pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/mail/evolution Fix for format string security issue:
details: https://anonhg.NetBSD.org/pkgsrc/rev/c83a42cb7362
branches: trunk
changeset: 498505:c83a42cb7362
user: adrianp <adrianp%pkgsrc.org@localhost>
date: Wed Aug 24 10:59:12 2005 +0000
description:
Fix for format string security issue:
http://www.sitic.se/eng/advisories_and_recommendations/sa05-001.html
Tested by myself and jmmv@
Bump to nb1
diffstat:
mail/evolution/Makefile | 3 ++-
mail/evolution/distinfo | 6 +++++-
mail/evolution/patches/patch-ad | 13 +++++++++++++
mail/evolution/patches/patch-ae | 13 +++++++++++++
mail/evolution/patches/patch-af | 13 +++++++++++++
mail/evolution/patches/patch-ag | 31 +++++++++++++++++++++++++++++++
6 files changed, 77 insertions(+), 2 deletions(-)
diffs (114 lines):
diff -r b470231e7b50 -r c83a42cb7362 mail/evolution/Makefile
--- a/mail/evolution/Makefile Wed Aug 24 10:47:57 2005 +0000
+++ b/mail/evolution/Makefile Wed Aug 24 10:59:12 2005 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.89 2005/08/21 20:53:34 jmmv Exp $
+# $NetBSD: Makefile,v 1.90 2005/08/24 10:59:12 adrianp Exp $
DISTNAME= evolution-2.2.3
+PKGREVISION= 1
CATEGORIES= mail time gnome
MASTER_SITES= ${MASTER_SITE_GNOME:=sources/evolution/2.2/}
EXTRACT_SUFX= .tar.bz2
diff -r b470231e7b50 -r c83a42cb7362 mail/evolution/distinfo
--- a/mail/evolution/distinfo Wed Aug 24 10:47:57 2005 +0000
+++ b/mail/evolution/distinfo Wed Aug 24 10:59:12 2005 +0000
@@ -1,7 +1,11 @@
-$NetBSD: distinfo,v 1.39 2005/08/21 11:34:37 jmmv Exp $
+$NetBSD: distinfo,v 1.40 2005/08/24 10:59:12 adrianp Exp $
SHA1 (evolution-2.2.3.tar.bz2) = bd44f9cf45527e77554c5e25d0857236ba97acec
RMD160 (evolution-2.2.3.tar.bz2) = 74358ef7bb81ffa0fd9a4659c545e99ac4e64910
Size (evolution-2.2.3.tar.bz2) = 10435908 bytes
SHA1 (patch-ab) = 871a322eefd1a42e7197da764d49cd1d24f6535d
SHA1 (patch-ac) = eac530ef720daf3f8f812690496ae39b76691799
+SHA1 (patch-ad) = 10ab1a51ae42934a230ee015554370efc545e3fa
+SHA1 (patch-ae) = 2eacc3c614f157137af032dda79e7c5d50fe4b6c
+SHA1 (patch-af) = e005e105327ddc112ac68ade7f1f6ea2ec0fbf1c
+SHA1 (patch-ag) = ccef018483a082f7989d81173d264a67e9a01d71
diff -r b470231e7b50 -r c83a42cb7362 mail/evolution/patches/patch-ad
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/evolution/patches/patch-ad Wed Aug 24 10:59:12 2005 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ad,v 1.8 2005/08/24 10:59:12 adrianp Exp $
+
+--- calendar/gui/e-cal-component-preview.c.orig 2005-01-04 18:48:56.000000000 +0000
++++ calendar/gui/e-cal-component-preview.c
+@@ -284,7 +284,7 @@ write_html (GtkHTMLStream *stream, ECal
+ str = g_string_append_c (str, text.value[i]);
+ }
+
+- gtk_html_stream_printf (stream, str->str);
++ gtk_html_stream_printf (stream, "%s", str->str);
+ g_string_free (str, TRUE);
+ }
+
diff -r b470231e7b50 -r c83a42cb7362 mail/evolution/patches/patch-ae
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/evolution/patches/patch-ae Wed Aug 24 10:59:12 2005 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ae,v 1.5 2005/08/24 10:59:12 adrianp Exp $
+
+--- calendar/gui/e-calendar-view.c.orig 2005-04-18 15:29:04.000000000 +0100
++++ calendar/gui/e-calendar-view.c
+@@ -1079,7 +1079,7 @@ on_save_as (EPopup *ep, EPopupItem *pite
+ return;
+ }
+
+- fprintf (file, ical_string);
++ fprintf (file, "%s", ical_string);
+ g_free (ical_string);
+ fclose (file);
+
diff -r b470231e7b50 -r c83a42cb7362 mail/evolution/patches/patch-af
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/evolution/patches/patch-af Wed Aug 24 10:59:12 2005 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-af,v 1.6 2005/08/24 10:59:12 adrianp Exp $
+
+--- calendar/gui/e-calendar-table.c.orig 2005-01-25 11:18:16.000000000 +0000
++++ calendar/gui/e-calendar-table.c
+@@ -1027,7 +1027,7 @@ e_calendar_table_on_save_as (EPopup *ep,
+ return;
+ }
+
+- fprintf (file, ical_string);
++ fprintf (file, "%s", ical_string);
+ g_free (ical_string);
+ fclose (file);
+ }
diff -r b470231e7b50 -r c83a42cb7362 mail/evolution/patches/patch-ag
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/evolution/patches/patch-ag Wed Aug 24 10:59:12 2005 +0000
@@ -0,0 +1,31 @@
+$NetBSD: patch-ag,v 1.7 2005/08/24 10:59:12 adrianp Exp $
+
+--- addressbook/gui/widgets/eab-contact-display.c.orig 2005-04-28 10:23:01.000000000 +0100
++++ addressbook/gui/widgets/eab-contact-display.c
+@@ -353,7 +353,7 @@ render_contact (GtkHTMLStream *html_stre
+ accum_multival_attribute (accum, contact, _("Yahoo"), E_CONTACT_IM_YAHOO, YAHOO_ICON, 0);
+
+ if (accum->len > 0)
+- gtk_html_stream_printf (html_stream, accum->str);
++ gtk_html_stream_printf (html_stream, "%s", accum->str);
+
+ end_block (html_stream);
+
+@@ -368,7 +368,7 @@ render_contact (GtkHTMLStream *html_stre
+
+ if (accum->len > 0) {
+ start_block (html_stream, _("work"));
+- gtk_html_stream_printf (html_stream, accum->str);
++ gtk_html_stream_printf (html_stream, "%s", accum->str);
+ end_block (html_stream);
+ }
+
+@@ -383,7 +383,7 @@ render_contact (GtkHTMLStream *html_stre
+
+ if (accum->len > 0) {
+ start_block (html_stream, _("personal"));
+- gtk_html_stream_printf (html_stream, accum->str);
++ gtk_html_stream_printf (html_stream, "%s", accum->str);
+ end_block (html_stream);
+ }
+
Home |
Main Index |
Thread Index |
Old Index