[phasex] Format security

[Brendan Jones]

commit f117912fac52011bcd4c51dff2afaf2cb4b016af
Author: Brendan Jones <brendan.jones.it at gmail.com>
Date:   Mon Jun 30 03:02:15 2014 +0200

    Format security

 phasex-format.patch |   12 ++++++++++++
 phasex.spec         |    4 +++-
 2 files changed, 15 insertions(+), 1 deletions(-)
---
diff --git a/phasex-format.patch b/phasex-format.patch
new file mode 100644
index 0000000..b2c9dcb
--- /dev/null
+++ b/phasex-format.patch
@@ -0,0 +1,12 @@
+diff -Nurp phasex-dev-m1.orig/src/phasex.c phasex-dev-m1.new/src/phasex.c
+--- phasex-dev-m1.orig/src/phasex.c	2010-08-26 11:23:25.000000000 +0200
++++ phasex-dev-m1.new/src/phasex.c	2014-06-29 21:36:46.802878363 +0200
+@@ -298,7 +298,7 @@ phasex_shutdown(const char *msg) {
+ 
+     /* output message from caller */
+     if (msg != NULL) {
+-	fprintf (stderr, msg);
++	fprintf (stderr, "%s", msg);
+     }
+ 
+     /* set the global shutdown flag */
diff --git a/phasex.spec b/phasex.spec
index 6bcf8e1..1a2217c 100644
--- a/phasex.spec
+++ b/phasex.spec
@@ -4,7 +4,7 @@
 
 Name:  phasex
 Version: 0.12.0
-Release: 0.12.%{prerel}%{?dist}
+Release: 1.12.%{prerel}%{?dist}
 Summary: PHASEX -- Phase Harmonic Advanced Synthesis EXperiment
 Group:  Applications/Multimedia
 License: GPLv2
@@ -12,6 +12,7 @@ URL:  https://github.com/disabled/phasex-dev
 
 Source0: https://github.com/downloads/disabled/phasex-dev/%{name}-%{prerel_d}.tar.gz
 Patch0: phasex-cflags.patch
+Patch1: phasex-format.patch
 
 BuildRequires: glibc-devel >= 2.3.0
 BuildRequires: alsa-lib-devel >= 0.9.0
@@ -39,6 +40,7 @@ processing capabilities, and more.
 %prep
 %setup -q -n %{name}-%{prerel_d}
 %patch0 -p1 -b .cflags
+%patch1 -p1 -b .format
 
 # Fix DSO linking
 sed -i -e 's|\(-lpthread\)|\1 -lX11 -lgmodule-2.0|' configure