90ad8c8befd0793fa5f133f8f8 Mon Sep 17 00:00:00 2001 From: Jonathan Matthew <jonathan@d14n.org> Date: Tue, 24 Jul 2012 10:43:36 +0000 Subject: context: remove the module_context parameter (bug #678661)
Caching the template modules doesn't really buy us anything, and there is the possibility that it could be used to load hostile code into another user's process (since the module directory was under /tmp). If it turns out we need the cache, we should put it somewhere under the XDG cache dir. --- diff --git a/plugins/context/AlbumTab.py b/plugins/context/AlbumTab.py index 5d32171..61b3a1a 100644 --- a/plugins/context/AlbumTab.py +++ b/plugins/context/AlbumTab.py @@ -125,10 +125,8 @@ class AlbumView (GObject.GObject): def load_tmpl (self): self.path = rb.find_plugin_file (self.plugin, 'tmpl/album-tmpl.html') self.loading_path = rb.find_plugin_file (self.plugin, 'tmpl/loading.html') - self.album_template = Template (filename = self.path, - module_directory = '/tmp/context') - self.loading_template = Template (filename = self.loading_path, - module_directory = '/tmp/context') + self.album_template = Template (filename = self.path) + self.loading_template = Template (filename = self.loading_path) self.styles = self.basepath + '/tmpl/main.css' def album_list_ready (self, ds): diff --git a/plugins/context/ArtistTab.py b/plugins/context/ArtistTab.py index daa6027..4859991 100644 --- a/plugins/context/ArtistTab.py +++ b/plugins/context/ArtistTab.py @@ -123,8 +123,8 @@ class ArtistView (GObject.GObject): def load_tmpl (self): self.path = rb.find_plugin_file(self.plugin, 'tmpl/artist-tmpl.html') self.loading_path = rb.find_plugin_file (self.plugin, 'tmpl/loading.html') - self.template = Template (filename = self.path, module_directory = '/tmp/context/') - self.loading_template = Template (filename = self.loading_path, module_directory = '/tmp/context') + self.template = Template (filename = self.path) + self.loading_template = Template (filename = self.loading_path) self.styles = self.basepath + '/tmpl/main.css' def connect_signals (self): diff --git a/plugins/context/LinksTab.py b/plugins/context/LinksTab.py index 326024a..519e46c 100644 --- a/plugins/context/LinksTab.py +++ b/plugins/context/LinksTab.py @@ -106,8 +106,7 @@ class LinksView (GObject.GObject): self.path = rb.find_plugin_file(self.plugin, 'tmpl/links-tmpl.html') self.images = self.basepath + '/img/links/' self.styles = self.basepath + '/tmpl/main.css' - self.template = Template (filename = self.path, - module_directory = '/tmp/context/') + self.template = Template (filename = self.path) self.file = self.template.render (error = ds.get_error (), artist = ds.get_artist(), diff --git a/plugins/context/LyricsTab.py b/plugins/context/LyricsTab.py index 96b44c4..c8b1fed 100644 --- a/plugins/context/LyricsTab.py +++ b/plugins/context/LyricsTab.py @@ -110,10 +110,8 @@ class LyricsView (GObject.GObject): def load_tmpl (self): self.path = rb.find_plugin_file(self.plugin, 'tmpl/lyrics-tmpl.html') self.loading_path = rb.find_plugin_file (self.plugin, 'tmpl/loading.html') - self.template = Template (filename = self.path, - module_directory = '/tmp/context/') - self.loading_template = Template (filename = self.loading_path, - module_directory = '/tmp/context') + self.template = Template (filename = self.path) + self.loading_template = Template (filename = self.loading_path) self.styles = self.basepath + '/tmpl/main.css' def lyrics_ready (self, ds, entry, lyrics): -- cgit v0.9.0.2 -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org