updated: libindi, libpng, cups, sudo, sylpheed and tar

git-svn-id: http://trac.vinelinux.org/repos/projects/specs@1393 ec354946-7b23-47d6-9f5a-488ba84defc7

c/cups/cups-vl.spec

@@ -8,7 +8,7 @@
 Summary: Common Unix Printing System
 Name: cups
 Version: 1.3.11
-Release: 1%{?_dist_release}
+Release: 6%{?_dist_release}
 License: GPL
 Group: System Environment/Daemons
 
@@ -67,6 +67,14 @@ Patch23: cups-str2101.patch
 # use mpage for text-ps filter instead of texttops
 Patch210: cups-1.3.7-cjktexttops.patch
 
+# security fixes
+Patch300: cups-1.3.8-CVE-2010-0393.patch
+Patch310: cups-1.3.x_CVE-2010-0540.patch
+Patch320: cups-1.3.11_CVE-2010-0542.patch
+Patch330: cups-1.3.11_CVE-2010-1748.patch
+Patch340: cups-CVE-2009-2820.patch
+Patch350: cups-CVE-2009-3553.patch
+
 Url: http://www.cups.org/
 BuildRoot: %{_tmppath}/%{name}-root
 PreReq: chkconfig initscripts perl alternatives
@@ -203,6 +211,13 @@ Common UNIX Printing SystemはUNIX操作環境においてポータブルな印
 
 %patch210 -p1 -b .cjktexttops
 
+%patch300 -p1 -b .CVE-2010-0393
+%patch310 -p0 -b .CVE-2010-0540
+%patch340 -p1 -b .CVE-2009-2820
+%patch350 -p1 -b .CVE-2009-3553
+%patch320 -p1 -b .CVE-2010-0542
+%patch330 -p1 -b .CVE-2010-1748
+
 perl -pi -e 's,^#(DefaultCharset\s)utf-8,$1notused,' conf/cupsd.conf.in
 perl -pi -e 's,^#(Printcap\s+/etc/printcap),$1,' conf/cupsd.conf.in
 perl -pi -e 's,^#(MaxLogSize\s+0),$1,' conf/cupsd.conf.in
@@ -228,10 +243,10 @@ export CPPFLAGS="$CPPFLAGS -I/usr/include/avahi-compat-libdns_sd"
 
 %configure --with-docdir=%{_datadir}/%{name}/www \
 	--with-optim="$RPM_OPT_FLAGS $CFLAGS -fstack-protector-all" \
+	--disable-slp \
 	--with-log-file-perm=0600 --enable-pie --enable-relro \
 	--enable-pdftops --with-dbusdir=%{_sysconfdir}/dbus-1
 
-
 perl -pi -e "s,^DSO	=.*,DSO=gcc -fpic," Makedefs
 
 # If we got this far, all prerequisite libraries must be here.
@@ -242,6 +257,7 @@ rm -rf $RPM_BUILD_ROOT
 
 make BUILDROOT=$RPM_BUILD_ROOT install 
 
+
 # Include Till Kamppeter's dnssd backend.
 %if %use_avahi
 install -m 755 %{SOURCE3} $RPM_BUILD_ROOT%{_libdir}/%{name}/backend/dnssd
@@ -463,7 +479,13 @@ rm -rf $RPM_BUILD_ROOT
 %{_bindir}/cupstestppd
 %{_bindir}/cupstestdsc
 %{_bindir}/cancel*
-%{_bindir}/lp*
+%{_bindir}/lp.cups
+%{_bindir}/lpoptions
+%attr(4755,root,root) %{_bindir}/lppasswd
+%{_bindir}/lpq.cups
+%{_bindir}/lpr.cups
+%{_bindir}/lprm.cups
+%{_bindir}/lpstat.cups
 %dir %{_libdir}/cups
 %dir %{_libdir}/cups/backend
 %{_libdir}/cups/backend/http
@@ -533,6 +555,26 @@ rm -rf $RPM_BUILD_ROOT
 %endif
 
 %changelog
+* Sun Jul  4 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.3.11-6
+- add --disable-slp option in configure
+
+* Sun Jul  4 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.3.11-5
+- add Patch340 for fix CVE-2009-2820
+- add Patch350 for fix CVE-2009-3553
+- patch340,350 are from rhel5
+
+* Sun Jul  4 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.3.11-4
+- fix changelog typo
+- add Patch310 for fix CVE-2010-0540 (texttop)
+- add Patch320 for fix CVE-2010-0542 (web IF CSRF)
+- add Patch330 for fix CVE-2010-1748 (web IF uninit memory read)
+
+* Sun Mar  7 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.3.11-3
+- setuid 0 to lppasswd binary
+
+* Sat Mar  6 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.3.11-2
+- add Patch300 for fix CVE-2010-0393 (lppasswd)
+
 * Fri Jul 10 2009 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.3.11-1
 - new upstream release
 

lib/libi/libindi/libindi-vl.spec

@@ -1,7 +1,7 @@
 Name: libindi
-Version: 0.6
-Release: 11%{?_dist_release}
 Summary: Instrument Neutral Distributed Interface
+Version: 0.6
+Release: 12%{?_dist_release}
 
 Group: System Environment/Libraries
 License: LGPLv2+ and GPLv2+
@@ -23,6 +23,8 @@ BuildRequires: cfitsio-devel
 BuildRequires: zlib-devel
 BuildRequires: libnova-devel libfli-devel
 
+Conflicts: kdeedu3
+
 %description
 INDI is a distributed control protocol designed to operate
 astronomical instrumentation. INDI is small, flexible, easy to parse,
@@ -84,6 +86,9 @@ rm -fr %{buildroot}
 %{_libdir}/*.a
 
 %changelog
+* Wed Jul  7 2010 Ryoichi INAGAKI <ryo1@bc.wakwak.com> - 0.6-12
+- added Conflicts: kdeedu3
+
 * Sat Apr 17 2010 Ryoichi INAGAKI <ryo1@bc.wakwak.com> - 0.6-11
 - rebuilt with new toolchain and libnova-0.13
 

lib/libp/libpng/libpng-vl.spec

@@ -3,7 +3,7 @@
 Summary: A library of functions for manipulating PNG image format files.
 Summary(ja): PNG画像形式ファイル操作用の関数ライブラリ
 Name: libpng
-Version: 1.2.43
+Version: 1.2.44
 Release: 2%{_dist_release}
 License: distributable
 Group: System Environment/Libraries
@@ -153,6 +153,11 @@ the libpng package.
 %endif
 
 %changelog
+* Sun Jul 18 2010 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2:1.2.44-2
+- sync with Vine Linux 5 updates release
+  * Tue Jun 29 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2:1.2.44-1
+  - new upstream release with security fix (CVE-2010-1205)
+
 * Thu Apr 22 2010 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2:1.2.43-2
 - sync with Vine Linux 5 updates release
   * Sun Mar  7 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 2:1.2.43-1

s/sudo/sudo-vl.spec

@@ -1,7 +1,7 @@
 Summary: Allows command execution as root for specified users
 Summary(ja): スーパーユーザ権限でのコマンドの実行
 Name: sudo
-Version: 1.7.2p4
+Version: 1.7.2p7
 Release: 1%{?_dist_release}
 License: ISC-style
 Group: Applications/System
@@ -111,7 +111,7 @@ rm -rf $RPM_BUILD_ROOT
 %attr(4111,root,root) %{_bindir}/sudoedit
 %attr(0755,root,root) %{_sbindir}/visudo
 %{_libexecdir}/sudo_noexec.*
-%{_mandir}/man5/sudoers.5*
+%{_mandir}/man5/sudoers*.5*
 %{_mandir}/man8/sudo.8*
 %{_mandir}/man8/sudoedit.8*
 %{_mandir}/man8/visudo.8*
@@ -120,6 +120,14 @@ rm -rf $RPM_BUILD_ROOT
 /bin/chmod 0440 /etc/sudoers || :
 
 %changelog
+* Sun Jun 20 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p7-1
+- new upstream release with security fix (CVE-2010-1646) 
+- change specfile name (-vl)
+
+* Sun Apr 25 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p6-1
+- new upstream release with security fix (CVE-2010-1163)
+- add sudoers.ldap.5 into files section
+
 * Wed Feb 24 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.7.2p4-1
 - new upstream release with security fix (CVE-2010-0426)
 - update Patch3

s/sylpheed/sylpheed-vl.spec

@@ -8,7 +8,7 @@
 Summary:	GTK+ based fast e-mail client
 Summary(ja):	GTK+ ベースの高速な電子メールクライアント
 Name:		sylpheed
-Version:	3.0.1
+Version:	3.0.2
 Release:	1%{?_dist_release}
 License:	GPL
 Group:		Applications/Internet
@@ -139,6 +139,9 @@ Sylpheedには以下のような特長があります。
 %config(missingok) %{_datadir}/applications/sylpheed.desktop
 
 %changelog
+* Sat Apr  3 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 3.0.2-1
+- new upstream release
+
 * Sun Mar 21 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 3.0.1-1
 - new upstream release 
 

t/tar/tar-vl.spec

@@ -2,7 +2,7 @@ Summary: A GNU file archiving program.
 Summary(ja): GNU ファイルアーカイブプログラム
 Name: tar
 Version: 1.22
-Release: 3%{?_dist_release}
+Release: 4%{?_dist_release}
 License: GPLv3+
 Group: Applications/Archiving
 Source: ftp://ftp.gnu.org/pub/gnu/tar/tar-%{version}.tar.gz
@@ -11,6 +11,7 @@ Patch8: tar-1.20-loneZeroWarning.patch
 Patch10: tar-1.15.1-gcc4.patch
 # adhoc but useful patch for z option accepts bzip2ed tarball.
 Patch100: tar-1.13.6-barterly.patch
+Patch110: tar-1.22-rtapelib-overflow.patch
 Requires(post,postun): install-info
 Buildroot: %{_tmppath}/%{name}-%{version}-root
 
@@ -47,7 +48,7 @@ tar はマルチボリュームサポート、自動アーカイブ圧縮/伸長
 %patch0 -p1 -b .manpage
 %patch8 -p1 -b .loneZeroWarning
 %patch100 -p1 -b .accept-bz2
-
+%patch110 -p1 -b .CVE-2010-0624
 
 
 %build
@@ -109,6 +110,9 @@ rm -rf ${RPM_BUILD_ROOT}
 
 
 %changelog
+* Tue Mar 16 2010 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> - 1.22-4
+- add patch110 for fix CVE-2010-0624 (rmt) from fc11
+
 * Thu Apr 30 2009 MATSUBAYASHI Kohji <shaolin@vinelinux.org> - 1.22-3
 - add missing documents