r30133 - in /packages/unstable/gksu/debian: changelog patches/02_format_security.patch patches/series
biebl at users.alioth.debian.org
biebl at users.alioth.debian.org
Mon Oct 10 16:41:49 UTC 2011
Author: biebl
Date: Mon Oct 10 16:41:48 2011
New Revision: 30133
URL: http://svn.debian.org/wsvn/pkg-gnome/?sc=1&rev=30133
Log:
* debian/patches/02_format_security.patch
- Fix possible format string vulnerabilities. Closes: #643389
Added:
packages/unstable/gksu/debian/patches/02_format_security.patch
Modified:
packages/unstable/gksu/debian/changelog
packages/unstable/gksu/debian/patches/series
Modified: packages/unstable/gksu/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnome/packages/unstable/gksu/debian/changelog?rev=30133&op=diff
==============================================================================
--- packages/unstable/gksu/debian/changelog [utf-8] (original)
+++ packages/unstable/gksu/debian/changelog [utf-8] Mon Oct 10 16:41:48 2011
@@ -11,6 +11,8 @@
* Bump debhelper compatibility level to 8.
* Remove pre-lenny upgrade code, drop debian/gksu.postinst.
* Bump Standards-Version to 3.9.2.
+ * debian/patches/02_format_security.patch
+ - Fix possible format string vulnerabilities. Closes: #643389
-- Michael Biebl <biebl at debian.org> Mon, 10 Oct 2011 18:02:21 +0200
Added: packages/unstable/gksu/debian/patches/02_format_security.patch
URL: http://svn.debian.org/wsvn/pkg-gnome/packages/unstable/gksu/debian/patches/02_format_security.patch?rev=30133&op=file
==============================================================================
--- packages/unstable/gksu/debian/patches/02_format_security.patch (added)
+++ packages/unstable/gksu/debian/patches/02_format_security.patch [utf-8] Mon Oct 10 16:41:48 2011
@@ -1,0 +1,37 @@
+Description: Fix possible format string vulnerabilities
+Author: Michael Biebl <biebl at debian.org>
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643389
+Index: gksu-2.0.2/gksu/gksu.c
+===================================================================
+--- gksu-2.0.2.orig/gksu/gksu.c 2009-03-04 19:25:32.000000000 +0100
++++ gksu-2.0.2/gksu/gksu.c 2011-10-10 18:31:04.599677143 +0200
+@@ -146,9 +146,12 @@
+ msg = g_strdup_vprintf(format, ap);
+ va_end(ap);
+
+- diag_win = gtk_message_dialog_new_with_markup (NULL, GTK_DIALOG_MODAL,
+- type, GTK_BUTTONS_CLOSE,
+- msg);
++ diag_win = gtk_message_dialog_new (NULL, GTK_DIALOG_MODAL,
++ type, GTK_BUTTONS_CLOSE,
++ NULL);
++
++ gtk_message_dialog_set_markup (GTK_MESSAGE_DIALOG(diag_win),
++ msg);
+
+ gtk_signal_connect_object (GTK_OBJECT(diag_win), "delete_event",
+ GTK_SIGNAL_FUNC(gtk_main_quit),
+@@ -176,12 +179,7 @@
+ g_key_file_load_from_file (desktop, file_name, G_KEY_FILE_NONE, &error);
+ if (error)
+ {
+- gchar *error_msg;
+-
+- error_msg = g_strdup_printf ("Could not load desktop file: %s",
+- error->message);
+- g_warning (error_msg);
+- g_free (error_msg);
++ g_warning ("Could not load desktop file: %s", error->message);
+ g_error_free (error);
+ g_key_file_free (desktop);
+ return;
Modified: packages/unstable/gksu/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-gnome/packages/unstable/gksu/debian/patches/series?rev=30133&op=diff
==============================================================================
--- packages/unstable/gksu/debian/patches/series [utf-8] (original)
+++ packages/unstable/gksu/debian/patches/series [utf-8] Mon Oct 10 16:41:48 2011
@@ -1,2 +1,3 @@
01_desktop_in.patch
+02_format_security.patch
99_intltool.patch
More information about the pkg-gnome-commits
mailing list