Hey Ricardo, here comes the patch for the NMU. It will be also archived on: http://people.debian.org/~nion/nmu-diff/sylpheed-claws_1.0.5-5.1_1.0.5-5.2.patch
Kind regards Nico -- Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
diff -u sylpheed-claws-1.0.5/debian/changelog sylpheed-claws-1.0.5/debian/changelog
--- sylpheed-claws-1.0.5/debian/changelog
+++ sylpheed-claws-1.0.5/debian/changelog
@@ -1,3 +1,11 @@
+sylpheed-claws (1.0.5-5.2) unstable; urgency=high
+
+ * Non-maintainer upload by testing security team.
+ * Fix format string vulnerability in inc_put_error
+ function (CVE-2007-2958) (Closes: #441854).
+
+ -- Nico Golde <[EMAIL PROTECTED]> Sat, 15 Sep 2007 01:51:29 +0200
+
sylpheed-claws (1.0.5-5.1) unstable; urgency=low
* Non-maintainer upload.
only in patch2:
unchanged:
--- sylpheed-claws-1.0.5.orig/debian/patches/14security-fix-CVE-2007-2958.patch
+++ sylpheed-claws-1.0.5/debian/patches/14security-fix-CVE-2007-2958.patch
@@ -0,0 +1,12 @@
+diff -urN sylpheed-claws-1.0.5.orig/src/inc.c sylpheed-claws-1.0.5/src/inc.c
+--- sylpheed-claws-1.0.5.orig/inc.c 2005-06-27 13:50:13.000000000 +0200
++++ sylpheed-claws-1.0.5/src/inc.c 2007-09-15 01:49:02.000000000 +0200
+@@ -1180,7 +1180,7 @@
+ log_warning("%s\n", log_msg);
+ }
+ if (err_msg) {
+- alertpanel_error_log(err_msg);
++ alertpanel_error_log("%s", err_msg);
+ g_free(err_msg);
+ }
+ }
pgphFNWjMENN5.pgp
Description: PGP signature
