r41242 - in /desktop/unstable/gtk+2.0/debian: changelog patches/099_format_security_fixes.patch patches/series
biebl at users.alioth.debian.org
biebl at users.alioth.debian.org
Fri Apr 4 13:34:43 UTC 2014
Author: biebl
Date: Fri Apr 4 13:34:42 2014
New Revision: 41242
URL: http://svn.debian.org/wsvn/pkg-gnome/?sc=1&rev=41242
Log:
debian/patches/099_format_security_fixes.patch: Fix a format string
vulnerability in the pixbuf engine.
Added:
desktop/unstable/gtk+2.0/debian/patches/099_format_security_fixes.patch
Modified:
desktop/unstable/gtk+2.0/debian/changelog
desktop/unstable/gtk+2.0/debian/patches/series
Modified: desktop/unstable/gtk+2.0/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/gtk%2B2.0/debian/changelog?rev=41242&op=diff
==============================================================================
--- desktop/unstable/gtk+2.0/debian/changelog [utf-8] (original)
+++ desktop/unstable/gtk+2.0/debian/changelog [utf-8] Fri Apr 4 13:34:42 2014
@@ -3,6 +3,8 @@
* New upstream release.
* Bump Standards-Version to 3.9.5.
* Enable hardening build flags using /usr/share/dpkg/buildflags.mk.
+ * debian/patches/099_format_security_fixes.patch: Fix a format string
+ vulnerability in the pixbuf engine.
-- Michael Biebl <biebl at debian.org> Fri, 04 Apr 2014 14:06:31 +0200
Added: desktop/unstable/gtk+2.0/debian/patches/099_format_security_fixes.patch
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/gtk%2B2.0/debian/patches/099_format_security_fixes.patch?rev=41242&op=file
==============================================================================
--- desktop/unstable/gtk+2.0/debian/patches/099_format_security_fixes.patch (added)
+++ desktop/unstable/gtk+2.0/debian/patches/099_format_security_fixes.patch [utf-8] Fri Apr 4 13:34:42 2014
@@ -0,0 +1,16 @@
+Description: Fix a format security
+ This bug was introduced in e4c83bbfdb60fdfe0bae207b1ddae295dc267a23
+Author: Michael Biebl <biebl at debian.org>
+Index: gtk+-2.24.23/modules/engines/pixbuf/pixbuf-rc-style.c
+===================================================================
+--- gtk+-2.24.23.orig/modules/engines/pixbuf/pixbuf-rc-style.c 2014-03-06 05:56:42.000000000 +0100
++++ gtk+-2.24.23/modules/engines/pixbuf/pixbuf-rc-style.c 2014-04-04 15:13:02.938274177 +0200
+@@ -669,7 +669,7 @@
+ const char *message)
+ {
+ theme_clear_pixbuf (theme_pb);
+- g_scanner_warn (scanner, message);
++ g_scanner_warn (scanner, "%s", message);
+ }
+
+ static guint
Modified: desktop/unstable/gtk+2.0/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/gtk%2B2.0/debian/patches/series?rev=41242&op=diff
==============================================================================
--- desktop/unstable/gtk+2.0/debian/patches/series [utf-8] (original)
+++ desktop/unstable/gtk+2.0/debian/patches/series [utf-8] Fri Apr 4 13:34:42 2014
@@ -11,3 +11,4 @@
061_use_pdf_as_default_printing_standard.patch
065_gir_set_packages.patch
098_multiarch_module_path.patch
+099_format_security_fixes.patch
More information about the pkg-gnome-commits
mailing list