packages: spamassassin-plugin-fuzzyocr/spamassassin-plugin-fuzzyocr.spec, s...

blues blues at pld-linux.org
Wed Apr 7 12:28:30 CEST 2010 

Author: blues                        Date: Wed Apr  7 10:28:30 2010 GMT
Module: packages                      Tag: HEAD
---- Log message:
- rel.2: untaint patch added, picture scanning works with current perl
  again

---- Files affected:
packages/spamassassin-plugin-fuzzyocr:
   spamassassin-plugin-fuzzyocr.spec (1.32 -> 1.33) , spamassassin-plugin-fuzzyocr-untaint.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/spamassassin-plugin-fuzzyocr/spamassassin-plugin-fuzzyocr.spec
diff -u packages/spamassassin-plugin-fuzzyocr/spamassassin-plugin-fuzzyocr.spec:1.32 packages/spamassassin-plugin-fuzzyocr/spamassassin-plugin-fuzzyocr.spec:1.33
--- packages/spamassassin-plugin-fuzzyocr/spamassassin-plugin-fuzzyocr.spec:1.32	Tue Apr  6 16:45:57 2010
+++ packages/spamassassin-plugin-fuzzyocr/spamassassin-plugin-fuzzyocr.spec	Wed Apr  7 12:28:25 2010
@@ -8,7 +8,7 @@
 Summary(pl.UTF-8):	Wtyczka FuzzyOcr dla SpamAssassina
 Name:		spamassassin-plugin-fuzzyocr
 Version:	3.6.0
-Release:	1
+Release:	2
 License:	Apache v2.0
 Group:		Applications/Mail
 # svn export https://svn.own-hero.net/fuzzyocr/trunk/devel fuzzyocr
@@ -16,6 +16,7 @@
 Source0:	http://users.own-hero.net/~decoder/fuzzyocr/fuzzyocr-%{version}.tar.gz
 # Source0-md5:	d434a339fb0bb5cc9120772325908df5
 Patch0:		%{name}-debian.patch
+Patch1:		%{name}-untaint.patch
 URL:		http://fuzzyocr.own-hero.net/
 BuildRequires:	sed >= 4.0
 %if %{with autodeps}
@@ -89,6 +90,7 @@
 %prep
 %setup -q -n FuzzyOcr-%{version}
 %patch0 -p1
+%patch1 -p1
 %{__sed} -i -e '1s,#!.*perl,#!%{__perl},' Utils/fuzzy-*
 
 for p in `cat debian/patches/series`; do
@@ -124,6 +126,10 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.33  2010/04/07 10:28:25  blues
+- rel.2: untaint patch added, picture scanning works with current perl
+  again
+
 Revision 1.32  2010/04/06 14:45:57  blues
 - 3.6.0 - use tar provided by vendor
 

================================================================
Index: packages/spamassassin-plugin-fuzzyocr/spamassassin-plugin-fuzzyocr-untaint.patch
diff -u /dev/null packages/spamassassin-plugin-fuzzyocr/spamassassin-plugin-fuzzyocr-untaint.patch:1.1
--- /dev/null	Wed Apr  7 12:28:30 2010
+++ packages/spamassassin-plugin-fuzzyocr/spamassassin-plugin-fuzzyocr-untaint.patch	Wed Apr  7 12:28:25 2010
@@ -0,0 +1,11 @@
+--- ./FuzzyOcr/Config.pm.org	2010-04-06 16:49:40.788528254 +0200
++++ ./FuzzyOcr/Config.pm	2010-04-07 12:23:05.573987960 +0200
+@@ -577,7 +577,7 @@ sub parse_config {
+         return 1;
+     } elsif ($opts->{key} eq 'focr_bin_helper') {
+         my @cmd; $conf = $opts->{conf};
+-        my $val = $opts->{value}; $val =~ s/[\s]*//g;
++        my $val = Mail::SpamAssassin::Util::untaint_var($opts->{value}); $val =~ s/[\s]*//g;
+         debuglog("focr_bin_helper: '$val'");
+         foreach my $bin (split(',',$val)) {
+             unless (grep {m/$bin/} @bin_utils) {
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/spamassassin-plugin-fuzzyocr/spamassassin-plugin-fuzzyocr.spec?r1=1.32&r2=1.33&f=u

More information about the pld-cvs-commit mailing list