[rakarrack] add patch for format function security (rhbz#1037302), and apply it.
David Timms
dtimms at fedoraproject.org
Tue May 13 11:28:44 UTC 2014
commit 2829b51ef74556e6cfc3a2c1d8f91d68e6aa9920
Author: David Timms <dtimms at iinet.net.au>
Date: Tue May 13 20:50:23 2014 +1000
add patch for format function security (rhbz#1037302), and apply it.
rakarrack-0.6.2.format-security.diff | 29 +++++++++++++++++++++++++++++
rakarrack.spec | 9 ++++++++-
2 files changed, 37 insertions(+), 1 deletions(-)
---
diff --git a/rakarrack-0.6.2.format-security.diff b/rakarrack-0.6.2.format-security.diff
new file mode 100644
index 0000000..aaca811
--- /dev/null
+++ b/rakarrack-0.6.2.format-security.diff
@@ -0,0 +1,29 @@
+--- rakarrack-git-b358630c2c17ef6b18b97ff5d22f91664033197b.orig/src/rakarrack.cxx 2013-04-14 23:10:34.000000000 +1000
++++ rakarrack-git-b358630c2c17ef6b18b97ff5d22f91664033197b/src/rakarrack.cxx 2014-05-13 07:04:04.917008568 +1000
+@@ -23583,7 +23583,7 @@
+ Fl_Widget *m = fl_message_icon();
+ m->parent()->copy_label(rkr->jackcliname);
+ sprintf(temp2,"Overwrite \"%s\"?",w->label());
+- ok=fl_choice(temp2, "No","Yes", NULL);
++ ok=fl_choice("%s", temp2, "No", "Yes", NULL);
+ if (!ok)
+ {
+ o->value(0);
+@@ -24850,7 +24850,7 @@
+ w->parent()->copy_label(rkr->jackcliname);
+
+
+- ok=fl_choice("Bank was modified, but not saved", "Discard","Save",NULL);
++ ok=fl_choice("%s", "Bank was modified, but not saved", "Discard", "Save", NULL);
+
+
+
+@@ -28008,7 +28008,7 @@
+ }
+
+ sprintf(temp2,"Delete? \"%s\"",s->text());
+-ok=fl_choice("%d",temp2,"No","Yes",NULL);
++ok=fl_choice("%s", temp2, "No", "Yes", NULL);
+ if (!ok) return;
+ memset(Rname,0,sizeof(Rname));
+ sprintf(Rname,"%s",s->text());
diff --git a/rakarrack.spec b/rakarrack.spec
index e5ce8d2..462e4e7 100644
--- a/rakarrack.spec
+++ b/rakarrack.spec
@@ -5,7 +5,7 @@
Summary: Audio effects processing rack for guitar
Name: rakarrack
Version: 0.6.2
-Release: 0.1.20130414git%{shortcommit}%{?dist}
+Release: 0.2.20130414git%{shortcommit}%{?dist}
License: GPLv2
Group: Applications/Multimedia
URL: http://%{name}.sourceforge.net/
@@ -13,6 +13,8 @@ URL: http://%{name}.sourceforge.net/
#S#ource0: http://rakarrack.git.sourceforge.net/git/gitweb.cgi?p=rakarrack/rakarrack;a=snapshot;h=47245c3fd30dc326fedd7cdae444ddcf0fd97490;sf=tgz
#S#ource0: rakarrack-47245c3.tar.gz
Source0: http://sourceforge.net/code-snapshots/git/r/ra/rakarrack/git.git/rakarrack-git-%{commit}.zip
+Patch1: rakarrack-0.6.2.format-security.diff
+
Requires: hicolor-icon-theme
@@ -48,6 +50,8 @@ Nasca is our hero and a continuous inspiration
# for git snapshot
%setup -q -n %{name}-git-%{commit}
+%patch1 -p1 -b .format-security
+
%{__sed} -i 's/Icon=icono_rakarrack_128x128/Icon=rakarrack/' data/%{name}.desktop
%{__sed} -i 's/Guitar Effects Processor/Real-time audio effects processing rack for guitar/' data/%{name}.desktop
echo "GenericName=Digital audio effects processor" >> data/%{name}.desktop
@@ -125,6 +129,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
%changelog
+* Mon May 12 2014 David Timms <iinet.net.au @ dtimms> - 0.6.2-0.2.20130414gitb358630
+- Apply patch for format function security.
+
* Mon May 12 2014 David Timms <iinet.net.au @ dtimms> - 0.6.2-0.1.20130414gitb358630
- Update to current git snapshot from 2013-04-14
More information about the scm-commits
mailing list