Pullup ticket 2026 - requested by salo

security update for xine-ui

- pkgsrc/multimedia/xine-ui/Makefile			1.30, 1.34 via patch
- pkgsrc/multimedia/xine-ui/distinfo			1.12, 1.14 via patch
- pkgsrc/multimedia/xine-ui/patches/patch-ai		1.2
- pkgsrc/multimedia/xine-ui/patches/patch-aq		1.2
- pkgsrc/multimedia/xine-ui/patches/patch-ar		1.2
- pkgsrc/multimedia/xine-ui/patches/patch-as		1.1
- pkgsrc/multimedia/xine-ui/patches/patch-au		1.1
- pkgsrc/multimedia/xine-ui/patches/patch-av		1.1
- pkgsrc/multimedia/xine-ui/patches/patch-aw		1.1
- pkgsrc/multimedia/xine-ui/patches/patch-ax		1.1
- pkgsrc/multimedia/xine-ui/patches/patch-ay		1.1
- pkgsrc/multimedia/xine-ui/patches/patch-az		1.1
- pkgsrc/multimedia/xine-ui/patches/patch-ba		1.1
- pkgsrc/multimedia/xine-ui/patches/patch-bb		1.1
- pkgsrc/multimedia/xine-ui/patches/patch-bc		1.1

   Module Name:	pkgsrc
   Committed By:	drochner
   Date:		Tue Jan  9 14:52:41 UTC 2007

   Modified Files:
	   pkgsrc/multimedia/xine-ui: Makefile distinfo
	   pkgsrc/multimedia/xine-ui/patches: patch-ar
   Added Files:
	   pkgsrc/multimedia/xine-ui/patches: patch-as

   Log Message:
   fix PR pkg/35375: xine-ui freezes konsole sessions from
   Sergey Svishchev, patch from xine CVS
---
   Module Name:	pkgsrc
   Committed By:	salo
   Date:		Sat Feb 17 22:48:18 UTC 2007

   Modified Files:
	   pkgsrc/multimedia/xine-ui: Makefile distinfo
	   pkgsrc/multimedia/xine-ui/patches: patch-ai patch-aq
   Added Files:
	   pkgsrc/multimedia/xine-ui/patches: patch-au patch-av patch-aw patch-ax
	       patch-ay patch-az patch-ba patch-bb patch-bc

   Log Message:
   Security fixes for CVE-2007-0254 (and more):

   "A vulnerability has been reported in xine-ui, which potentially can be
    exploited by malicious people to compromise a user's system.

    The vulnerability is caused due to a format string error within the
    "errors_create_window()" function in errors.c. This may be exploited to
    execute arbitrary code by e.g. tricking a user into opening a specially
    crafted playlist file."

   Patch from SUSE.
   Bump PKGREVISION.

   XXX: The sources are a real mess.  My condolences to everyone using it.
        And good luck, you'll need it!..

15 files changed, 388 insertions, 15 deletions

diff --git a/multimedia/xine-ui/Makefile b/multimedia/xine-ui/Makefile
index 3af490055ee..2e34bd88c9b 100644
--- a/multimedia/xine-ui/Makefile
+++ b/multimedia/xine-ui/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.28 2006/12/15 20:32:59 joerg Exp $
+# $NetBSD: Makefile,v 1.28.2.1 2007/03/05 12:11:41 ghen Exp $
 #
 
 DISTNAME=		xine-ui-0.99.4
-PKGREVISION=		4
+PKGREVISION=		8
 CATEGORIES=		multimedia
 MASTER_SITES=		${MASTER_SITE_SOURCEFORGE:=xine/}
 
diff --git a/multimedia/xine-ui/distinfo b/multimedia/xine-ui/distinfo
index ce38c6c5875..a74d1e171d9 100644
--- a/multimedia/xine-ui/distinfo
+++ b/multimedia/xine-ui/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.11 2006/04/21 11:11:26 drochner Exp $
+$NetBSD: distinfo,v 1.11.6.1 2007/03/05 12:11:42 ghen Exp $
 
 SHA1 (xine-ui-0.99.4.tar.gz) = b982e5697f183559c216f9243b9410d61b9c58aa
 RMD160 (xine-ui-0.99.4.tar.gz) = eeead5c6e566ade5505c8fcb924272c74eb4f49a
@@ -7,10 +7,20 @@ SHA1 (patch-aa) = 4221e235da0b2047d218a9123f82a40cce92e15b
 SHA1 (patch-ae) = 1d5887168efd340f047dfdb9e135ce12c18e2d5f
 SHA1 (patch-ag) = dddbea5257a5b21e3a7ba21207661f4a47a9fa7e
 SHA1 (patch-ah) = 9d61282de803459e4b9c49814796dcc97658849d
-SHA1 (patch-ai) = 78228fa174cb0d455a9debec18125d9ee13d34dd
+SHA1 (patch-ai) = 68bd0bdb39ecacd993335707a8843fd696067633
 SHA1 (patch-al) = d00f3ad348450e209d55ba69c1c053fce7d359b3
 SHA1 (patch-am) = 57567b2c1f86ef575ff4abcbfaa5f06e3178a056
 SHA1 (patch-ao) = 09e83615b88dffbdfeb0b0bad07dcdc60024ba67
 SHA1 (patch-ap) = f4f360e5fc8008882f07c649b7ea29ef163c6731
-SHA1 (patch-aq) = 212d5c561422e5866cdc05cd39c609b1274aa8b6
-SHA1 (patch-ar) = a64614bc76e73a7d0600daee0a72affe2dc6de15
+SHA1 (patch-aq) = 393f889a397c60a9cb1940f197e92efd12cb13bb
+SHA1 (patch-ar) = 50c45ce7c272385100bc562b8d1d668c3d860df7
+SHA1 (patch-as) = 96f680bcab84c7a832f0ea4ae2b6a5b687f79244
+SHA1 (patch-au) = 1ab308585b3c806931fc0dd60dd82794a46cc4a9
+SHA1 (patch-av) = 0d36d3f7603752e5bfe98215ced4a878d4ec2058
+SHA1 (patch-aw) = 2cbb4e5a17faa79fb8d6607e52a9fa9d965ac884
+SHA1 (patch-ax) = 5388a8cb6fa73bbc001e7b1ad2ed4d25dc2425a8
+SHA1 (patch-ay) = f7252e705e017957238c3be37fbe52aea698785b
+SHA1 (patch-az) = 696c9a25ac25ba7940d976399519caadc4932c4b
+SHA1 (patch-ba) = 02493f55c8c1330a1eae6c109b51a4f5cdbe12d1
+SHA1 (patch-bb) = ebbfcc327d3918b152205a7907fc7c4252b7e1c2
+SHA1 (patch-bc) = 584d14552fd0acaaf32e64a4fa8c2886b4b16b84
diff --git a/multimedia/xine-ui/patches/patch-ai b/multimedia/xine-ui/patches/patch-ai
index dd7f4e1f024..c559e6b6832 100644
--- a/multimedia/xine-ui/patches/patch-ai
+++ b/multimedia/xine-ui/patches/patch-ai
@@ -1,7 +1,7 @@
-$NetBSD: patch-ai,v 1.1 2004/05/12 16:42:49 drochner Exp $
+$NetBSD: patch-ai,v 1.1.22.1 2007/03/05 12:11:42 ghen Exp $
 
---- src/xitk/xine-remote.c.orig	2004-05-11 23:39:22.000000000 +0200
-+++ src/xitk/xine-remote.c	2004-05-11 23:45:24.000000000 +0200
+--- src/xitk/xine-remote.c.orig	2005-07-16 21:05:32.000000000 +0200
++++ src/xitk/xine-remote.c	2007-02-17 22:24:26.000000000 +0100
 @@ -30,6 +30,7 @@
  #endif
  /* required for strncasecmp() */
@@ -30,3 +30,120 @@ $NetBSD: patch-ai,v 1.1 2004/05/12 16:42:49 drochner Exp $
  
  #include "common.h"
  
+@@ -638,7 +639,7 @@ static int write_to_console(session_t *s
+   va_end(args);
+   
+   pthread_mutex_lock(&session->console_mutex);
+-  err = write_to_console_unlocked(session, buf);
++  err = write_to_console_unlocked(session, "%s", buf);
+   pthread_mutex_unlock(&session->console_mutex);
+ 
+   return err;
+@@ -998,7 +999,7 @@ static void *select_thread(void *data) {
+ 		  write_to_console_unlocked_nocr(session, "\b \b");
+ 		  pos--;
+ 		}
+-		write_to_console_unlocked(session, obuffer);
++		write_to_console_unlocked(session, "%s", obuffer);
+ 
+ 		rl_crlf();
+ 		rl_forced_update_display();
+@@ -1082,7 +1083,7 @@ static void client_handle_command(sessio
+ 	  
+ 	  *pp = '\0';
+ 	  
+-	  if((sock_write(session->socket, buf)) == -1) {
++	  if((sock_write(session->socket, "%s", buf)) == -1) {
+ 	    session->running = 0;
+ 	  }
+ 	}
+@@ -1094,7 +1095,7 @@ static void client_handle_command(sessio
+   
+   /* Perhaps a ';' separated commands, so send anyway to server */
+   if(found == 0) {
+-    sock_write(session->socket, (char *)command);
++    sock_write(session->socket, "%s", (char *)command);
+   }
+   
+   if((!strncasecmp(cmd, "exit", strlen(cmd))) || (!strncasecmp(cmd, "halt", strlen(cmd)))) {
+@@ -1714,7 +1715,7 @@ static void do_commands(commands_t *cmd,
+     i++;
+   }
+   sprintf(buf, "%s.\n", buf);
+-  sock_write(client_info->socket, buf);
++  sock_write(client_info->socket, "%s", buf);
+ }
+ 
+ static void do_help(commands_t *cmd, client_info_t *client_info) {
+@@ -1760,7 +1761,7 @@ static void do_help(commands_t *cmd, cli
+     }
+     
+     sprintf(buf, "%s\n", buf);
+-    sock_write(client_info->socket, buf);
++    sock_write(client_info->socket, "%s", buf);
+   }
+   else {
+     int i;
+@@ -2096,7 +2097,7 @@ static void do_get(commands_t *cmd, clie
+ 	  sprintf(buf, "%s%s", buf, "*UNKNOWN*");
+ 	
+ 	sprintf(buf, "%s%c", buf, '\n');
+-	sock_write(client_info->socket, buf);
++	sock_write(client_info->socket, "%s", buf);
+       }
+       else if(is_arg_contain(client_info, 1, "speed")) {
+ 	char buf[64];
+@@ -2116,7 +2117,7 @@ static void do_get(commands_t *cmd, clie
+ 	  sprintf(buf, "%s%s", buf, "*UNKNOWN*");
+ 	
+ 	sprintf(buf, "%s%c", buf, '\n');
+-	sock_write(client_info->socket, buf);
++	sock_write(client_info->socket, "%s", buf);
+       }
+       else if(is_arg_contain(client_info, 1, "position")) {
+ 	char buf[64];
+@@ -2128,7 +2129,7 @@ static void do_get(commands_t *cmd, clie
+ 			    &pos_time,
+ 			    &length_time);
+ 	snprintf(buf, sizeof(buf), "%s: %d\n", "Current position", pos_time);
+-	sock_write(client_info->socket, buf);
++	sock_write(client_info->socket, "%s", buf);
+       }
+       else if(is_arg_contain(client_info, 1, "length")) {
+ 	char buf[64];
+@@ -2140,7 +2141,7 @@ static void do_get(commands_t *cmd, clie
+ 			    &pos_time,
+ 			    &length_time);
+ 	snprintf(buf, sizeof(buf), "%s: %d\n", "Current length", length_time);
+-	sock_write(client_info->socket, buf);
++	sock_write(client_info->socket, "%s", buf);
+       }
+       else if(is_arg_contain(client_info, 1, "loop")) {
+ 	char buf[64];
+@@ -2169,7 +2170,7 @@ static void do_get(commands_t *cmd, clie
+ 	}
+ 
+ 	sprintf(buf, "%s.\n", buf);
+-	sock_write(client_info->socket, buf);
++	sock_write(client_info->socket, "%s", buf);
+       }
+     }
+     else if(nargs >= 2) {
+@@ -2552,7 +2553,7 @@ static void do_halt(commands_t *cmd, cli
+ static void network_messenger(void *data, char *message) {
+   int socket = (int) data;
+   
+-  sock_write(socket, message);
++  sock_write(socket, "%s", message);
+ }
+ 
+ static void do_snap(commands_t *cmd, client_info_t *client_info) {
+@@ -2577,7 +2578,7 @@ static void say_hello(client_info_t *cli
+   else {
+     snprintf(buf, sizeof(buf), "%s %s %s\n", PACKAGE, VERSION, "remote server. Nice to meet you.");
+   }
+-  sock_write(client_info->socket, buf);
++  sock_write(client_info->socket, "%s", buf);
+   
+ }
+ 
diff --git a/multimedia/xine-ui/patches/patch-aq b/multimedia/xine-ui/patches/patch-aq
index 735ed737e98..64ba45643f6 100644
--- a/multimedia/xine-ui/patches/patch-aq
+++ b/multimedia/xine-ui/patches/patch-aq
@@ -1,7 +1,7 @@
-$NetBSD: patch-aq,v 1.1 2006/04/21 11:11:26 drochner Exp $
+$NetBSD: patch-aq,v 1.1.8.1 2007/03/05 12:11:42 ghen Exp $
 
---- src/xitk/main.c.orig	2006-04-20 11:59:48.000000000 +0200
-+++ src/xitk/main.c
+--- src/xitk/main.c.orig	2007-02-17 22:10:56.000000000 +0100
++++ src/xitk/main.c	2007-02-17 22:10:38.000000000 +0100
 @@ -456,7 +456,7 @@ static void print_formatted(char *title,
    int          len;
    char        *blanks = "     ";
@@ -29,3 +29,12 @@ $NetBSD: patch-aq,v 1.1 2006/04/21 11:11:26 drochner Exp $
    
    printf(".\n\n");
  }
+@@ -1249,7 +1249,7 @@ static void event_listener(void *user_da
+       snprintf(buffer, sizeof(buffer), "%s [%d%%]\n", pevent->description, pevent->percent);
+       gGui->mrl_overrided = 3;
+       panel_set_title(buffer);
+-      osd_display_info(buffer);
++      osd_display_info("%s", buffer);
+     }
+     break;
+ 
diff --git a/multimedia/xine-ui/patches/patch-ar b/multimedia/xine-ui/patches/patch-ar
index a018321f625..84e7b64c4db 100644
--- a/multimedia/xine-ui/patches/patch-ar
+++ b/multimedia/xine-ui/patches/patch-ar
@@ -1,8 +1,29 @@
-$NetBSD: patch-ar,v 1.1 2006/04/21 11:11:26 drochner Exp $
+$NetBSD: patch-ar,v 1.1.8.1 2007/03/05 12:11:42 ghen Exp $
 
---- src/xitk/xine-toolkit/xitk.c.orig	2006-04-21 12:52:41.000000000 +0200
+--- src/xitk/xine-toolkit/xitk.c.orig	2005-05-21 00:02:05.000000000 +0200
 +++ src/xitk/xine-toolkit/xitk.c
-@@ -1877,7 +1877,7 @@ void xitk_init(Display *display, XColor 
+@@ -147,7 +147,7 @@ typedef struct {
+   
+   struct timeval              keypress;
+ 
+-  KeyCode                     ignore_keys[3];
++  KeyCode                     ignore_keys[2];
+ 
+   pthread_t                  *tips_thread;
+   unsigned long               tips_timeout;
+@@ -1805,9 +1805,8 @@ void xitk_init(Display *display, XColor 
+   xitk_x_error           = 0;
+   gXitk->x_error_handler = NULL;
+   gXitk->modalw          = None;
+-  gXitk->ignore_keys[0]  = XKeysymToKeycode(display, XK_Scroll_Lock);
+-  gXitk->ignore_keys[1]  = XKeysymToKeycode(display, XK_Num_Lock);
+-  gXitk->ignore_keys[2]  = XKeysymToKeycode(display, XK_Caps_Lock);
++  gXitk->ignore_keys[0]  = XKeysymToKeycode(display, XK_Shift_L);
++  gXitk->ignore_keys[1]  = XKeysymToKeycode(display, XK_Control_L);
+   gXitk->tips_timeout    = TIPS_TIMEOUT;
+   XGetInputFocus(display, &(gXitk->parent.window), &(gXitk->parent.focus));
+ 
+@@ -1877,7 +1876,7 @@ void xitk_init(Display *display, XColor 
    sprintf(buffer, "%s%s", buffer, " ]-");
  
    if(verbosity)
diff --git a/multimedia/xine-ui/patches/patch-as b/multimedia/xine-ui/patches/patch-as
new file mode 100644
index 00000000000..6f9833ca246
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-as
@@ -0,0 +1,24 @@
+$NetBSD: patch-as,v 1.1.2.2 2007/03/05 12:11:42 ghen Exp $
+
+--- src/xitk/videowin.c.orig	2007-01-08 18:39:40.000000000 +0100
++++ src/xitk/videowin.c
+@@ -1449,8 +1449,8 @@ void video_window_init (window_attribute
+   gVw->desktopHeight      = DisplayHeight(gGui->video_display, gGui->video_screen);
+ 
+ #ifdef HAVE_XTESTEXTENSION
+-  gVw->fake_keys[0] = XKeysymToKeycode(gGui->video_display, XK_Scroll_Lock);
+-  gVw->fake_keys[1] = XKeysymToKeycode(gGui->video_display, XK_Num_Lock);
++  gVw->fake_keys[0] = XKeysymToKeycode(gGui->video_display, XK_Shift_L);
++  gVw->fake_keys[1] = XKeysymToKeycode(gGui->video_display, XK_Control_L);
+   gVw->fake_key_cur = 0;
+ #endif
+   
+@@ -2151,8 +2151,6 @@ void video_window_reset_ssaver(void) {
+       XLockDisplay(gGui->video_display);
+       XTestFakeKeyEvent(gGui->video_display, gVw->fake_keys[gVw->fake_key_cur], True, CurrentTime);
+       XTestFakeKeyEvent(gGui->video_display, gVw->fake_keys[gVw->fake_key_cur], False, CurrentTime);
+-      XTestFakeKeyEvent(gGui->video_display, gVw->fake_keys[gVw->fake_key_cur], True, CurrentTime);
+-      XTestFakeKeyEvent(gGui->video_display, gVw->fake_keys[gVw->fake_key_cur], False, CurrentTime);
+       XSync(gGui->video_display, False);
+       XUnlockDisplay(gGui->video_display);
+     }
diff --git a/multimedia/xine-ui/patches/patch-au b/multimedia/xine-ui/patches/patch-au
new file mode 100644
index 00000000000..06622a3a9a4
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-au
@@ -0,0 +1,20 @@
+$NetBSD: patch-au,v 1.1.2.2 2007/03/05 12:11:42 ghen Exp $
+
+--- src/fb/osd.c.orig	2003-12-01 18:23:27.000000000 +0100
++++ src/fb/osd.c	2007-02-17 21:56:02.000000000 +0100
+@@ -589,7 +589,7 @@ void osd_display_spu_lang(void) {
+   }
+   
+   sprintf(buffer, "Subtitles: %s", lang);
+-  osd_display_info(buffer);
++  osd_display_info("%s", buffer);
+ }
+ 
+ void osd_display_audio_lang(void) {
+@@ -618,5 +618,5 @@ void osd_display_audio_lang(void) {
+   }
+ 
+   sprintf(buffer, "Audio Channel: %s", lang);
+-  osd_display_info(buffer);
++  osd_display_info("%s", buffer);
+ }
diff --git a/multimedia/xine-ui/patches/patch-av b/multimedia/xine-ui/patches/patch-av
new file mode 100644
index 00000000000..0aa0ed49aaa
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-av
@@ -0,0 +1,22 @@
+$NetBSD: patch-av,v 1.1.2.2 2007/03/05 12:11:42 ghen Exp $
+
+--- src/xitk/actions.c.orig	2005-07-24 04:40:36.000000000 +0200
++++ src/xitk/actions.c	2007-02-17 21:56:02.000000000 +0100
+@@ -398,7 +398,7 @@ int gui_xine_play(xine_stream_t *stream,
+     
+ 
+     if(v_unhandled && a_unhandled) {
+-      xine_error(buffer);
++      xine_error("%s", buffer);
+       return 0;
+     }
+ 
+@@ -416,7 +416,7 @@ int gui_xine_play(xine_stream_t *stream,
+       xw = xitk_window_dialog_yesno_with_width(gGui->imlib_data, _("Start Playback ?"), 
+ 					       start_anyway_yesno, start_anyway_yesno, 
+ 					       NULL, 400, ALIGN_CENTER,
+-					       buffer);
++					       "%s", buffer);
+       XLockDisplay(gGui->display);
+       if(!gGui->use_root_window && gGui->video_display == gGui->display)
+ 	XSetTransientForHint(gGui->display, xitk_window_get_window(xw), gGui->video_window);
diff --git a/multimedia/xine-ui/patches/patch-aw b/multimedia/xine-ui/patches/patch-aw
new file mode 100644
index 00000000000..0840801d691
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-aw
@@ -0,0 +1,40 @@
+$NetBSD: patch-aw,v 1.1.2.2 2007/03/05 12:11:42 ghen Exp $
+
+--- src/xitk/errors.c.orig	2005-02-07 19:16:28.000000000 +0100
++++ src/xitk/errors.c	2007-02-17 21:56:02.000000000 +0100
+@@ -68,7 +68,7 @@ static void errors_create_window(char *t
+ 						 _("Done"), _("More..."),
+ 						 NULL, _errors_display_log, 
+ 						 NULL, 400, ALIGN_CENTER,
+-						 message);
++						 "%s", message);
+ 
+   xitk_window_set_parent_window(xw, gGui->video_window);
+ 
+@@ -125,7 +125,7 @@ void xine_error(char *message, ...) {
+     } else {
+       xitk_window_t *xw;
+ 
+-      xw = xitk_window_dialog_error(gGui->imlib_data, buf2);
++      xw = xitk_window_dialog_error(gGui->imlib_data, "%s", buf2);
+ 
+       if(!gGui->use_root_window && gGui->video_display == gGui->display) {
+         XLockDisplay(gGui->display);
+@@ -228,7 +228,7 @@ void xine_info(char *message, ...) {
+     } else {
+       xitk_window_t *xw;
+ 
+-      xw = xitk_window_dialog_info(gGui->imlib_data, buf2);
++      xw = xitk_window_dialog_info(gGui->imlib_data, "%s", buf2);
+ 
+       if(!gGui->use_root_window && gGui->video_display == gGui->display) {
+         XLockDisplay(gGui->display);
+@@ -354,7 +354,7 @@ void too_slow_window(void) {
+                                                  _("Disable this warning."),
+                                                  checked, _dont_show_too_slow_again,
+ 						 NULL, 500, ALIGN_CENTER,
+-						 message);
++						 "%s", message);
+   if(!gGui->use_root_window && gGui->video_display == gGui->display) {
+     XLockDisplay(gGui->display);
+     XSetTransientForHint(gGui->display, xitk_window_get_window(xw), gGui->video_window);
diff --git a/multimedia/xine-ui/patches/patch-ax b/multimedia/xine-ui/patches/patch-ax
new file mode 100644
index 00000000000..571dc5c1eae
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-ax
@@ -0,0 +1,13 @@
+$NetBSD: patch-ax,v 1.1.2.2 2007/03/05 12:11:43 ghen Exp $
+
+--- src/xitk/file_browser.c.orig	2005-05-29 12:43:40.000000000 +0200
++++ src/xitk/file_browser.c	2007-02-17 21:56:02.000000000 +0100
+@@ -1012,7 +1012,7 @@ static void fb_delete_file(xitk_widget_t
+     xitk_window_dialog_yesno(gGui->imlib_data, _("Confirm deletion ?"),
+ 			     fb_delete_file_cb, 
+ 			     fb_delete_file_cb, 
+-			     (void *)fb, ALIGN_DEFAULT, buf);
++			     (void *)fb, ALIGN_DEFAULT, "%s", buf);
+   }
+ }
+ 
diff --git a/multimedia/xine-ui/patches/patch-ay b/multimedia/xine-ui/patches/patch-ay
new file mode 100644
index 00000000000..abecfa3dc4d
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-ay
@@ -0,0 +1,13 @@
+$NetBSD: patch-ay,v 1.1.2.2 2007/03/05 12:11:43 ghen Exp $
+
+--- src/xitk/kbindings.c.orig	2005-07-16 21:05:31.000000000 +0200
++++ src/xitk/kbindings.c	2007-02-17 21:56:02.000000000 +0100
+@@ -622,7 +622,7 @@ static void _kbindings_check_redundancy(
+ 						     _("Reset"), _("Editor"), _("Cancel"),
+ 						     _kbinding_reset_cb, _kbinding_editor_cb, NULL,
+ 						     (void *) kbt, 450, ALIGN_CENTER,
+-						     kmsg);
++						     "%s", kmsg);
+     free(kmsg);
+     XLockDisplay(gGui->display);
+     if(!gGui->use_root_window && gGui->video_display == gGui->display)
diff --git a/multimedia/xine-ui/patches/patch-az b/multimedia/xine-ui/patches/patch-az
new file mode 100644
index 00000000000..ecb792549e5
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-az
@@ -0,0 +1,22 @@
+$NetBSD: patch-az,v 1.1.2.2 2007/03/05 12:11:43 ghen Exp $
+
+--- src/xitk/osd.c.orig	2005-07-16 21:05:32.000000000 +0200
++++ src/xitk/osd.c	2007-02-17 21:56:02.000000000 +0100
+@@ -698,7 +698,7 @@ void osd_display_spu_lang(void) {
+   }
+   
+   snprintf(buffer, sizeof(buffer), "%s%s", _("Subtitles: "), get_language_from_iso639_1(lang));
+-  osd_display_info(buffer);
++  osd_display_info("%s", buffer);
+ }
+ 
+ void osd_display_audio_lang(void) {
+@@ -727,7 +727,7 @@ void osd_display_audio_lang(void) {
+   }
+ 
+   snprintf(buffer, sizeof(buffer), "%s%s", _("Audio Channel: "), get_language_from_iso639_1(lang));
+-  osd_display_info(buffer);
++  osd_display_info("%s", buffer);
+ }
+ 
+ int osd_is_visible(void) {
diff --git a/multimedia/xine-ui/patches/patch-ba b/multimedia/xine-ui/patches/patch-ba
new file mode 100644
index 00000000000..b8f93445d3d
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-ba
@@ -0,0 +1,17 @@
+$NetBSD: patch-ba,v 1.1.2.2 2007/03/05 12:11:43 ghen Exp $
+
+--- src/xitk/panel.c.orig	2005-07-24 04:40:37.000000000 +0200
++++ src/xitk/panel.c	2007-02-17 21:56:02.000000000 +0100
+@@ -845,10 +845,10 @@ void panel_toggle_audio_mute(xitk_widget
+  *  to snapshot current frame.
+  */
+ static void panel_snapshot_error(void *data, char *message) {
+-  xine_error(message);
++  xine_error("%s", message);
+ }
+ static void panel_snapshot_info(void *data, char *message) {
+-  xine_info(message);
++  xine_info("%s", message);
+ }
+ void panel_snapshot(xitk_widget_t *w, void *data) {
+   create_snapshot(gGui->mmk.mrl, panel_snapshot_error, panel_snapshot_info, NULL);
diff --git a/multimedia/xine-ui/patches/patch-bb b/multimedia/xine-ui/patches/patch-bb
new file mode 100644
index 00000000000..bd22ac381d9
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-bb
@@ -0,0 +1,31 @@
+$NetBSD: patch-bb,v 1.1.2.2 2007/03/05 12:11:43 ghen Exp $
+
+--- src/xitk/xine-toolkit/window.c.orig	2004-12-31 01:52:15.000000000 +0100
++++ src/xitk/xine-toolkit/window.c	2007-02-17 21:56:02.000000000 +0100
+@@ -1088,7 +1088,7 @@ xitk_window_t *xitk_window_dialog_ok_wit
+     char buf2[(strlen(buf) * 2) + 1];
+     xitk_subst_special_chars(buf, buf2);
+     xw = xitk_window_dialog_one_button_with_width(im, title, _("OK"), cb, userdata, window_width,
+-						  align, buf2);
++						  align, "%s", buf2);
+   }
+   XITK_FREE(buf);
+   return xw;
+@@ -1337,7 +1337,7 @@ xitk_window_t *xitk_window_dialog_yesno_
+     
+     xitk_subst_special_chars(buf, buf2);
+     xw = xitk_window_dialog_two_buttons_with_width(im, title, _("Yes"), _("No"), 
+-						   ycb, ncb, userdata, window_width, align, buf2);
++						   ycb, ncb, userdata, window_width, align, "%s", buf2);
+   }
+ 
+   XITK_FREE(buf);
+@@ -1559,7 +1559,7 @@ xitk_window_t *xitk_window_dialog_yesnoc
+     
+     xitk_subst_special_chars(buf, buf2);
+     xw = xitk_window_dialog_three_buttons_with_width(im, title, _("Yes"), _("No"), _("Cancel"),
+-						     ycb, ncb, ccb, userdata, window_width, align, buf2);
++						     ycb, ncb, ccb, userdata, window_width, align, "%s", buf2);
+   }
+   XITK_FREE(buf);
+   return xw;
diff --git a/multimedia/xine-ui/patches/patch-bc b/multimedia/xine-ui/patches/patch-bc
new file mode 100644
index 00000000000..b8365e89e65
--- /dev/null
+++ b/multimedia/xine-ui/patches/patch-bc
@@ -0,0 +1,14 @@
+$NetBSD: patch-bc,v 1.1.2.2 2007/03/05 12:11:43 ghen Exp $
+
+--- src/xitk/xine-toolkit/xitk.h.orig	2004-12-16 22:35:30.000000000 +0100
++++ src/xitk/xine-toolkit/xitk.h	2007-02-17 21:56:02.000000000 +0100
+@@ -2310,7 +2310,8 @@ xitk_window_t *xitk_window_dialog_checkb
+                                                          char *checkbox_label, int checkbox_state,
+                                                          xitk_state_callback_t cb3,
+ 							 void *userdata, 
+-							 int window_width, int align, char *message, ...);
++							 int window_width, int align, char *message, ...)
++  __attribute__((__format__(__printf__, 13, 14)));
+ 
+ #ifdef __GNUC__
+ #define xitk_window_dialog_two_buttons_with_width(im, title, bl1, bl2, cb1, cb2, userdata, window_width, align, message, args...) \