[graphviz/el5] Fixed format string vulnerability
Jaroslav Škarvada
jskarvad at fedoraproject.org
Tue Nov 25 17:06:09 UTC 2014
commit a3626aee12316e72e5d47b273fcfea1dd5a94c2d
Author: Jaroslav Škarvada <jskarvad at redhat.com>
Date: Tue Nov 25 18:06:04 2014 +0100
Fixed format string vulnerability
Resolves: rhbz#1167869
graphviz-2.12-format-string.patch | 13 +++++++++++++
graphviz.spec | 9 ++++++++-
2 files changed, 21 insertions(+), 1 deletions(-)
---
diff --git a/graphviz-2.12-format-string.patch b/graphviz-2.12-format-string.patch
new file mode 100644
index 0000000..afa66b4
--- /dev/null
+++ b/graphviz-2.12-format-string.patch
@@ -0,0 +1,13 @@
+diff --git a/lib/agraph/scan.l b/lib/agraph/scan.l
+index 02eaaab..799ff89 100644
+--- a/lib/agraph/scan.l
++++ b/lib/agraph/scan.l
+@@ -179,7 +179,7 @@ void yyerror(char *str)
+ agxbput (&xb, buf);
+ agxbput (&xb, yytext);
+ agxbput (&xb,"'\n");
+- agerror(AGERROR_SYNTAX,agxbuse(&xb));
++ agerror(AGERROR_SYNTAX, "%s", agxbuse(&xb));
+ agxbfree(&xb);
+ }
+ /* must be here to see flex's macro defns */
diff --git a/graphviz.spec b/graphviz.spec
index 56ef91a..f1a929e 100644
--- a/graphviz.spec
+++ b/graphviz.spec
@@ -7,7 +7,7 @@
#-- graphviz src.rpm --------------------------------------------------------
Name: graphviz
Version: 2.12
-Release: 10%{?dist}
+Release: 11%{?dist}
License: CPL
URL: http://www.graphviz.org/
@@ -18,6 +18,8 @@ Patch1: %{name}-libcdt.patch
Patch2: graphviz-2.12-CVE-2014-0978-CVE-2014-1235.patch
# Fix chknum overflow (CVE-2014-1236)
Patch3: graphviz-2.12-CVE-2014-1236.patch
+# Backported from upstream
+Patch4: graphviz-2.12-format-string.patch
# graphviz is relocatable
#Prefix: /usr
@@ -414,6 +416,7 @@ Provides some additional PDF and HTML documentation for graphviz.
%patch1 -p1
%patch2 -p1 -b .CVE-2014-0978-CVE-2014-1235
%patch3 -p1 -b .CVE-2014-1236
+%patch4 -p1 -b .format-string
%build
# XXX ix86 only used to have -ffast-math, let's use everywhere
@@ -450,6 +453,10 @@ rm -rf $RPM_BUILD_ROOT
#-- changelog --------------------------------------------------
%changelog
+* Tue Nov 25 2014 Jaroslav Škarvada <jskarvad at redhat.com> - 2.12-11
+- Fixed format string vulnerability
+ Resolves: rhbz#1167869
+
* Fri Jan 10 2014 Jaroslav Škarvada <jskarvad at redhat.com> - 2.12-10
- Prevent possible buffer overflow in yyerror()
Resolves: CVE-2014-1235
More information about the scm-commits
mailing list