[sextractor] Fix format-security error (bz #1037322)

Sergio Pascual sergiopr at fedoraproject.org
Thu Dec 5 09:40:17 UTC 2013 

commit 5ba504f2176f3033475cc4b840922b12268102f8
Author: Sergio Pascual <sergiopr at fis.ucm.es>
Date:   Thu Dec 5 10:40:00 2013 +0100

    Fix format-security error (bz #1037322)

 sextractor-format-sec.patch |   12 ++++++++++++
 sextractor.spec             |    7 ++++++-
 2 files changed, 18 insertions(+), 1 deletions(-)
---
diff --git a/sextractor-format-sec.patch b/sextractor-format-sec.patch
new file mode 100644
index 0000000..0496758
--- /dev/null
+++ b/sextractor-format-sec.patch
@@ -0,0 +1,12 @@
+diff -ur sextractor-2.8.6/src/fits/fitskey.c sextractor-2.8.6.format/src/fits/fitskey.c
+--- sextractor-2.8.6/src/fits/fitskey.c	2009-01-29 14:51:59.000000000 +0100
++++ sextractor-2.8.6.format/src/fits/fitskey.c	2013-12-05 10:32:54.873268916 +0100
+@@ -946,7 +946,7 @@
+   if (kflag)
+     free(keys);
+   if (o_type == SHOW_SKYCAT) 
+-     fprintf(stream, skycattail);
++     fprintf(stream, "%s", skycattail);
+   return;
+   }
+ 
diff --git a/sextractor.spec b/sextractor.spec
index 298f393..9888150 100644
--- a/sextractor.spec
+++ b/sextractor.spec
@@ -1,6 +1,6 @@
 Name: sextractor
 Version: 2.8.6
-Release: 7%{?dist}
+Release: 8%{?dist}
 Summary: Extract catalogs of sources from astronomical images
 
 Group: Applications/Engineering
@@ -8,6 +8,7 @@ License: CeCILL
 URL: http://astromatic.iap.fr/software/%{name}
 Source0: ftp://ftp.iap.fr/pub/from_users/bertin/sextractor/%{name}-%{version}.tar.gz
 Patch0: sextractor-cflags.patch
+Patch1: sextractor-format-sec.patch
 BuildRequires: fftw-devel >= 3.1
 BuildRequires: atlas-devel >= 3.6.0
 
@@ -20,6 +21,7 @@ well on moderately crowded star fields.
 %prep
 %setup -q
 %patch0 -p1
+%patch1 -p1
 %if 0%{?fedora} >= 21
 # New atlas libs
 sed -i -e '/LIBS*=.*atlas/s,=.*,="-L%{_libdir}/atlas -lsatlas",' configure
@@ -43,6 +45,9 @@ install -m 644 -p config/default.nnw %{buildroot}%{_datadir}/%{name}
 %{_datadir}/%{name}/
 
 %changelog
+* Thu Dec 05 2013 Sergio Pascual <sergiopr at fedoraproject.org> - 2.8.6-8
+- Fix format-security error (bz #1037322)
+
 * Wed Oct 02 2013 Sergio Pascual <sergiopr at fedoraproject.org> - 2.8.6-7
 - Hack to build with monolithic ATLAS
 - Cleanup of the specfile

More information about the scm-commits mailing list