Hello community, here is the log from the commit of package gnutls for openSUSE:Factory checked in at Tue Oct 18 14:09:02 CEST 2011.
-------- --- openSUSE:Factory/gnutls/gnutls.changes 2011-10-11 17:16:19.000000000 +0200 +++ /mounts/work_src_done/STABLE/gnutls/gnutls.changes 2011-10-17 16:19:39.000000000 +0200 @@ -1,0 +2,6 @@ +Mon Oct 17 13:21:57 UTC 2011 - vu...@opensuse.org + +- Add gnutls-fix-crash-on-strcat.patch: make sure a string is + nul-terminated before using strcat on it. Fix bnc#724421. + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- gnutls-fix-crash-on-strcat.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnutls.spec ++++++ --- /var/tmp/diff_new_pack.G9g5Us/_old 2011-10-18 14:08:54.000000000 +0200 +++ /var/tmp/diff_new_pack.G9g5Us/_new 2011-10-18 14:08:54.000000000 +0200 @@ -32,6 +32,8 @@ Source1: baselibs.conf # PATCH-FIX-UPSTREAM gnutls-fix-compression.patch vu...@opensuse.org -- Taken from git, fix decompression/compression Patch0: gnutls-fix-compression.patch +# PATCH-FIX-UPSTREAM gnutls-fix-crash-on-strcat.patch bnc#724421 vu...@opensuse.org -- Fix a crash because of badly used strcat, sent upstream by mail on 2011-10-17 +Patch1: gnutls-fix-crash-on-strcat.patch BuildRequires: gcc-c++ BuildRequires: libnettle-devel >= 2.2 BuildRequires: p11-kit-devel @@ -156,6 +158,7 @@ %prep %setup -q %patch0 -p1 +%patch1 -p1 %build %configure \ ++++++ gnutls-fix-crash-on-strcat.patch ++++++ >From 7043a8e9e314b0c2eb7ac5c2278a0b103f6a758a Mon Sep 17 00:00:00 2001 From: Vincent Untz <vu...@gnome.org> Date: Mon, 17 Oct 2011 15:15:46 +0200 Subject: [PATCH] Correctly terminate a string with \0 before concatenating to it Fix a potential crash: https://bugzilla.novell.com/show_bug.cgi?id=724421 --- lib/x509/common.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/lib/x509/common.c b/lib/x509/common.c index 6bb4746..0651d2e 100644 --- a/lib/x509/common.c +++ b/lib/x509/common.c @@ -390,6 +390,7 @@ _gnutls_x509_data2hex (const opaque * data, size_t data_size, if (out) { out[0] = '#'; + out[1] = '\0'; _gnutls_str_cat (out, *sizeof_out, res); } -- 1.7.7 continue with "q"... Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org