rpms/w3m/FC-6 w3m-0.5.1-CVE-2006-6772.patch, NONE, 1.1 w3m.spec, 1.34, 1.35

Mon Jan 15 04:07:37 UTC 2007

Author: pnemade

Update of /cvs/dist/rpms/w3m/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv16282

Modified Files:
	w3m.spec 
Added Files:
	w3m-0.5.1-CVE-2006-6772.patch 
Log Message:
-Resolves: rh#221484
---------------------------------------------------------


w3m-0.5.1-CVE-2006-6772.patch:
 file.c |    2 +-
 1 files changed, 1 insertion(+), 1 deletion(-)

--- NEW FILE w3m-0.5.1-CVE-2006-6772.patch ---
Fix for format string flaw (CVE-2006-6772)

--- w3m-0.5.1/file.c.orig	2007-01-03 20:42:05.000000000 +0100
+++ w3m-0.5.1/file.c	2007-01-03 20:44:11.000000000 +0100
@@ -7935,7 +7935,7 @@ inputAnswer(char *prompt)
 	ans = inputChar(prompt);
     }
     else {
-	printf(prompt);
+	printf("%s", prompt);
 	fflush(stdout);
 	ans = Strfgets(stdin)->ptr;
     }


Index: w3m.spec
===================================================================
RCS file: /cvs/dist/rpms/w3m/FC-6/w3m.spec,v
retrieving revision 1.34
retrieving revision 1.35
diff -u -r1.34 -r1.35
--- w3m.spec	12 Jul 2006 08:46:49 -0000	1.34
+++ w3m.spec	15 Jan 2007 04:07:35 -0000	1.35
@@ -4,7 +4,7 @@
 
 Name:		w3m
 Version:	0.5.1
-Release: 	14.1
+Release: 	15%{?dist}
 License:	BSD
 URL:		http://w3m.sourceforge.net/
 BuildRoot:	%{_tmppath}/%{name}-%{version}-buildroot
@@ -35,7 +35,7 @@
 Patch22:	w3m-cvs-20050328.patch
 Patch23:	w3m-fix-vi-prec-num.patch
 Patch24:	w3m-multilib.patch
-
+Patch25:        w3m-0.5.1-CVE-2006-6772.patch
 
 Summary:	A pager with Web browsing abilities.
 Group:		Applications/Internet
@@ -76,6 +76,7 @@
 %ifarch ppc64 s390x sparc64 x86_64
 %patch24 -p1
 %endif
+%patch25 -p1
 
 rm -rf gc
 tar xfz %{SOURCE20}
@@ -136,6 +137,9 @@
 %{_libexecdir}/w3m/w3mimgdisplay
 
 %changelog
+* Mon Jan 15 2007 Parag Nemade <pnemade at redhat.com> - 0.5.1-15
+- Resolves: rh#221484
+
 * Wed Jul 12 2006 Jesse Keating <jkeating at redhat.com> - 0.5.1-14.1
 - rebuild
 


