Hello community, here is the log from the commit of package libstaroffice for openSUSE:Factory checked in at 2017-07-04 11:52:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libstaroffice (Old) and /work/SRC/openSUSE:Factory/.libstaroffice.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libstaroffice" Tue Jul 4 11:52:50 2017 rev:4 rq:506939 version:0.0.3 Changes: -------- --- /work/SRC/openSUSE:Factory/libstaroffice/libstaroffice.changes 2017-02-28 23:46:53.392435219 +0100 +++ /work/SRC/openSUSE:Factory/.libstaroffice.new/libstaroffice.changes 2017-07-04 11:52:52.136023806 +0200 @@ -1,0 +2,5 @@ +Thu Jun 29 07:36:52 UTC 2017 - [email protected] + +- Add patch CVE-2017-9432.patch fixing bsc#1042829 CVE-2017-9432 + +------------------------------------------------------------------- New: ---- CVE-2017-9432.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libstaroffice.spec ++++++ --- /var/tmp/diff_new_pack.GLC0nQ/_old 2017-07-04 11:52:53.195874653 +0200 +++ /var/tmp/diff_new_pack.GLC0nQ/_new 2017-07-04 11:52:53.199874090 +0200 @@ -25,6 +25,7 @@ Group: Productivity/Publishing/Word Url: https://github.com/fosnola/libstaroffice/wiki Source: https://github.com/fosnola/%{name}/releases/download/%{version}/%{name}-%{version}.tar.xz +Patch0: CVE-2017-9432.patch BuildRequires: doxygen BuildRequires: fdupes BuildRequires: gcc-c++ @@ -70,6 +71,7 @@ %prep %setup -q +%patch0 -p1 # fix date in documentation sed -i \ ++++++ CVE-2017-9432.patch ++++++ >From 2d6253c7a692a3d92785dd990fce7256ea05e794 Mon Sep 17 00:00:00 2001 From: David Tardon <[email protected]> Date: Fri, 7 Apr 2017 19:28:55 +0200 Subject: [PATCH] ofz#1029 use correct loop index To be honest, I think this would be clearer as two separate reads to two separate vars... --- src/lib/StarWriterStruct.cxx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib/StarWriterStruct.cxx b/src/lib/StarWriterStruct.cxx index 5893302..d1ad366 100644 --- a/src/lib/StarWriterStruct.cxx +++ b/src/lib/StarWriterStruct.cxx @@ -327,7 +327,7 @@ bool DatabaseName::read(StarZone &zone) } data.m_name=libstoff::getString(text); int positions[2]; - for (int j=0; j<2; ++j) positions[i]=int(input->readULong(4)); + for (int j=0; j<2; ++j) positions[j]=int(input->readULong(4)); data.m_selection=STOFFVec2i(positions[0],positions[1]); m_dataList.push_back(data); } -- 2.13.0
