From cab66f8f8c413086054771783eea4f3655d01a959f6309dadcfb9e4d072016dc Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Tue, 30 Oct 2007 23:59:58 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/hugin?expand=0&rev=6 --- hugin-CVE-2007-5200.patch | 34 ++++++++++++++++++++++++++++++++++ hugin-optim_file.patch | 26 -------------------------- hugin.changes | 6 ++++++ hugin.spec | 7 +++++-- 4 files changed, 45 insertions(+), 28 deletions(-) create mode 100644 hugin-CVE-2007-5200.patch delete mode 100644 hugin-optim_file.patch diff --git a/hugin-CVE-2007-5200.patch b/hugin-CVE-2007-5200.patch new file mode 100644 index 0000000..60df390 --- /dev/null +++ b/hugin-CVE-2007-5200.patch @@ -0,0 +1,34 @@ +--- src/hugin/AutoCtrlPointCreator.cpp ++++ src/hugin/AutoCtrlPointCreator.cpp +@@ -224,8 +224,7 @@ + wxSetWorkingDirectory(apDir); + } + #endif +- +- wxString ptofile(wxT("autopano_result_tempfile.pto")); ++ wxString ptofile = wxFileName::CreateTempFileName(wxT("ap_res")); + autopanoArgs.Replace(wxT("%o"), ptofile); + wxString tmp; + tmp.Printf(wxT("%d"), nFeatures); +@@ -415,7 +414,7 @@ + imgNr++; + } + +- wxString ptofile(wxT("autopano_result_tempfile")); ++ wxString ptofile = wxFileName::CreateTempFileName(wxT("ap_res")); + autopanoArgs.Replace(wxT("%o"), ptofile); + wxString tmp; + tmp.Printf(wxT("%d"), nFeatures); +--- src/Panorama/PTOptimise.cpp ++++ src/Panorama/PTOptimise.cpp +@@ -36,8 +36,8 @@ + #include + #include + +-#define DEBUG_WRITE_OPTIM_OUTPUT +-#define DEBUG_WRITE_OPTIM_OUTPUT_FILE "hugin_debug_optim_results.txt" ++//#define DEBUG_WRITE_OPTIM_OUTPUT ++//#define DEBUG_WRITE_OPTIM_OUTPUT_FILE "hugin_debug_optim_results.txt" + + using namespace std; + using namespace PT; diff --git a/hugin-optim_file.patch b/hugin-optim_file.patch deleted file mode 100644 index d9fa1fc..0000000 --- a/hugin-optim_file.patch +++ /dev/null @@ -1,26 +0,0 @@ ---- src/Panorama/PTOptimise.cpp -+++ src/Panorama/PTOptimise.cpp -@@ -36,9 +36,6 @@ - #include - #include - --#define DEBUG_WRITE_OPTIM_OUTPUT --#define DEBUG_WRITE_OPTIM_OUTPUT_FILE "hugin_debug_optim_results.txt" -- - using namespace std; - using namespace PT; - using namespace PTools; -@@ -132,13 +129,6 @@ - RunLMOptimizer( &opt ); - ainf.data = opt.message; - // get results from align info. --#ifdef DEBUG_WRITE_OPTIM_OUTPUT -- fullPath path; -- StringtoFullPath(&path, DEBUG_WRITE_OPTIM_OUTPUT_FILE ); -- -- ainf.data = opt.message; -- WriteResults( script, &path, &ainf, distSquared, 0); --#endif - pano.updateVariables(GetAlignInfoVariables(ainf) ); - pano.updateCtrlPointErrors( GetAlignInfoCtrlPoints(ainf) ); - } diff --git a/hugin.changes b/hugin.changes index f6dbb88..6f8c817 100644 --- a/hugin.changes +++ b/hugin.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue Oct 30 11:54:51 CET 2007 - prusnak@suse.cz + +- renamed optim_file.patch to CVE-2007-5200 (after CVE assigned) +- fixed tempfile creation also in AutoCtrlPointCreator + ------------------------------------------------------------------- Thu Oct 4 15:44:11 CEST 2007 - prusnak@suse.cz diff --git a/hugin.spec b/hugin.spec index e78b6e9..ca71430 100644 --- a/hugin.spec +++ b/hugin.spec @@ -16,7 +16,7 @@ License: GPL v2 or later Group: Productivity/Graphics/Bitmap Editors Summary: Front-End for Panorama Tools Version: 0.6.99.4 -Release: 37 +Release: 55 %define _version 0.7_beta4 Source: %{name}-%{_version}.tar.bz2 Patch2: hugin-fftw.patch @@ -24,7 +24,7 @@ Patch4: hugin-jpe.patch Patch64: hugin-lib64.patch Patch11: hugin-0.5-autoconf.diff Patch12: hugin-string-compare.patch -Patch13: hugin-optim_file.patch +Patch13: hugin-CVE-2007-5200.patch Url: http://hugin.sourceforge.net/ BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: licenses @@ -113,6 +113,9 @@ fi %{_datadir}/pixmaps/*.png %doc %{_mandir}/man?/* %changelog +* Tue Oct 30 2007 - prusnak@suse.cz +- renamed optim_file.patch to CVE-2007-5200 (after CVE assigned) +- fixed tempfile creation also in AutoCtrlPointCreator * Thu Oct 04 2007 - prusnak@suse.cz - totally removed creation of fixed-name file in /tmp from last patch * Thu Sep 27 2007 - prusnak@suse.cz