rpms/yelp/F-8 yelp-2.20.0-CVE-2008-3533.patch, NONE, 1.1 yelp.spec, 1.122, 1.123
Matthew Barnes
mbarnes at fedoraproject.org
Mon Aug 25 17:27:16 UTC 2008
Author: mbarnes
Update of /cvs/pkgs/rpms/yelp/F-8
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv8905
Modified Files:
yelp.spec
Added Files:
yelp-2.20.0-CVE-2008-3533.patch
Log Message:
* Mon Aug 25 2008 Matthew Barnes <mbarnes at redhat.com> - 2.20.0-12
- Add patch for RH bug #459487 (format string vulnerability).
yelp-2.20.0-CVE-2008-3533.patch:
--- NEW FILE yelp-2.20.0-CVE-2008-3533.patch ---
diff -up yelp-2.20.0/src/yelp-window.c.CVE-2008-3533 yelp-2.20.0/src/yelp-window.c
--- yelp-2.20.0/src/yelp-window.c.CVE-2008-3533 2008-08-25 13:21:18.000000000 -0400
+++ yelp-2.20.0/src/yelp-window.c 2008-08-25 13:22:24.000000000 -0400
@@ -1133,10 +1133,10 @@ window_error (YelpWindow *window, gchar
GTK_DIALOG_MODAL | GTK_DIALOG_DESTROY_WITH_PARENT,
GTK_MESSAGE_ERROR,
GTK_BUTTONS_OK,
- title);
+ "%s", title);
gtk_message_dialog_format_secondary_markup
- (GTK_MESSAGE_DIALOG (dialog), message);
- gtk_dialog_run (GTK_DIALOG (dialog));
+ (GTK_MESSAGE_DIALOG (dialog), "%s", message);
+ gtk_dialog_run (GTK_DIALOG (dialog));
gtk_widget_destroy (dialog);
}
Index: yelp.spec
===================================================================
RCS file: /cvs/pkgs/rpms/yelp/F-8/yelp.spec,v
retrieving revision 1.122
retrieving revision 1.123
diff -u -r1.122 -r1.123
--- yelp.spec 16 Jul 2008 01:33:43 -0000 1.122
+++ yelp.spec 25 Aug 2008 17:26:45 -0000 1.123
@@ -20,7 +20,7 @@
Summary: A system documentation reader from the Gnome project
Name: yelp
Version: 2.20.0
-Release: 11%{?dist}
+Release: 12%{?dist}
Source: http://ftp.gnome.org/pub/GNOME/sources/yelp/2.19/%{name}-%{version}.tar.bz2
URL: http://live.gnome.org/Yelp
# http://bugzilla.gnome.org/show_bug.cgi?id=319096
@@ -32,6 +32,9 @@
# http://bugzilla.gnome.org/show_bug.cgi?id=493751
Patch5: search-crash.patch
+# RH bug #459487 / CVE-2008-3533
+Patch6: yelp-2.20.0-CVE-2008-3533.patch
+
# http://bugzilla.gnome.org/show_bug.cgi?id=431077
# XXX Does this no longer apply to yelp >= 2.19.1 ?
#Patch8: yelp-2.18.1-posix-man.patch
@@ -91,6 +94,7 @@
%patch3 -p1 -b .use-pango
%patch4 -p1 -b .rarian-crash
%patch5 -p1 -b .search-crash
+%patch6 -p1 -b .CVE-2008-3533
#%patch8 -p1 -b .posix-man
@@ -156,6 +160,9 @@
%{_datadir}/yelp
%changelog
+* Mon Aug 25 2008 Matthew Barnes <mbarnes at redhat.com> - 2.20.0-12
+- Add patch for RH bug #459487 (format string vulnerability).
+
* Tue Jul 15 2008 Christopher Aillon <caillon at redhat.com> - 2.20.0-11
- Rebuild against newer gecko
More information about the fedora-extras-commits
mailing list