[efax] fix format-security flaws bz#1037050

Than Ngo than at fedoraproject.org
Mon May 12 13:35:13 UTC 2014 

commit 010351c31706a0a140fac602018af4bf6fa32f37
Author: Than Ngo <than at redhat.com>
Date:   Mon May 12 15:33:17 2014 +0200

    fix format-security flaws bz#1037050

 efax-0.9a-001114-format-security.patch |   12 ++++++++++++
 efax.spec                              |    7 ++++++-
 2 files changed, 18 insertions(+), 1 deletions(-)
---
diff --git a/efax-0.9a-001114-format-security.patch b/efax-0.9a-001114-format-security.patch
new file mode 100644
index 0000000..0445d2f
--- /dev/null
+++ b/efax-0.9a-001114-format-security.patch
@@ -0,0 +1,12 @@
+diff -up efax-0.9a-001114/efaxlib.c.orig efax-0.9a-001114/efaxlib.c
+--- efax-0.9a-001114/efaxlib.c.orig	2014-05-12 15:28:17.000000000 +0200
++++ efax-0.9a-001114/efaxlib.c	2014-05-12 15:28:29.000000000 +0200
+@@ -1784,7 +1784,7 @@ int nextopage ( OFILE *f, int page )
+       tiffinit(f) ;		/* rewind & update TIFF header */
+       break ;
+     case O_PCL:
+-      fprintf ( f->f, PCLEND ) ;
++      fprintf ( f->f, "%s", PCLEND ) ;
+       break ;
+     case O_PS:
+       fprintf ( f->f, PSPAGEEND ) ;
diff --git a/efax.spec b/efax.spec
index 6fda021..ad12fef 100644
--- a/efax.spec
+++ b/efax.spec
@@ -1,7 +1,7 @@
 Summary: A program for faxing using a Class 1, 2 or 2.0 fax modem
 Name: efax
 Version: 0.9a
-Release: 18.001114%{?dist}
+Release: 19.001114%{?dist}
 License: GPLv2+
 Group: Applications/Communications
 Url: http://www.cce.com/efax/
@@ -18,6 +18,7 @@ Patch8: efax-0.9-quote.patch
 Patch9: efax-0.9-msg-va_list.patch
 Patch10: efax-0.9a-001114-crash.patch
 Patch11: efax-0.9-pdf.patch
+Patch12: efax-0.9a-001114-format-security.patch
 
 ExcludeArch: s390 s390x
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -45,6 +46,7 @@ Class 1, 2 or 2.0 fax modem.
 %patch9 -p1 -b .msg-va_list
 %patch10 -p1 -b .crash
 %patch11 -p0 -b .pdf
+%patch12 -p1 -b .format-security
 
 %build
 make %{?_smp_mflags} RPM_OPT_FLAGS="-ansi $RPM_OPT_FLAGS -fno-strict-aliasing"
@@ -73,6 +75,9 @@ rm -rf %{buildroot}
 %dir %{_localstatedir}/log/fax
 
 %changelog
+* Mon May 12 2014 Than Ngo <than at redhat.com> - 0.9a-19.001114
+- fix format-security flaws bz#1037050
+
 * Tue Aug 13 2013 Ralf Corsépius <corsepiu at fedoraproject.org> - 0.9a-18.001114
 - Reformat efax-0.9-pdf.patch (Fix FTBFS RHBZ#992182).

More information about the scm-commits mailing list