[packages/swish-e] - up to 2.4.7 - fix format string errors

Tue, 11 Jun 2013 04:58:26 -0700 

commit 45fe6c1712a813748372a09ef299979d3956e4e3
Author: Jan RÄ™korajski <[email protected]>
Date:   Tue Jun 11 13:57:20 2013 +0200

    - up to 2.4.7
    - fix format string errors

 format-security.patch | 31 +++++++++++++++++++++++++++++++
 swish-e.spec          |  8 +++++---
 2 files changed, 36 insertions(+), 3 deletions(-)
---
diff --git a/swish-e.spec b/swish-e.spec
index 00d3d62..01370bf 100644
--- a/swish-e.spec
+++ b/swish-e.spec
@@ -2,12 +2,13 @@
 Summary:       Simple Web Indexing System for Humans - Enhanced
 Summary(pl.UTF-8):     Prosty system indeksowania stron WWW - wersja 
rozszerzona
 Name:          swish-e
-Version:       2.4.6
-Release:       4
+Version:       2.4.7
+Release:       1
 License:       GPL/LGPL
 Group:         Applications/Text
 Source0:       http://swish-e.org/distribution/%{name}-%{version}.tar.gz
-# Source0-md5: eb762cba20ea0908141d44b1a31cdd39
+# Source0-md5: 736db7a65aed48bb3e2587c52833642d
+Patch0:                format-security.patch
 URL:           http://swish-e.org/
 #Icon:         swish-e.xpm
 BuildRequires: libxml2-devel
@@ -139,6 +140,7 @@ Biblioteka statyczna dla swish-e.
 
 %prep
 %setup -q
+%patch0 -p1
 
 %build
 %configure \
diff --git a/format-security.patch b/format-security.patch
new file mode 100644
index 0000000..01d8cab
--- /dev/null
+++ b/format-security.patch
@@ -0,0 +1,31 @@
+--- swish-e-2.4.7/src/parser.c~        2009-04-05 03:58:32.000000000 +0200
++++ swish-e-2.4.7/src/parser.c 2013-06-11 13:53:08.196559035 +0200
+@@ -1760,7 +1760,7 @@
+     va_start(args, msg);
+     vsnprintf(str, 1000, msg, args );
+     va_end(args);
+-    xmlParserError(parse_data->ctxt, str);
++    xmlParserError(parse_data->ctxt, "%s", str);
+ }
+ 
+ static void warning(void *data, const char *msg, ...)
+@@ -1772,7 +1772,7 @@
+     va_start(args, msg);
+     vsnprintf(str, 1000, msg, args );
+     va_end(args);
+-    xmlParserWarning(parse_data->ctxt, str);
++    xmlParserWarning(parse_data->ctxt, "%s", str);
+ }
+ 
+ 
+--- swish-e-2.4.7/src/result_output.c~ 2009-04-05 03:58:32.000000000 +0200
++++ swish-e-2.4.7/src/result_output.c  2013-06-11 13:53:38.593550825 +0200
+@@ -752,7 +752,7 @@
+             s = (char *) emalloc(MAXWORDLEN + 1);
+             n = strftime(s, (size_t) MAXWORDLEN, fmt, 
localtime(&(pv->value.v_date)));
+             if (n && f)
+-                fprintf(f, s);
++                fprintf(f, "%s", s);
+             efree(s);
+         }
+         break;
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/swish-e.git/commitdiff/45fe6c1712a813748372a09ef299979d3956e4e3

_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit

Reply via email to