[efax] fix format-security flaws bz#1037050
Than Ngo
than at fedoraproject.org
Mon May 12 13:35:13 UTC 2014
commit 010351c31706a0a140fac602018af4bf6fa32f37
Author: Than Ngo <than at redhat.com>
Date: Mon May 12 15:33:17 2014 +0200
fix format-security flaws bz#1037050
efax-0.9a-001114-format-security.patch | 12 ++++++++++++
efax.spec | 7 ++++++-
2 files changed, 18 insertions(+), 1 deletions(-)
---
diff --git a/efax-0.9a-001114-format-security.patch b/efax-0.9a-001114-format-security.patch
new file mode 100644
index 0000000..0445d2f
--- /dev/null
+++ b/efax-0.9a-001114-format-security.patch
@@ -0,0 +1,12 @@
+diff -up efax-0.9a-001114/efaxlib.c.orig efax-0.9a-001114/efaxlib.c
+--- efax-0.9a-001114/efaxlib.c.orig 2014-05-12 15:28:17.000000000 +0200
++++ efax-0.9a-001114/efaxlib.c 2014-05-12 15:28:29.000000000 +0200
+@@ -1784,7 +1784,7 @@ int nextopage ( OFILE *f, int page )
+ tiffinit(f) ; /* rewind & update TIFF header */
+ break ;
+ case O_PCL:
+- fprintf ( f->f, PCLEND ) ;
++ fprintf ( f->f, "%s", PCLEND ) ;
+ break ;
+ case O_PS:
+ fprintf ( f->f, PSPAGEEND ) ;
diff --git a/efax.spec b/efax.spec
index 6fda021..ad12fef 100644
--- a/efax.spec
+++ b/efax.spec
@@ -1,7 +1,7 @@
Summary: A program for faxing using a Class 1, 2 or 2.0 fax modem
Name: efax
Version: 0.9a
-Release: 18.001114%{?dist}
+Release: 19.001114%{?dist}
License: GPLv2+
Group: Applications/Communications
Url: http://www.cce.com/efax/
@@ -18,6 +18,7 @@ Patch8: efax-0.9-quote.patch
Patch9: efax-0.9-msg-va_list.patch
Patch10: efax-0.9a-001114-crash.patch
Patch11: efax-0.9-pdf.patch
+Patch12: efax-0.9a-001114-format-security.patch
ExcludeArch: s390 s390x
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -45,6 +46,7 @@ Class 1, 2 or 2.0 fax modem.
%patch9 -p1 -b .msg-va_list
%patch10 -p1 -b .crash
%patch11 -p0 -b .pdf
+%patch12 -p1 -b .format-security
%build
make %{?_smp_mflags} RPM_OPT_FLAGS="-ansi $RPM_OPT_FLAGS -fno-strict-aliasing"
@@ -73,6 +75,9 @@ rm -rf %{buildroot}
%dir %{_localstatedir}/log/fax
%changelog
+* Mon May 12 2014 Than Ngo <than at redhat.com> - 0.9a-19.001114
+- fix format-security flaws bz#1037050
+
* Tue Aug 13 2013 Ralf Corsépius <corsepiu at fedoraproject.org> - 0.9a-18.001114
- Reformat efax-0.9-pdf.patch (Fix FTBFS RHBZ#992182).
More information about the scm-commits
mailing list