Add a fix for CVE 2011-4357, taken from

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649322

2 files changed, 18 insertions, 1 deletions

diff --git a/www/clearsilver/distinfo b/www/clearsilver/distinfo
index beba660af6d..53dd2dffd4e 100644
--- a/www/clearsilver/distinfo
+++ b/www/clearsilver/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.15 2010/09/13 03:05:24 taca Exp $
+$NetBSD: distinfo,v 1.16 2011/12/01 20:50:48 gls Exp $
 
 SHA1 (clearsilver-0.10.5.tar.gz) = 138865dc91e27328fe29fcaaac1bc6558f19dd75
 RMD160 (clearsilver-0.10.5.tar.gz) = bd5c616f326b544df8a74eec71a98a474b408249
@@ -6,3 +6,4 @@ Size (clearsilver-0.10.5.tar.gz) = 439190 bytes
 SHA1 (patch-aa) = cf8708c4bee271d39eca2b1833302fa13aee2b6d
 SHA1 (patch-ae) = 58326210ecef3936579a19f3cbcb9b9374bc3541
 SHA1 (patch-af) = e88106bb0c57d632c348bc16ff673e0ef7487847
+SHA1 (patch-python_neo__cgi.c) = 0baf7f06bdf7c5686131b1b1abbd4fb0fef11c85
diff --git a/www/clearsilver/patches/patch-python_neo__cgi.c b/www/clearsilver/patches/patch-python_neo__cgi.c
new file mode 100644
index 00000000000..b2617adb7f3
--- /dev/null
+++ b/www/clearsilver/patches/patch-python_neo__cgi.c
@@ -0,0 +1,16 @@
+$NetBSD: patch-python_neo__cgi.c,v 1.1 2011/12/01 20:50:49 gls Exp $
+
+Fix for 2011-4357
+Taken from: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649322
+
+--- python/neo_cgi.c.orig	2007-07-12 03:07:43.000000000 +0000
++++ python/neo_cgi.c
+@@ -178,7 +178,7 @@ static PyObject * p_cgi_error (PyObject 
+   if (!PyArg_ParseTuple(args, "s:error(str)", &s))
+     return NULL;
+ 
+-  cgi_error (cgi, s);
++  cgi_error (cgi, "%s", s);
+   rv = Py_None;
+   Py_INCREF(rv);
+   return rv;