From 2fc7fd7b58ae5adb6acb38e38f725eb38da9c000 Mon Sep 17 00:00:00 2001 From: Hans Ulrich Niedermann Date: Feb 11 2010 19:18:24 +0000 Subject: - Fix CVE-2009-3736 (#563980, #537941) - Change define macros into global macros --- diff --git a/libtool-1.5.26-Backport-of-libltdl-changes-from-the-2.26b-release.patch b/libtool-1.5.26-Backport-of-libltdl-changes-from-the-2.26b-release.patch new file mode 100644 index 0000000..912a128 --- /dev/null +++ b/libtool-1.5.26-Backport-of-libltdl-changes-from-the-2.26b-release.patch @@ -0,0 +1,119 @@ +From 29b48580df75f0c5baa2962548a4c101ec7ed7ec Mon Sep 17 00:00:00 2001 +From: Peter O'Gorman +Date: Tue, 24 Nov 2009 11:27:45 -0600 +Subject: [PATCH] Backport of libltdl changes from the 2.26b release. + +* libltdl/,tdl.c: Backport changes. +--- + ChangeLog | 5 +++++ + libltdl/ltdl.c | 23 +++++++++++++++-------- + 2 files changed, 20 insertions(+), 8 deletions(-) + +diff --git a/ChangeLog b/ChangeLog +index e164eda..98bed36 100644 +--- a/ChangeLog ++++ b/ChangeLog +@@ -1,3 +1,8 @@ ++2009-11-24 Peter O'Gorman ++ ++ Backport of libltdl changes from the 2.26b release. ++ * libltdl/,tdl.c: Backport changes. ++ + 2008-02-27 Peter O'Gorman + + * libtool.m4 [darwin]: Really use _lt_dar_allow_undefined for +diff --git a/libltdl/ltdl.c b/libltdl/ltdl.c +index b747b70..2ef8e0e 100644 +--- a/libltdl/ltdl.c ++++ b/libltdl/ltdl.c +@@ -2192,7 +2192,8 @@ static int trim LT_PARAMS((char **dest, + static int try_dlopen LT_PARAMS((lt_dlhandle *handle, + const char *filename)); + static int tryall_dlopen LT_PARAMS((lt_dlhandle *handle, +- const char *filename)); ++ const char *filename, ++ const char * useloader)); + static int unload_deplibs LT_PARAMS((lt_dlhandle handle)); + static int lt_argz_insert LT_PARAMS((char **pargz, + size_t *pargz_len, +@@ -2390,9 +2391,10 @@ lt_dlexit () + } + + static int +-tryall_dlopen (handle, filename) ++tryall_dlopen (handle, filename, useloader) + lt_dlhandle *handle; + const char *filename; ++ const char *useloader; + { + lt_dlhandle cur; + lt_dlloader *loader; +@@ -2459,6 +2461,11 @@ tryall_dlopen (handle, filename) + + while (loader) + { ++ if (useloader && strcmp(loader->loader_name, useloader)) ++ { ++ loader = loader->next; ++ continue; ++ } + lt_user_data data = loader->dlloader_data; + + cur->module = loader->module_open (data, filename); +@@ -2528,7 +2535,7 @@ tryall_dlopen_module (handle, prefix, dirname, dlname) + error += tryall_dlopen_module (handle, + (const char *) 0, prefix, filename); + } +- else if (tryall_dlopen (handle, filename) != 0) ++ else if (tryall_dlopen (handle, filename, NULL) != 0) + { + ++error; + } +@@ -2549,7 +2556,7 @@ find_module (handle, dir, libdir, dlname, old_name, installed) + /* Try to open the old library first; if it was dlpreopened, + we want the preopened version of it, even if a dlopenable + module is available. */ +- if (old_name && tryall_dlopen (handle, old_name) == 0) ++ if (old_name && tryall_dlopen (handle, old_name, "dlpreload") == 0) + { + return 0; + } +@@ -2813,7 +2820,7 @@ find_handle_callback (filename, data, ignored) + + /* Try to dlopen the file, but do not continue searching in any + case. */ +- if (tryall_dlopen (handle, filename) != 0) ++ if (tryall_dlopen (handle, filename,NULL) != 0) + *handle = 0; + + return 1; +@@ -3103,7 +3110,7 @@ try_dlopen (phandle, filename) + /* lt_dlclose()ing yourself is very bad! Disallow it. */ + LT_DLSET_FLAG (*phandle, LT_DLRESIDENT_FLAG); + +- if (tryall_dlopen (&newhandle, 0) != 0) ++ if (tryall_dlopen (&newhandle, 0, NULL) != 0) + { + LT_DLFREE (*phandle); + return 1; +@@ -3225,7 +3232,7 @@ try_dlopen (phandle, filename) + } + #endif + } +- if (!file) ++ else + { + file = fopen (filename, LT_READTEXT_MODE); + } +@@ -3412,7 +3419,7 @@ try_dlopen (phandle, filename) + #endif + ))) + { +- if (tryall_dlopen (&newhandle, filename) != 0) ++ if (tryall_dlopen (&newhandle, filename, NULL) != 0) + { + newhandle = NULL; + } +-- +1.6.2.5 + diff --git a/mingw32-libltdl.spec b/mingw32-libltdl.spec index 7f064af..5a5f760 100644 --- a/mingw32-libltdl.spec +++ b/mingw32-libltdl.spec @@ -1,17 +1,17 @@ -%define __strip %{_mingw32_strip} -%define __objdump %{_mingw32_objdump} -%define _use_internal_dependency_generator 0 -%define __find_requires %{_mingw32_findrequires} -%define __find_provides %{_mingw32_findprovides} +%global __strip %{_mingw32_strip} +%global __objdump %{_mingw32_objdump} +%global _use_internal_dependency_generator 0 +%global __find_requires %{_mingw32_findrequires} +%global __find_provides %{_mingw32_findprovides} # Define this to run tests (requires Wine, and won't work inside mock or Koji). # Note: As of libtool-1.5.26, libltdl does not contain any tests at all. -%define run_tests 0 +%global run_tests 0 Summary: Runtime libraries for GNU Libtool Dynamic Module Loader Name: mingw32-libltdl Version: 1.5.26 -Release: 13%{?dist} +Release: 16%{?dist} Group: System Environment/Libraries # Even though the source package contains files under # "GPLv2+ and LGPLv2+ and GFDL", the binary RPM only ships LGPLv2+ code. @@ -26,6 +26,9 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-%(%{__id_u} -n) # into running a prepared binary in that directory: Patch2: libtool-1.5.24-relativepath.patch +# CVE-2009-3736 (may load & exec code from current dir) +Patch3: libtool-1.5.26-Backport-of-libltdl-changes-from-the-2.26b-release.patch + BuildRequires: mingw32-filesystem >= 30 BuildRequires: mingw32-binutils BuildRequires: mingw32-gcc @@ -50,7 +53,8 @@ the rest of the GNU Autotools (including GNU Autoconf and GNU Automake). %prep %setup -n libtool-%{version} -q -%patch2 -p1 +%patch2 -p1 -b .relativepath +%patch3 -p1 -b .CVE-2009-3736 %build export PATH=%{_mingw32_bindir}:$PATH @@ -97,6 +101,10 @@ rm -rf %{buildroot} %changelog +* Thu Feb 11 2010 Hans Ulrich Niedermann - 1.5.26-16 +- Fix CVE-2009-3736 (#563980, #537941) +- Change define macros into global macros + * Wed Feb 25 2009 Fedora Release Engineering - 1.5.26-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild