r41242 - in /desktop/unstable/gtk+2.0/debian: changelog patches/099_format_security_fixes.patch patches/series

biebl at users.alioth.debian.org biebl at users.alioth.debian.org
Fri Apr 4 13:34:43 UTC 2014 

Author: biebl
Date: Fri Apr  4 13:34:42 2014
New Revision: 41242

URL: http://svn.debian.org/wsvn/pkg-gnome/?sc=1&rev=41242
Log:
debian/patches/099_format_security_fixes.patch: Fix a format string
vulnerability in the pixbuf engine.

Added:
    desktop/unstable/gtk+2.0/debian/patches/099_format_security_fixes.patch
Modified:
    desktop/unstable/gtk+2.0/debian/changelog
    desktop/unstable/gtk+2.0/debian/patches/series

Modified: desktop/unstable/gtk+2.0/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/gtk%2B2.0/debian/changelog?rev=41242&op=diff
==============================================================================
--- desktop/unstable/gtk+2.0/debian/changelog	[utf-8] (original)
+++ desktop/unstable/gtk+2.0/debian/changelog	[utf-8] Fri Apr  4 13:34:42 2014
@@ -3,6 +3,8 @@
   * New upstream release.
   * Bump Standards-Version to 3.9.5.
   * Enable hardening build flags using /usr/share/dpkg/buildflags.mk.
+  * debian/patches/099_format_security_fixes.patch: Fix a format string
+    vulnerability in the pixbuf engine.
 
  -- Michael Biebl <biebl at debian.org>  Fri, 04 Apr 2014 14:06:31 +0200
 

Added: desktop/unstable/gtk+2.0/debian/patches/099_format_security_fixes.patch
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/gtk%2B2.0/debian/patches/099_format_security_fixes.patch?rev=41242&op=file
==============================================================================
--- desktop/unstable/gtk+2.0/debian/patches/099_format_security_fixes.patch	(added)
+++ desktop/unstable/gtk+2.0/debian/patches/099_format_security_fixes.patch	[utf-8] Fri Apr  4 13:34:42 2014
@@ -0,0 +1,16 @@
+Description: Fix a format security
+ This bug was introduced in e4c83bbfdb60fdfe0bae207b1ddae295dc267a23
+Author: Michael Biebl <biebl at debian.org>
+Index: gtk+-2.24.23/modules/engines/pixbuf/pixbuf-rc-style.c
+===================================================================
+--- gtk+-2.24.23.orig/modules/engines/pixbuf/pixbuf-rc-style.c	2014-03-06 05:56:42.000000000 +0100
++++ gtk+-2.24.23/modules/engines/pixbuf/pixbuf-rc-style.c	2014-04-04 15:13:02.938274177 +0200
+@@ -669,7 +669,7 @@
+                              const char   *message)
+ {
+   theme_clear_pixbuf (theme_pb);
+-  g_scanner_warn (scanner, message);
++  g_scanner_warn (scanner, "%s", message);
+ }
+ 
+ static guint

Modified: desktop/unstable/gtk+2.0/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/gtk%2B2.0/debian/patches/series?rev=41242&op=diff
==============================================================================
--- desktop/unstable/gtk+2.0/debian/patches/series	[utf-8] (original)
+++ desktop/unstable/gtk+2.0/debian/patches/series	[utf-8] Fri Apr  4 13:34:42 2014
@@ -11,3 +11,4 @@
 061_use_pdf_as_default_printing_standard.patch
 065_gir_set_packages.patch
 098_multiarch_module_path.patch
+099_format_security_fixes.patch

More information about the pkg-gnome-commits mailing list