Hello community, here is the log from the commit of package libxdg-basedir for openSUSE:Factory checked in at 2015-10-06 13:25:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libxdg-basedir (Old) and /work/SRC/openSUSE:Factory/.libxdg-basedir.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libxdg-basedir" Changes: -------- --- /work/SRC/openSUSE:Factory/libxdg-basedir/libxdg-basedir.changes 2012-11-05 14:58:34.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libxdg-basedir.new/libxdg-basedir.changes 2015-10-06 13:25:13.000000000 +0200 @@ -1,0 +2,8 @@ +Wed Sep 30 12:27:40 UTC 2015 - [email protected] + +- properly fix buffer overflow in allocation (0001-Overflow-bug.diff) +- fix download url +- enalbe make check +- drop libxdg-basedir-fix_tests.patch + +------------------------------------------------------------------- Old: ---- libxdg-basedir-fix_tests.patch New: ---- 0001-Overflow-bug.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libxdg-basedir.spec ++++++ --- /var/tmp/diff_new_pack.aOY69h/_old 2015-10-06 13:25:13.000000000 +0200 +++ /var/tmp/diff_new_pack.aOY69h/_new 2015-10-06 13:25:13.000000000 +0200 @@ -2,7 +2,7 @@ # # spec file for package libxdg-basedir # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2012 Pascal Bleser <[email protected]> # # All modifications and additions to the file contributed by third parties @@ -25,10 +25,10 @@ Summary: XDG Base Directory Specification Library License: MIT Group: System/Libraries -Url: http://n.ethz.ch/~nevillm/download/libxdg-basedir/ -Source: http://n.ethz.ch/~nevillm/download/libxdg-basedir/libxdg-basedir-%{version}.tar.gz -# PATCH-openSUSE-FIX [email protected] -Patch2: libxdg-basedir-fix_tests.patch +Url: http://nevill.ch/libxdg-basedir/ +Source: http://nevill.ch/libxdg-basedir/downloads/libxdg-basedir-%{version}.tar.gz +# PATCH-FIX-UPSTREAM https://github.com/devnev/libxdg-basedir/pull/3 -- [email protected] +Patch0: 0001-Overflow-bug.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: autoconf BuildRequires: automake @@ -76,12 +76,15 @@ %prep %setup -q -n "libxdg-basedir-%{version}" -%patch2 -p1 +%patch0 -p1 %build %configure %__make %{?_smp_flags} +%check +%__make check + %install %makeinstall %__rm "%{buildroot}%{_libdir}/libxdg-basedir.la" @@ -89,7 +92,6 @@ %post -n libxdg-basedir1 -p /sbin/ldconfig %postun -n libxdg-basedir1 -p /sbin/ldconfig - %files -n "%{name}%{soname}" %defattr(-,root,root) %doc COPYING ++++++ 0001-Overflow-bug.diff ++++++ >From 14e000f696ef8b83264b0ca4407669bdb365fb23 Mon Sep 17 00:00:00 2001 From: Timmy Weerwag <[email protected]> Date: Sun, 16 Mar 2014 17:54:14 +0100 Subject: [PATCH] Overflow bug --- src/basedir.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/basedir.c b/src/basedir.c index 68ab879..1a2a8c4 100644 --- a/src/basedir.c +++ b/src/basedir.c @@ -574,7 +574,7 @@ static char * xdgGetRelativeHome(const char *envname, const char *relativefallba unsigned int homelen; if (!(home = xdgGetEnv("HOME"))) return NULL; - if (!(relhome = (char*)malloc((homelen = strlen(home))+fallbacklength))) return NULL; + if (!(relhome = (char*)malloc((homelen = strlen(home))+fallbacklength+1))) return NULL; memcpy(relhome, home, homelen); memcpy(relhome+homelen, relativefallback, fallbacklength+1); } -- 2.5.1
