Pullup ticket 717 - reqested by Adrian Portelli

security fix for evolution Revisions pulled up: - pkgsrc/mail/evolution/Makefile 1.90 - pkgsrc/mail/evolution/distinfo 1.40 - pkgsrc/mail/evolution/patches/patch-ad 1.8 - pkgsrc/mail/evolution/patches/patch-ae 1.5 - pkgsrc/mail/evolution/patches/patch-af 1.6 - pkgsrc/mail/evolution/patches/patch-ag 1.7 Module Name: pkgsrc Committed By: adrianp Date: Wed Aug 24 10:59:12 UTC 2005 Modified Files: pkgsrc/mail/evolution: Makefile distinfo Added Files: pkgsrc/mail/evolution/patches: patch-ad patch-ae patch-af patch-ag Log Message: Fix for format string security issue: http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html Tested by myself and jmmv@ Bump to nb1
author: salo <salo> 2005-08-27 18:34:51 +0000
committer: salo <salo> 2005-08-27 18:34:51 +0000
commit: 06d5e2a04317b1225ef1440e471ce0ec69a4ad37 (patch)
tree: 77cff05ffb853f54376ac7d1e888d02ea6845ecf
parent: d892f0dc474261e83cb04ec095e4d39d6aac8db9 (diff)
download: pkgsrc-06d5e2a04317b1225ef1440e471ce0ec69a4ad37.tar.gz
6 files changed, 77 insertions, 3 deletions
diff --git a/mail/evolution/Makefile b/mail/evolution/Makefile
index b3b55f9ae42..d6b423e5605 100644
--- a/mail/evolution/Makefile
+++ b/mail/evolution/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.85 2005/06/06 14:53:19 hira Exp $
+# $NetBSD: Makefile,v 1.85.2.1 2005/08/27 18:34:51 salo Exp $
 
 DISTNAME=		evolution-2.2.2
-PKGREVISION=		1
+PKGREVISION=		2
 CATEGORIES=		mail time gnome
 MASTER_SITES=		${MASTER_SITE_GNOME:=sources/evolution/2.2/}
 EXTRACT_SUFX=		.tar.bz2
diff --git a/mail/evolution/distinfo b/mail/evolution/distinfo
index 417206f3450..7c7a74ce7b0 100644
--- a/mail/evolution/distinfo
+++ b/mail/evolution/distinfo
@@ -1,7 +1,11 @@
-$NetBSD: distinfo,v 1.38 2005/05/19 21:06:46 jmmv Exp $
+$NetBSD: distinfo,v 1.38.2.1 2005/08/27 18:34:51 salo Exp $
 
 SHA1 (evolution-2.2.2.tar.bz2) = 8072e99c1e458416465a66ac7f87c0af90fac1f2
 RMD160 (evolution-2.2.2.tar.bz2) = c2e93248436eb314c47cf99bdd050f4f56629f4d
 Size (evolution-2.2.2.tar.bz2) = 13858551 bytes
 SHA1 (patch-ab) = 871a322eefd1a42e7197da764d49cd1d24f6535d
 SHA1 (patch-ac) = eac530ef720daf3f8f812690496ae39b76691799
+SHA1 (patch-ad) = 10ab1a51ae42934a230ee015554370efc545e3fa
+SHA1 (patch-ae) = 2eacc3c614f157137af032dda79e7c5d50fe4b6c
+SHA1 (patch-af) = e005e105327ddc112ac68ade7f1f6ea2ec0fbf1c
+SHA1 (patch-ag) = ccef018483a082f7989d81173d264a67e9a01d71
diff --git a/mail/evolution/patches/patch-ad b/mail/evolution/patches/patch-ad
new file mode 100644
index 00000000000..181bd5412cc
--- /dev/null
+++ b/mail/evolution/patches/patch-ad
@@ -0,0 +1,13 @@
+$NetBSD: patch-ad,v 1.7.4.1 2005/08/27 18:34:51 salo Exp $
+
+--- calendar/gui/e-cal-component-preview.c.orig	2005-01-04 18:48:56.000000000 +0000
++++ calendar/gui/e-cal-component-preview.c
+@@ -284,7 +284,7 @@ write_html (GtkHTMLStream *stream, ECal 
+ 					str = g_string_append_c (str, text.value[i]);
+ 			}
+ 
+-			gtk_html_stream_printf (stream, str->str);
++			gtk_html_stream_printf (stream, "%s", str->str);
+ 			g_string_free (str, TRUE);
+ 		}
+ 
diff --git a/mail/evolution/patches/patch-ae b/mail/evolution/patches/patch-ae
new file mode 100644
index 00000000000..337556002cb
--- /dev/null
+++ b/mail/evolution/patches/patch-ae
@@ -0,0 +1,13 @@
+$NetBSD: patch-ae,v 1.4.10.1 2005/08/27 18:34:51 salo Exp $
+
+--- calendar/gui/e-calendar-view.c.orig	2005-04-18 15:29:04.000000000 +0100
++++ calendar/gui/e-calendar-view.c
+@@ -1079,7 +1079,7 @@ on_save_as (EPopup *ep, EPopupItem *pite
+ 		return;
+ 	}
+ 	
+-	fprintf (file, ical_string);
++	fprintf (file, "%s", ical_string);
+ 	g_free (ical_string);
+ 	fclose (file);
+ 
diff --git a/mail/evolution/patches/patch-af b/mail/evolution/patches/patch-af
new file mode 100644
index 00000000000..5b1b6b680aa
--- /dev/null
+++ b/mail/evolution/patches/patch-af
@@ -0,0 +1,13 @@
+$NetBSD: patch-af,v 1.5.6.1 2005/08/27 18:34:51 salo Exp $
+
+--- calendar/gui/e-calendar-table.c.orig	2005-01-25 11:18:16.000000000 +0000
++++ calendar/gui/e-calendar-table.c
+@@ -1027,7 +1027,7 @@ e_calendar_table_on_save_as (EPopup *ep,
+ 		return;
+ 	}
+ 	
+-	fprintf (file, ical_string);
++	fprintf (file, "%s", ical_string);
+ 	g_free (ical_string);
+ 	fclose (file);
+ }
diff --git a/mail/evolution/patches/patch-ag b/mail/evolution/patches/patch-ag
new file mode 100644
index 00000000000..2a08a557db2
--- /dev/null
+++ b/mail/evolution/patches/patch-ag
@@ -0,0 +1,31 @@
+$NetBSD: patch-ag,v 1.6.6.1 2005/08/27 18:34:51 salo Exp $
+
+--- addressbook/gui/widgets/eab-contact-display.c.orig	2005-04-28 10:23:01.000000000 +0100
++++ addressbook/gui/widgets/eab-contact-display.c
+@@ -353,7 +353,7 @@ render_contact (GtkHTMLStream *html_stre
+ 	accum_multival_attribute (accum, contact, _("Yahoo"), E_CONTACT_IM_YAHOO, YAHOO_ICON, 0);
+ 
+ 	if (accum->len > 0)
+-		gtk_html_stream_printf (html_stream, accum->str);
++		gtk_html_stream_printf (html_stream, "%s", accum->str);
+ 
+ 	end_block (html_stream);
+ 
+@@ -368,7 +368,7 @@ render_contact (GtkHTMLStream *html_stre
+ 
+ 	if (accum->len > 0) {
+ 		start_block (html_stream, _("work"));
+-		gtk_html_stream_printf (html_stream, accum->str);
++		gtk_html_stream_printf (html_stream, "%s", accum->str);
+ 		end_block (html_stream);
+ 	}
+ 
+@@ -383,7 +383,7 @@ render_contact (GtkHTMLStream *html_stre
+ 
+ 	if (accum->len > 0) {
+ 		start_block (html_stream, _("personal"));
+-		gtk_html_stream_printf (html_stream, accum->str);
++		gtk_html_stream_printf (html_stream, "%s", accum->str);
+ 		end_block (html_stream);
+ 	}
+
author	salo <salo>	2005-08-27 18:34:51 +0000
committer	salo <salo>	2005-08-27 18:34:51 +0000
commit	06d5e2a04317b1225ef1440e471ce0ec69a4ad37 (patch)
tree	77cff05ffb853f54376ac7d1e888d02ea6845ecf
parent	d892f0dc474261e83cb04ec095e4d39d6aac8db9 (diff)
download	pkgsrc-06d5e2a04317b1225ef1440e471ce0ec69a4ad37.tar.gz