[CVS] OpenPKG: OPENPKG_1_3_SOLID: openpkg-src/sharutils/ sharutils.pat...

Wed, 07 Apr 2004 05:45:21 -0700 

  OpenPKG CVS Repository
  http://cvs.openpkg.org/
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Thomas Lotterer
  Root:   /e/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src                      Date:   07-Apr-2004 14:45:26
  Branch: OPENPKG_1_3_SOLID                Handle: 2004040713452500

  Added files:              (Branch: OPENPKG_1_3_SOLID)
    openpkg-src/sharutils   sharutils.patch
  Modified files:           (Branch: OPENPKG_1_3_SOLID)
    openpkg-src/sharutils   sharutils.spec

  Log:
    SA-2004.011-sharutils

  Summary:
    Revision    Changes     Path
    1.1.4.1     +16 -0      openpkg-src/sharutils/sharutils.patch
    1.21.2.2.2.2+3  -1      openpkg-src/sharutils/sharutils.spec
  ____________________________________________________________________________

  patch -p0 <<'@@ .'
  Index: openpkg-src/sharutils/sharutils.patch
  ============================================================================
  $ cvs diff -u -r0 -r1.1.4.1 sharutils.patch
  --- /dev/null 2004-04-07 14:45:25.000000000 +0200
  +++ sharutils.patch   2004-04-07 14:45:25.000000000 +0200
  @@ -0,0 +1,16 @@
  +http://www.securityfocus.com/archive/1/359639
  +GNU Sharutils buffer overflow vulnerability
  +
  +Index: src/shar.c
  +--- src/shar.c.orig  2004-04-07 14:27:20.000000000 +0200
  ++++ src/shar.c       2004-04-07 14:30:27.000000000 +0200
  +@@ -1905,7 +1905,7 @@
  +     break;
  + 
  +       case 'o':
  +-    strcpy (output_base_name, optarg);
  ++    strncpy (output_base_name, optarg, sizeof(output_base_name));
  +     if (!strchr (output_base_name, '%'))
  +       strcat (output_base_name, ".%02d");
  +     part_number = 0;
  +
  @@ .
  patch -p0 <<'@@ .'
  Index: openpkg-src/sharutils/sharutils.spec
  ============================================================================
  $ cvs diff -u -r1.21.2.2.2.1 -r1.21.2.2.2.2 sharutils.spec
  --- openpkg-src/sharutils/sharutils.spec      29 Jul 2003 15:01:30 -0000      
1.21.2.2.2.1
  +++ openpkg-src/sharutils/sharutils.spec      7 Apr 2004 12:45:25 -0000       
1.21.2.2.2.2
  @@ -33,10 +33,11 @@
   Group:        Archiver
   License:      GPL
   Version:      4.2.1
  -Release:      1.3.0
  +Release:      1.3.1
   
   #   list of sources
   Source0:      ftp://ftp.gnu.org/gnu/sharutils/sharutils-%{version}.tar.gz
  +Patch0:       sharutils.patch
   
   #   build information
   Prefix:       %{l_prefix}
  @@ -63,6 +64,7 @@
   
   %prep
       %setup -q
  +    %patch
   
   %build
       CC="%{l_cc}" \
  @@ .
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [EMAIL PROTECTED]

Reply via email to