OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/csound?expand=0&rev=8

csound-sanitize-sys.patch

@@ -0,0 +1,22 @@
+--- a/frontends/CsoundVST/Shell.cpp
++++ b/frontends/CsoundVST/Shell.cpp
+@@ -211,6 +211,8 @@ namespace csound
+   void Shell::main(int argc, char **argv)
+   {
+     PySys_SetArgv_(argc, argv);
++    /* Sanitize sys.path */
++    PyRun_SimpleString_("import sys; sys.path = filter(None, sys.path)");
+   }
+ 
+   void Shell::initialize()
+--- a/frontends/CsoundVST/ScoreGeneratorVst.cpp
++++ b/frontends/CsoundVST/ScoreGeneratorVst.cpp
+@@ -427,6 +427,8 @@
+   Shell::open();
+   char *argv[] = {"",""};
+   PySys_SetArgv(1, argv);
++  /* Sanitize sys.path */
++  PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)");
+   PyObject *mainModule = PyImport_ImportModule("__main__");
+   result = runScript("import sys\n");
+   if(result)

csound.changes

@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Wed Jan 28 14:40:46 CET 2009 - tiwai@suse.de
+
+- Fix python module search path insecure issue (bnc#470095)
+  This package is unaffected; the patch is included just for any
+  possible cases in future.
+
 -------------------------------------------------------------------
 Wed Oct  1 15:28:52 CEST 2008 - tiwai@suse.de
 

csound.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package csound (Version 5.06.0)
 #
-# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -26,8 +26,8 @@ BuildRequires:  fltk-devel libjpeg-devel libpng-devel xorg-x11-devel
 %endif
 Summary:        Computer Sound Synthesis and Composition Program
 Version:        5.06.0
-Release:        128
+Release:        129
-License:        LGPL v2.1 or later
+License:        GNU Free Documentation License, Version 1.2 (GFDL 1.2); LGPL v2.1 or later; X11/MIT
 Group:          Productivity/Multimedia/Sound/Utilities
 Source:         Csound%{version}.tar.bz2
 Source1:        README.SuSE
@@ -35,6 +35,7 @@ Patch:          csound-alsa-fix.diff
 Patch1:         csound-tmpnam-fix.diff
 Patch2:         csound-gcc-warning-fix.diff
 Patch3:         csound-python-2.6-fix.diff
+Patch4:         csound-sanitize-sys.patch
 Url:            http://www.csounds.com
 AutoReq:        on
 Autoprov:       off
@@ -54,6 +55,7 @@ For detailed information, refer to http://www.csounds.com.
 %patch1
 %patch2
 %patch3
+%patch4 -p1
 cp %{SOURCE1} .
 # fix encoding
 iconv -f latin1 -t utf8 readme-csound5.txt > readme-csound5.txt.utf8
@@ -104,6 +106,10 @@ rm -rf $RPM_BUILD_ROOT%{_includedir}
 # %{_libdir}/lib*
 
 %changelog
+* Wed Jan 28 2009 tiwai@suse.de
+- Fix python module search path insecure issue (bnc#470095)
+  This package is unaffected; the patch is included just for any
+  possible cases in future.
 * Wed Oct 01 2008 tiwai@suse.de
 - fix build with python-2.6
 * Wed Jun 20 2007 tiwai@suse.de