From f810ab03a56533fc7ca8d98f756cd7671abacede Mon Sep 17 00:00:00 2001
From: adrianp <adrianp@pkgsrc.org>
Date: Wed, 24 Aug 2005 10:59:12 +0000
Subject: Fix for format string security issue: 
 http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html Tested
 by myself and jmmv@ Bump to nb1

---
 mail/evolution/Makefile         |  3 ++-
 mail/evolution/distinfo         |  6 +++++-
 mail/evolution/patches/patch-ad | 13 +++++++++++++
 mail/evolution/patches/patch-ae | 13 +++++++++++++
 mail/evolution/patches/patch-af | 13 +++++++++++++
 mail/evolution/patches/patch-ag | 31 +++++++++++++++++++++++++++++++
 6 files changed, 77 insertions(+), 2 deletions(-)
 create mode 100644 mail/evolution/patches/patch-ad
 create mode 100644 mail/evolution/patches/patch-ae
 create mode 100644 mail/evolution/patches/patch-af
 create mode 100644 mail/evolution/patches/patch-ag

(limited to 'mail')

diff --git a/mail/evolution/Makefile b/mail/evolution/Makefile
index b3adafc90f5..37e5592c365 100644
--- a/mail/evolution/Makefile
+++ b/mail/evolution/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.89 2005/08/21 20:53:34 jmmv Exp $
+# $NetBSD: Makefile,v 1.90 2005/08/24 10:59:12 adrianp Exp $
 
 DISTNAME=		evolution-2.2.3
+PKGREVISION=		1
 CATEGORIES=		mail time gnome
 MASTER_SITES=		${MASTER_SITE_GNOME:=sources/evolution/2.2/}
 EXTRACT_SUFX=		.tar.bz2
diff --git a/mail/evolution/distinfo b/mail/evolution/distinfo
index e8b182f7f55..2b2afb31908 100644
--- a/mail/evolution/distinfo
+++ b/mail/evolution/distinfo
@@ -1,7 +1,11 @@
-$NetBSD: distinfo,v 1.39 2005/08/21 11:34:37 jmmv Exp $
+$NetBSD: distinfo,v 1.40 2005/08/24 10:59:12 adrianp Exp $
 
 SHA1 (evolution-2.2.3.tar.bz2) = bd44f9cf45527e77554c5e25d0857236ba97acec
 RMD160 (evolution-2.2.3.tar.bz2) = 74358ef7bb81ffa0fd9a4659c545e99ac4e64910
 Size (evolution-2.2.3.tar.bz2) = 10435908 bytes
 SHA1 (patch-ab) = 871a322eefd1a42e7197da764d49cd1d24f6535d
 SHA1 (patch-ac) = eac530ef720daf3f8f812690496ae39b76691799
+SHA1 (patch-ad) = 10ab1a51ae42934a230ee015554370efc545e3fa
+SHA1 (patch-ae) = 2eacc3c614f157137af032dda79e7c5d50fe4b6c
+SHA1 (patch-af) = e005e105327ddc112ac68ade7f1f6ea2ec0fbf1c
+SHA1 (patch-ag) = ccef018483a082f7989d81173d264a67e9a01d71
diff --git a/mail/evolution/patches/patch-ad b/mail/evolution/patches/patch-ad
new file mode 100644
index 00000000000..3736f4aacf4
--- /dev/null
+++ b/mail/evolution/patches/patch-ad
@@ -0,0 +1,13 @@
+$NetBSD: patch-ad,v 1.8 2005/08/24 10:59:12 adrianp Exp $
+
+--- calendar/gui/e-cal-component-preview.c.orig	2005-01-04 18:48:56.000000000 +0000
++++ calendar/gui/e-cal-component-preview.c
+@@ -284,7 +284,7 @@ write_html (GtkHTMLStream *stream, ECal 
+ 					str = g_string_append_c (str, text.value[i]);
+ 			}
+ 
+-			gtk_html_stream_printf (stream, str->str);
++			gtk_html_stream_printf (stream, "%s", str->str);
+ 			g_string_free (str, TRUE);
+ 		}
+ 
diff --git a/mail/evolution/patches/patch-ae b/mail/evolution/patches/patch-ae
new file mode 100644
index 00000000000..9edf3a71cfb
--- /dev/null
+++ b/mail/evolution/patches/patch-ae
@@ -0,0 +1,13 @@
+$NetBSD: patch-ae,v 1.5 2005/08/24 10:59:12 adrianp Exp $
+
+--- calendar/gui/e-calendar-view.c.orig	2005-04-18 15:29:04.000000000 +0100
++++ calendar/gui/e-calendar-view.c
+@@ -1079,7 +1079,7 @@ on_save_as (EPopup *ep, EPopupItem *pite
+ 		return;
+ 	}
+ 	
+-	fprintf (file, ical_string);
++	fprintf (file, "%s", ical_string);
+ 	g_free (ical_string);
+ 	fclose (file);
+ 
diff --git a/mail/evolution/patches/patch-af b/mail/evolution/patches/patch-af
new file mode 100644
index 00000000000..1282155f182
--- /dev/null
+++ b/mail/evolution/patches/patch-af
@@ -0,0 +1,13 @@
+$NetBSD: patch-af,v 1.6 2005/08/24 10:59:12 adrianp Exp $
+
+--- calendar/gui/e-calendar-table.c.orig	2005-01-25 11:18:16.000000000 +0000
++++ calendar/gui/e-calendar-table.c
+@@ -1027,7 +1027,7 @@ e_calendar_table_on_save_as (EPopup *ep,
+ 		return;
+ 	}
+ 	
+-	fprintf (file, ical_string);
++	fprintf (file, "%s", ical_string);
+ 	g_free (ical_string);
+ 	fclose (file);
+ }
diff --git a/mail/evolution/patches/patch-ag b/mail/evolution/patches/patch-ag
new file mode 100644
index 00000000000..2106c1d1781
--- /dev/null
+++ b/mail/evolution/patches/patch-ag
@@ -0,0 +1,31 @@
+$NetBSD: patch-ag,v 1.7 2005/08/24 10:59:12 adrianp Exp $
+
+--- addressbook/gui/widgets/eab-contact-display.c.orig	2005-04-28 10:23:01.000000000 +0100
++++ addressbook/gui/widgets/eab-contact-display.c
+@@ -353,7 +353,7 @@ render_contact (GtkHTMLStream *html_stre
+ 	accum_multival_attribute (accum, contact, _("Yahoo"), E_CONTACT_IM_YAHOO, YAHOO_ICON, 0);
+ 
+ 	if (accum->len > 0)
+-		gtk_html_stream_printf (html_stream, accum->str);
++		gtk_html_stream_printf (html_stream, "%s", accum->str);
+ 
+ 	end_block (html_stream);
+ 
+@@ -368,7 +368,7 @@ render_contact (GtkHTMLStream *html_stre
+ 
+ 	if (accum->len > 0) {
+ 		start_block (html_stream, _("work"));
+-		gtk_html_stream_printf (html_stream, accum->str);
++		gtk_html_stream_printf (html_stream, "%s", accum->str);
+ 		end_block (html_stream);
+ 	}
+ 
+@@ -383,7 +383,7 @@ render_contact (GtkHTMLStream *html_stre
+ 
+ 	if (accum->len > 0) {
+ 		start_block (html_stream, _("personal"));
+-		gtk_html_stream_printf (html_stream, accum->str);
++		gtk_html_stream_printf (html_stream, "%s", accum->str);
+ 		end_block (html_stream);
+ 	}
+ 
-- 
cgit v1.2.3