[pkg-fgfs-crew] [flightgear] 01/01: * New upstream release 2.12.0. * Adjust dependencies on simgear and flightgear-data for 2.12. * Drop patches terrasync.patch, CVE-2012-2090.diff, CVE-2013-2091.diff, and bug1117.diff. These got applied upstream.
Markus Wanner
markus_wanner-guest at alioth.debian.org
Sat Sep 21 18:39:32 UTC 2013
This is an automated email from the git hooks/post-receive script.
markus_wanner-guest pushed a commit to branch master
in repository flightgear.
commit aeee6949daa4e5dc377763216ef1bc1e7273bd41
Author: Markus Wanner <markus at bluegap.ch>
Date: Sat Sep 21 20:23:59 2013 +0200
* New upstream release 2.12.0.
* Adjust dependencies on simgear and flightgear-data for 2.12.
* Drop patches terrasync.patch, CVE-2012-2090.diff, CVE-2013-2091.diff,
and bug1117.diff. These got applied upstream.
---
debian/changelog | 9 ++++
debian/control | 4 +-
debian/patches/CVE-2012-2090.diff | 78 -------------------------------
debian/patches/CVE-2012-2091.diff | 91 -------------------------------------
debian/patches/bug1117.diff | 21 ---------
debian/patches/series | 4 --
debian/patches/terrasync.patch | 24 ----------
7 files changed, 11 insertions(+), 220 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 43b5153..26cd316 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+flightgear (2.12.0-1) UNRELEASED; urgency=low
+
+ * New upstream release. Closes: #723976.
+ * Adjust dependencies on simgear and flightgear-data for 2.12.
+ * Drop patches terrasync.patch, CVE-2012-2090.diff, CVE-2013-2091.diff,
+ and bug1117.diff. These got applied upstream.
+
+ --
+
flightgear (2.10.0-4) unstable; urgency=low
* Accept libopenscenegraph-3.2.0~rc1, again, as per discussion with OSG
diff --git a/debian/control b/debian/control
index 9c40f6c..d8768cb 100644
--- a/debian/control
+++ b/debian/control
@@ -14,7 +14,7 @@ Build-Depends: debhelper (>= 9.20120417), libx11-dev, libxext-dev,
libjpeg8-dev | libjpeg62-dev | libjpeg-dev,
libpng12-dev | libpng3-dev | libpng-dev,
libopenscenegraph-dev (>> 3.0.0),
- libsimgear-dev (>= 2.10.0~),
+ libsimgear-dev (>= 2.12.0~),
libsqlite3-dev
Standards-Version: 3.9.4
Homepage: http://www.flightgear.org/
@@ -23,7 +23,7 @@ Vcs-Git: git://anonscm.debian.org/collab-maint/flightgear.git
Package: flightgear
Architecture: any
-Depends: flightgear-data-all (>= 2.10.0~), ${shlibs:Depends},
+Depends: flightgear-data-all (>= 2.12.0~), ${shlibs:Depends},
${misc:Depends}
Description: Flight Gear Flight Simulator
FlightGear Flight Simulator (often shortened to FlightGear or FGFS)
diff --git a/debian/patches/CVE-2012-2090.diff b/debian/patches/CVE-2012-2090.diff
deleted file mode 100644
index ef54636..0000000
--- a/debian/patches/CVE-2012-2090.diff
+++ /dev/null
@@ -1,78 +0,0 @@
-Subject: Fix for CVE-2012-2090: prevent %n being passed to format strings
- CVE-2012-2090 mentions multiple places in simgear and flightgear that
- allow an unsafe %n specifier to be passed as a format string. This patch
- prevents this for flightgear in two constructors of FGTextLayer::Chunk and
- in FGGeneric::gen_message_ascii().
-From: Tom Callaway
-Origin: http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=17;filename=flightgear-2.6.0-check-for-%25n-in-printf-format-string.patch;att=1;bug=669025
-Last-Update: 2012-11-07
-
---- a/src/Cockpit/panel.cxx
-+++ b/src/Cockpit/panel.cxx
-@@ -1174,8 +1174,18 @@
- : _type(FGTextLayer::TEXT), _fmt(fmt)
- {
- _text = text;
-- if (_fmt.empty())
-- _fmt = "%s";
-+ if (_fmt.empty()) {
-+ _fmt = "%s";
-+ } else {
-+ // It is never safe for _fmt.c_str to be %n.
-+ string unsafe ("%n");
-+ size_t found;
-+ found=_fmt.find(unsafe);
-+ if (found!=string::npos) {
-+ SG_LOG(SG_COCKPIT, SG_WARN, "format type contained %n, but this is unsafe, reverting to %s");
-+ _fmt = "%s";
-+ }
-+ }
- }
-
- FGTextLayer::Chunk::Chunk (ChunkType type, const SGPropertyNode * node,
-@@ -1188,6 +1198,20 @@
- _fmt = "%s";
- else
- _fmt = "%.2f";
-+ } else {
-+ // It is never safe for _fmt.c_str to be %n.
-+ string unsafe ("%n");
-+ size_t found;
-+ found=_fmt.find(unsafe);
-+ if (found!=string::npos) {
-+ if (type == TEXT_VALUE) {
-+ SG_LOG(SG_COCKPIT, SG_WARN, "format type contained %n, but this is unsafe, reverting to %s");
-+ _fmt = "%s";
-+ } else {
-+ SG_LOG(SG_COCKPIT, SG_WARN, "format type contained %n, but this is unsafe, reverting to %.2f");
-+ _fmt = "%.2f";
-+ }
-+ }
- }
- _node = node;
- }
---- a/src/Network/generic.cxx
-+++ b/src/Network/generic.cxx
-@@ -206,6 +206,8 @@
-
- bool FGGeneric::gen_message_ascii() {
- string generic_sentence;
-+ string unsafe ("%n");
-+ size_t found;
- char tmp[255];
- length = 0;
-
-@@ -216,6 +218,13 @@
- generic_sentence += var_separator;
- }
-
-+ // It is never safe for _out_message[i].format.c_str to be %n.
-+ found=_out_message[i].format.find(unsafe);
-+ if (found!=string::npos) {
-+ SG_LOG(SG_COCKPIT, SG_WARN, "format type contained %n, but this is unsafe, reverting to %s");
-+ _out_message[i].format = "%s";
-+ }
-+
- switch (_out_message[i].type) {
- case FG_INT:
- val = _out_message[i].offset +
diff --git a/debian/patches/CVE-2012-2091.diff b/debian/patches/CVE-2012-2091.diff
deleted file mode 100644
index 44ea700..0000000
--- a/debian/patches/CVE-2012-2091.diff
+++ /dev/null
@@ -1,91 +0,0 @@
-Subject: Fix for CVE-2012-2091: add checks against buffer overruns
- CVE-2012-2091 mentions various buffer overruns in simgear and
- flightgear. This patch addresses this issue in Rotor::getValueforFGSet().
-From: Tom Callaway
-Origin: http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=17;filename=flightgear-2.6.0-use-snprintf-for-rotor-strings.patch;att=2;bug=669025
-Last-Update: 2012-11-08
-
---- a/src/FDM/YASim/Rotor.cpp
-+++ b/src/FDM/YASim/Rotor.cpp
-@@ -274,7 +274,7 @@
- if (4>numRotorparts()) return 0; //compile first!
- if (j==0)
- {
-- sprintf(text,"/rotors/%s/cone-deg", _name);
-+ snprintf(text, 256, "/rotors/%s/cone-deg", _name);
- *f=(_balance1>-1)?( ((Rotorpart*)getRotorpart(0))->getrealAlpha()
- +((Rotorpart*)getRotorpart(1*(_number_of_parts>>2)))->getrealAlpha()
- +((Rotorpart*)getRotorpart(2*(_number_of_parts>>2)))->getrealAlpha()
-@@ -284,7 +284,7 @@
- else
- if (j==1)
- {
-- sprintf(text,"/rotors/%s/roll-deg", _name);
-+ snprintf(text, 256, "/rotors/%s/roll-deg", _name);
- _roll = ( ((Rotorpart*)getRotorpart(0))->getrealAlpha()
- -((Rotorpart*)getRotorpart(2*(_number_of_parts>>2)))->getrealAlpha()
- )/2*(_ccw?-1:1);
-@@ -293,7 +293,7 @@
- else
- if (j==2)
- {
-- sprintf(text,"/rotors/%s/yaw-deg", _name);
-+ snprintf(text, 256, "/rotors/%s/yaw-deg", _name);
- _yaw=( ((Rotorpart*)getRotorpart(1*(_number_of_parts>>2)))->getrealAlpha()
- -((Rotorpart*)getRotorpart(3*(_number_of_parts>>2)))->getrealAlpha()
- )/2;
-@@ -302,38 +302,38 @@
- else
- if (j==3)
- {
-- sprintf(text,"/rotors/%s/rpm", _name);
-+ snprintf(text, 256, "/rotors/%s/rpm", _name);
- *f=(_balance1>-1)?_omega/2/pi*60:0;
- }
- else
- if (j==4)
- {
-- sprintf(text,"/rotors/%s/tilt/pitch-deg",_name);
-+ snprintf(text, 256, "/rotors/%s/tilt/pitch-deg",_name);
- *f=_tilt_pitch*180/pi;
- }
- else if (j==5)
- {
-- sprintf(text,"/rotors/%s/tilt/roll-deg",_name);
-+ snprintf(text, 256, "/rotors/%s/tilt/roll-deg",_name);
- *f=_tilt_roll*180/pi;
- }
- else if (j==6)
- {
-- sprintf(text,"/rotors/%s/tilt/yaw-deg",_name);
-+ snprintf(text, 256, "/rotors/%s/tilt/yaw-deg",_name);
- *f=_tilt_yaw*180/pi;
- }
- else if (j==7)
- {
-- sprintf(text,"/rotors/%s/balance", _name);
-+ snprintf(text, 256, "/rotors/%s/balance", _name);
- *f=_balance1;
- }
- else if (j==8)
- {
-- sprintf(text,"/rotors/%s/stall",_name);
-+ snprintf(text, 256, "/rotors/%s/stall",_name);
- *f=getOverallStall();
- }
- else if (j==9)
- {
-- sprintf(text,"/rotors/%s/torque",_name);
-+ snprintf(text, 256, "/rotors/%s/torque",_name);
- *f=-_torque;;
- }
- else
-@@ -344,7 +344,7 @@
- return 0;
- }
- int w=j%3;
-- sprintf(text,"/rotors/%s/blade[%i]/%s",
-+ snprintf(text, 256, "/rotors/%s/blade[%i]/%s",
- _name,b,
- w==0?"position-deg":(w==1?"flap-deg":"incidence-deg"));
- *f=((Rotorpart*)getRotorpart(0))->getPhi()*180/pi
diff --git a/debian/patches/bug1117.diff b/debian/patches/bug1117.diff
deleted file mode 100644
index 55e8822..0000000
--- a/debian/patches/bug1117.diff
+++ /dev/null
@@ -1,21 +0,0 @@
-Subject: Fix for upstream #1117: fix another issue similar to CVE-2012-2090
- In FGClouds::buildlayer(), prevent passing '%n' to snprintf().
-From: Rebecca Palmer
-Origin: https://bugs.launchpad.net/ubuntu/+source/simgear/+bug/1077624/+attachment/3806304/+files/flightgear_bug1117.patch
-Last-Update: 2013-09-06
-
---- a/src/Environment/fgclouds.cxx
-+++ b/src/Environment/fgclouds.cxx
-@@ -228,11 +228,10 @@
- double count = acloud->getDoubleValue("count", 1.0);
- tCloudVariety[CloudVarietyCount].count = count;
- int variety = 0;
-- cloud_name = cloud_name + "-%d";
- char variety_name[50];
- do {
- variety++;
-- snprintf(variety_name, sizeof(variety_name) - 1, cloud_name.c_str(), variety);
-+ snprintf(variety_name, sizeof(variety_name) - 1, "%s-%d", cloud_name.c_str(), variety);
- } while( box_def_root->getChild(variety_name, 0, false) );
-
- totalCount += count;
diff --git a/debian/patches/series b/debian/patches/series
deleted file mode 100644
index 62bb8b0..0000000
--- a/debian/patches/series
+++ /dev/null
@@ -1,4 +0,0 @@
-terrasync.patch
-CVE-2012-2090.diff
-CVE-2012-2091.diff
-bug1117.diff
diff --git a/debian/patches/terrasync.patch b/debian/patches/terrasync.patch
deleted file mode 100644
index 0414b78..0000000
--- a/debian/patches/terrasync.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-Description: Fix build failure in terrasync.cxx
- Fix build failure with GCC 4.7.
-Origin: vendor
-Bug-Debian: http://bugs.debian.org/667167
-Author: Matej Vela <vela at debian.org>, Ove Kaaven <ovek at arcticnet.no>
-Forwarded: no
-Last-Update: 2012-07-16
-
---- a/utils/TerraSync/terrasync.cxx
-+++ b/utils/TerraSync/terrasync.cxx
-@@ -30,9 +30,12 @@
- #include <windows.h>
- #endif
-
-+//#if HAVE_UNISTD_H
-+#include <unistd.h> // write(), getpid(), sleep()
-+//#endif
-+
- #ifdef __MINGW32__
- #include <time.h>
--#include <unistd.h>
- #elif defined(_MSC_VER)
- # include <io.h>
- #endif
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/collab-maint/flightgear.git
More information about the pkg-fgfs-crew
mailing list