rpms/libsilc/F-11 silc-toolkit-1.1.8-stringformat2.patch, NONE, 1.1 libsilc.spec, 1.27, 1.28
Stu Tomlinson
nosnilmot at fedoraproject.org
Fri Sep 4 14:38:02 UTC 2009
Author: nosnilmot
Update of /cvs/pkgs/rpms/libsilc/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv27752/F-11
Modified Files:
libsilc.spec
Added Files:
silc-toolkit-1.1.8-stringformat2.patch
Log Message:
- Backport patch to fix additional string format vulnerabilities (#515648)
silc-toolkit-1.1.8-stringformat2.patch:
command.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
--- NEW FILE silc-toolkit-1.1.8-stringformat2.patch ---
From: Pekka Riikonen <priikone at silcnet.org>
Date: Fri, 7 Aug 2009 11:48:46 +0000 (+0300)
Subject: More string format fixes in silcd and client libary
X-Git-Tag: silc.toolkit.1.1.10^0
X-Git-Url: http://git.silcnet.org/gitweb/?p=silc.git;a=commitdiff_plain;h=8cb801cf6482666818e721822ce81c81ec818908
More string format fixes in silcd and client libary
---
diff --git a/lib/silcclient/command.c b/lib/silcclient/command.c
index 0e72368..1a4b446 100644
--- a/lib/silcclient/command.c
+++ b/lib/silcclient/command.c
@@ -956,7 +956,7 @@ SILC_FSM_STATE(silc_client_command_topic)
}
if (client->internal->params->full_channel_names)
- silc_snprintf(tmp, sizeof(tmp), conn->current_channel->channel_name);
+ silc_snprintf(tmp, sizeof(tmp), "%s", conn->current_channel->channel_name);
else
silc_snprintf(tmp, sizeof(tmp), "%s%s%s",
conn->current_channel->channel_name,
@@ -2144,7 +2144,7 @@ SILC_FSM_STATE(silc_client_command_kick)
}
if (client->internal->params->full_channel_names)
- silc_snprintf(tmp, sizeof(tmp), conn->current_channel->channel_name);
+ silc_snprintf(tmp, sizeof(tmp), "%s", conn->current_channel->channel_name);
else
silc_snprintf(tmp, sizeof(tmp), "%s%s%s",
conn->current_channel->channel_name,
@@ -2554,7 +2554,7 @@ SILC_FSM_STATE(silc_client_command_leave)
}
if (client->internal->params->full_channel_names)
- silc_snprintf(tmp, sizeof(tmp), conn->current_channel->channel_name);
+ silc_snprintf(tmp, sizeof(tmp), "%s", conn->current_channel->channel_name);
else
silc_snprintf(tmp, sizeof(tmp), "%s%s%s",
conn->current_channel->channel_name,
@@ -2621,7 +2621,7 @@ SILC_FSM_STATE(silc_client_command_users)
}
if (conn->client->internal->params->full_channel_names)
- silc_snprintf(tmp, sizeof(tmp), conn->current_channel->channel_name);
+ silc_snprintf(tmp, sizeof(tmp), "%s", conn->current_channel->channel_name);
else
silc_snprintf(tmp, sizeof(tmp), "%s%s%s",
conn->current_channel->channel_name,
Index: libsilc.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libsilc/F-11/libsilc.spec,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -p -r1.27 -r1.28
--- libsilc.spec 5 Aug 2009 15:01:06 -0000 1.27
+++ libsilc.spec 4 Sep 2009 14:38:02 -0000 1.28
@@ -1,7 +1,7 @@
Summary: SILC Client Library
Name: libsilc
Version: 1.1.8
-Release: 5%{dist}
+Release: 6%{dist}
License: GPLv2 or BSD
Group: System Environment/Libraries
URL: http://www.silcnet.org/
@@ -11,6 +11,7 @@ Patch1: silc-toolkit-1.1.5-libidn.patch
Patch2: silc-toolkit-1.1.5-docinst.patch
Patch3: silc-toolkit-1.1.8-libtool.patch
Patch4: silc-toolkit-1.1.8-stringformat.patch
+Patch5: silc-toolkit-1.1.8-stringformat2.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
BuildRequires: libidn-devel
BuildRequires: libtool, autoconf, automake
@@ -46,6 +47,7 @@ applications.
%patch2 -p1 -b .docinst
%patch3 -p1 -b .libtool
%patch4 -p1 -b .stringformat
+%patch5 -p1 -b .stringformat2
# filter out libsilc module SONAME Provides (#245323)
cat << \EOF > %{name}-prov
@@ -135,6 +137,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Fri Sep 04 2009 Stu Tomlinson <stu at nosnilmot.com> 1.1.8-6
+- Backport patch to fix additional string format vulnerabilities (#515648)
+
* Wed Aug 05 2009 Stu Tomlinson <stu at nosnilmot.com> 1.1.8-5
- Backport patch to fix string format vulnerability (#515648)
More information about the fedora-extras-commits
mailing list