From 5ce4fb773bcdd6eab02262b22c644c9406f47da5 Mon Sep 17 00:00:00 2001 From: drochner Date: Wed, 26 Oct 2005 10:08:24 +0000 Subject: fix potential format string vulnerability (CAN-2005-2958), from debian --- databases/libgda/Makefile | 4 +++- databases/libgda/distinfo | 3 ++- databases/libgda/patches/patch-ag | 22 ++++++++++++++++++++++ 3 files changed, 27 insertions(+), 2 deletions(-) create mode 100644 databases/libgda/patches/patch-ag (limited to 'databases') diff --git a/databases/libgda/Makefile b/databases/libgda/Makefile index cbfb3e7e273..4b448132773 100644 --- a/databases/libgda/Makefile +++ b/databases/libgda/Makefile @@ -1,8 +1,10 @@ -# $NetBSD: Makefile,v 1.14 2005/04/18 18:01:48 drochner Exp $ +# $NetBSD: Makefile,v 1.15 2005/10/26 10:08:24 drochner Exp $ # .include "Makefile.common" +PKGREVISION= 1 + PKGCONFIG_OVERRIDE= libgda.pc.in PKG_SYSCONFSUBDIR= libgda diff --git a/databases/libgda/distinfo b/databases/libgda/distinfo index f1d7a7d4aea..5b37e5bb326 100644 --- a/databases/libgda/distinfo +++ b/databases/libgda/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.15 2005/06/26 16:54:07 jmmv Exp $ +$NetBSD: distinfo,v 1.16 2005/10/26 10:08:24 drochner Exp $ SHA1 (libgda-1.2.2.tar.bz2) = d4b3df54c022efa4b8f0132561f58b1d18d7fb1d RMD160 (libgda-1.2.2.tar.bz2) = 040c7184591f49ff932a1d9a7e6eecbde5a8301d @@ -9,3 +9,4 @@ SHA1 (patch-ac) = 34dbe05c9018d94a853bc5efaaa9385798c08537 SHA1 (patch-ad) = 69f9464fd1bd1f3543808bf13de2dd5610a284b7 SHA1 (patch-ae) = 20596d6c5e6827f5ebe497c0c1ce8725125612c4 SHA1 (patch-af) = d3721169a22d26bf884e9ba3b8758c07d5355e28 +SHA1 (patch-ag) = 34d7de13a9140222a61ea6883bc9ebf67e756eda diff --git a/databases/libgda/patches/patch-ag b/databases/libgda/patches/patch-ag new file mode 100644 index 00000000000..7df975df9b6 --- /dev/null +++ b/databases/libgda/patches/patch-ag @@ -0,0 +1,22 @@ +$NetBSD: patch-ag,v 1.1 2005/10/26 10:08:24 drochner Exp $ + +--- libgda/gda-log.c.orig 2005-10-26 11:28:57.000000000 +0200 ++++ libgda/gda-log.c +@@ -111,7 +111,7 @@ gda_log_message (const gchar *format, .. + #ifdef LIBGDA_WIN32 + g_log ("Gda", G_LOG_LEVEL_INFO, "%s", msg); + #else +- syslog (LOG_USER | LOG_INFO, msg); ++ syslog (LOG_USER | LOG_INFO, "%s", msg); + #endif + g_free (msg); + } +@@ -144,7 +144,7 @@ gda_log_error (const gchar * format, ... + #ifdef LIBGDA_WIN32 + g_log ("Gda", G_LOG_LEVEL_ERROR, "%s", msg); + #else +- syslog (LOG_USER | LOG_ERR, msg); ++ syslog (LOG_USER | LOG_ERR, "%s", msg); + #endif + g_free (msg); + } -- cgit v1.2.3