[dvdisaster] update to 0.72.5 fix format-security issue

Dmitry Butskoy buc at fedoraproject.org
Tue Dec 3 14:45:59 UTC 2013 

commit f160494efe04ce68fd07e0697c91fa5b417c3bee
Author: Dmitry Butskoy <Dmitry at Butskoy.name>
Date:   Tue Dec 3 18:45:28 2013 +0400

    update to 0.72.5
    fix format-security issue

 .gitignore                     |    1 +
 dvdisaster-0.72.5-printf.patch |   12 ++++++++++++
 dvdisaster.spec                |   10 ++++++++--
 sources                        |    2 +-
 4 files changed, 22 insertions(+), 3 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index e3ffdf5..62966c9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,4 @@ dvdisaster-0.72.1.tar.bz2
 /dvdisaster-0.72.2.tar.bz2
 /dvdisaster-0.72.3.tar.bz2
 /dvdisaster-0.72.4.tar.bz2
+/dvdisaster-0.72.5.tar.bz2
diff --git a/dvdisaster-0.72.5-printf.patch b/dvdisaster-0.72.5-printf.patch
new file mode 100644
index 0000000..72a0f34
--- /dev/null
+++ b/dvdisaster-0.72.5-printf.patch
@@ -0,0 +1,12 @@
+diff -Nrbu dvdisaster-0.72.5/tools/memory.c dvdisaster-0.72.5-OK/tools/memory.c
+--- dvdisaster-0.72.5/tools/memory.c	2012-03-26 16:46:05.000000000 +0400
++++ dvdisaster-0.72.5-OK/tools/memory.c	2013-12-03 18:35:17.910349374 +0400
+@@ -165,7 +165,7 @@
+ static void print_ptrs(char *msg)
+ {  int bucket,i,n=0;
+ 
+-   fprintf(stdout, msg);
++   fprintf(stdout, "%s", msg);
+ 
+    for(bucket=0; bucket<64; bucket++)
+       for(i=0; i<phCnt[bucket]; i++)
diff --git a/dvdisaster.spec b/dvdisaster.spec
index 8818188..9c09dc1 100644
--- a/dvdisaster.spec
+++ b/dvdisaster.spec
@@ -1,11 +1,12 @@
 Summary: Additional error protection for CD/DVD media
 Name: dvdisaster
-Version: 0.72.4
-Release: 3%{?dist}
+Version: 0.72.5
+Release: 1%{?dist}
 Group: Applications/Archiving
 License: GPLv2+
 URL: http://dvdisaster.net
 Source0: http://dvdisaster.net/downloads/dvdisaster-%{version}.tar.bz2
+Patch1: dvdisaster-0.72.5-printf.patch
 
 BuildRequires: gtk2-devel >= 2.6.0
 BuildRequires: gettext, desktop-file-utils
@@ -43,6 +44,7 @@ poškodí.
 
 %prep
 %setup -q
+%patch1 -p1
 
 
 %build
@@ -99,6 +101,10 @@ desktop-file-install \
 
 
 %changelog
+* Tue Dec  3 2013 Dmitry Butskoy <Dmitry at Butskoy.name> - 0.72.5-1
+- update to 0.72.5
+- fix format-security issue (#1037046)
+
 * Thu Aug  8 2013 Dmitry Butskoy <Dmitry at Butskoy.name> - 0.72.4-3
 - Use unversioned docdir (#993736)
 
diff --git a/sources b/sources
index c2ecece..e64f3d1 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-ad5e1d3758c536472c0ec36e3fc521fe  dvdisaster-0.72.4.tar.bz2
+73699996b76aebf83b42ce0a35746616  dvdisaster-0.72.5.tar.bz2

More information about the scm-commits mailing list