Accepting request 254842 from home:Futhorc:branches:shells

Multiple security fixes, update to 2.1.1 OBS-URL: https://build.opensuse.org/request/show/254842 OBS-URL: https://build.opensuse.org/package/show/shells/fish?expand=0&rev=4
2014-10-09 17:19:42 +00:00 · 2014-10-09 17:19:42 +00:00 · 986e548e28
commit 986e548e28
parent 2dac0937d0
4 changed files with 31 additions and 11 deletions
--- a/fish-2.1.0.tar.gz
+++ b/fish-2.1.0.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:af527af9d145df5675ca3031c1a87007d4f4753a1cde49da88f4eb883a1cf044
-size 1707921
--- a/fish-2.1.1.tar.gz
+++ b/fish-2.1.1.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:b7e4d3c3d55fc3859edcb20462fcf0d14ab26e920eddcd503072e8105284d924
+size 1681744
--- a/fish.changes
+++ b/fish.changes
@ -1,4 +1,23 @@
 -------------------------------------------------------------------
+Thu Oct  9 12:05:02 UTC 2014 - seanpwatson@live.com
+
+- update to 2.1.1
+- The fish_config web interface now uses an authentication token 
+to protect requests and only responds to requests from the local 
+machine with this token, preventing a remote code execution attack
+(closing CVE-2014-2914).
+- psub and funced are no longer vulnerable to attacks which 
+allow local privilege escalation and data tampering (closing 
+CVE-2014-2906 and CVE-2014-3856)
+- fishd uses a secure path for its socket, preventing a local 
+privilege escalation attack (closing CVE-2014-2905)
+- __fish_print_packages is no longer vulnerable to attacks which 
+would allow local privilege escalation and data tampering 
+(closing CVE-2014-3219)
+-fishd now ignores SIGPIPE, fixing crashes using tools like 
+GNU Parallel and which occurred more often as a result of 
+the other fishd changes.
+-------------------------------------------------------------------
 Sat Oct 12 20:34:28 UTC 2013 - mailaender@opensuse.org

 - update to 2.1.0
--- a/fish.spec
+++ b/fish.spec
@ -1,7 +1,7 @@
 #
 # spec file for package fish
 #
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -15,22 +15,23 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #

+
 Name:           fish
-Version:        2.1.0
+Version:        2.1.1
 Release:        0
+Summary:        A user friendly interactive shell
 License:        GPL-2.0
 Group:          System/Shells
 Url:            http://fishshell.com/
 Source:         http://fishshell.com/files/%{version}/fish-%{version}.tar.gz
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  autoconf
 BuildRequires:  doxygen
 BuildRequires:  gcc-c++
 BuildRequires:  gettext
 BuildRequires:  groff
-BuildRequires:  python
 BuildRequires:  ncurses-devel
-Summary:        A user friendly interactive shell
+BuildRequires:  python
+BuildRoot:      %{_tmppath}/%{name}-%{version}-build

 %description
 fish is a user friendly command line shell for UNIX-like operating systems such as Linux.
@ -47,7 +48,7 @@ autoconf
 make %{?_smp_mflags}

 %install
-make install DESTDIR=%{buildroot}
+make DESTDIR=%{buildroot} install %{?_smp_mflags}
 %find_lang %{name}

 %post
@ -60,7 +61,7 @@ fi
 # Remove fish from the list of allowed shells in /etc/shells
 if [ "$1" = 0 ]; then
 	grep -v %{_bindir}/%{name} %{_sysconfdir}/shells >%{_sysconfdir}/%{name}.tmp
-	mv %{_sysconfdir}/%{name}.tmp %_sysconfdir/shells
+	mv %{_sysconfdir}/%{name}.tmp %{_sysconfdir}/shells
 fi

 %files -f %{name}.lang
@ -73,4 +74,4 @@ fi
 %{_datadir}/%{name}/tools
 %{_mandir}/man1/*

-%changelog
+%changelog