tags 314700 patch
thanks
Hi Jon,
On Fri, Jun 24, 2005 at 10:39:49PM +0200, Jonathan Quick wrote:
Steve Langasek wrote:
It's not clear to me from your message whether this bug affects only the
version in woody, or if it also affects the version in sarge. Could you
please clarify, so that we can tag this bug correctly?
The version in Sarge does not seem to be affected - only Woody ie. 3.0r6
is affected. The confusion comes from the other bug about it segfaulting
on m68k which was in testing at the time. Unfortunately this bug is
affecting the compilation of a control system used by many radio telescopes
around the world to perform coordinated observing - a technique known as
Very Long Baseline Interferometry (VLBI) and switching multiple machines
owned by multiple observatories to sarge to fix it is a little bit beyond
our capabilities right now !!
Ok, I've pushed a package out to http://people.debian.org/~vorlon/f2c/ which
should be fixed. Do you want to give it a try and let me know if there are
any problems?
Security team, could you please review and accept this fixed f2c security
update into woody, correcting the grave bug introduced by DSA-661? The
signed changes file and package diff are attached; the source package is at
the above URL.
Thanks,
--
Steve Langasek
postmodern programmer
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.7
Date: Wed, 6 Jul 2005 03:19:31 -0700
Source: f2c
Binary: f2c
Architecture: source i386
Version: 20010821-3.3
Distribution: oldstable-security
Urgency: low
Maintainer: Steve Langasek [EMAIL PROTECTED]
Changed-By: Steve Langasek [EMAIL PROTECTED]
Description:
f2c- A FORTRAN 77 to C/C++ translator, plus static shared libs.
Closes: 314700
Changes:
f2c (20010821-3.3) oldstable-security; urgency=low
.
* Non-maintainer upload
* Backport the fixed security patch from sarge for CAN-2005-0017; the
previous version of the patch renders f2c completely unusable.
Closes: #314700.
Files:
5dad803e81bbaf4c7a88d55cd60070bd 519 devel optional f2c_20010821-3.3.dsc
9fd568d2a89870dae47081cff42f0d70 29711 devel optional f2c_20010821-3.3.diff.gz
59349f0ed8989457a60fd79d010646bb 423326 devel optional
f2c_20010821-3.3_i386.deb
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFCy7dZKN6ufymYLloRAvRUAJ4v1n1Ah1V3Po9WPGoqIHNQLo+U6ACgi7HV
sB64Lh13rI9eAttYq0V/Ykc=
=PaD3
-END PGP SIGNATURE-
diff -u f2c-20010821/debian/changelog f2c-20010821/debian/changelog
--- f2c-20010821/debian/changelog
+++ f2c-20010821/debian/changelog
@@ -1,3 +1,12 @@
+f2c (20010821-3.3) oldstable-security; urgency=low
+
+ * Non-maintainer upload
+ * Backport the fixed security patch from sarge for CAN-2005-0017; the
+previous version of the patch renders f2c completely unusable.
+Closes: #314700.
+
+ -- Steve Langasek [EMAIL PROTECTED] Wed, 6 Jul 2005 03:19:31 -0700
+
f2c (20010821-3.2) stable-security; urgency=high
* Non-maintainer upload by the Security Team
diff -u f2c-20010821/patches/patch.CAN-2005-0017.f2c
f2c-20010821/patches/patch.CAN-2005-0017.f2c
--- f2c-20010821/patches/patch.CAN-2005-0017.f2c
+++ f2c-20010821/patches/patch.CAN-2005-0017.f2c
@@ -1,6 +1,54 @@
f2c-20010821.orig/src/sysdep.c 2005-04-13 20:33:04.0 +0200
-+++ f2c-20010821/src/sysdep.c 2005-04-13 20:41:14.0 +0200
-@@ -22,6 +22,7 @@ use or performance of this software.
+diff -uNr f2c-20010821.orig/src/defs.h f2c-20010821/src/defs.h
+--- f2c-20010821.orig/src/defs.h 2001-11-05 11:19:59.0 -0800
f2c-20010821/src/defs.h2005-07-06 03:16:05.044617337 -0700
+@@ -64,7 +64,7 @@
+ extern int current_ftn_file;
+ extern int maxcontin;
+
+-extern char *blkdfname, *initfname, *sortfname;
++extern char blkdfname[], initfname[], sortfname[];
+ extern long headoffset; /* Since the header block requires data
we
+ don't know about until AFTER each
+ function has been processed, we keep a
+diff -uNr f2c-20010821.orig/src/format.c f2c-20010821/src/format.c
+--- f2c-20010821.orig/src/format.c 2001-11-05 11:20:03.0 -0800
f2c-20010821/src/format.c 2005-07-06 03:16:05.046616986 -0700
+@@ -90,7 +90,7 @@
+ FILE *infile;
+ static int wrote_one = 0;
+ extern int usedefsforcommon;
+-extern char *p1_file, *p1_bakfile;
++extern char p1_file[], p1_bakfile[];
+
+ this_proc_name[0] = '\0';
+ last_was_label = 0;
+diff -uNr f2c-20010821.orig/src/main.c f2c-20010821/src/main.c
+--- f2c-20010821.orig/src/main.c 2001-11-05 11:20:38.0 -0800
f2c-20010821/src/main.c2005-07-06 03:16:05.047616811 -0700
+@@ -214,13 +214,13 @@
+ f2c_entry (dneg, P_NO_ARGS, P_INT, dneg, YES)
+ }; /* table */
+
+-extern char *c_functions; /* c_functions*/
++extern char c_functions[];/* c_functions*/
+ extern char *coutput; /* c_output */
+-extern char *initfname;
