fix format-security issues
This commit is contained in:
parent
b615a74ea8
commit
683715a907
|
@ -0,0 +1,12 @@
|
||||||
|
diff -up snack2.2.10/generic/jkSoundFile.c.format-security snack2.2.10/generic/jkSoundFile.c
|
||||||
|
--- snack2.2.10/generic/jkSoundFile.c.format-security 2013-12-09 16:24:39.287083799 -0500
|
||||||
|
+++ snack2.2.10/generic/jkSoundFile.c 2013-12-09 16:26:03.693939137 -0500
|
||||||
|
@@ -2380,7 +2380,7 @@ PutCslHeader(Sound *s, Tcl_Interp *inter
|
||||||
|
sprintf(&buf[12], "HEDR");
|
||||||
|
PutLELong(buf, 16, 32);
|
||||||
|
Tcl_GlobalEvalObj(s->interp, Tcl_NewStringObj(CSL_DATECOMMAND, -1));
|
||||||
|
- sprintf(&buf[20], Tcl_GetStringResult(s->interp));
|
||||||
|
+ sprintf(&buf[20], "%s", Tcl_GetStringResult(s->interp));
|
||||||
|
|
||||||
|
PutLELong(buf, 40, s->samprate);
|
||||||
|
PutLELong(buf, 44, s->length);
|
|
@ -9,7 +9,7 @@
|
||||||
|
|
||||||
Name: tcl-%{realname}
|
Name: tcl-%{realname}
|
||||||
Version: 2.2.10
|
Version: 2.2.10
|
||||||
Release: 20%{?dist}
|
Release: 21%{?dist}
|
||||||
Summary: Sound toolkit
|
Summary: Sound toolkit
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
# generic/snackDecls.h, generic/snackStubInit.c and generic/snackStubLib.c
|
# generic/snackDecls.h, generic/snackStubInit.c and generic/snackStubLib.c
|
||||||
|
@ -32,6 +32,7 @@ Patch1: snack2.2.10-extracflags.patch
|
||||||
Patch2: snack2.2.10-shared-stubs.patch
|
Patch2: snack2.2.10-shared-stubs.patch
|
||||||
Patch3: snack2.2.10-newALSA.patch
|
Patch3: snack2.2.10-newALSA.patch
|
||||||
Patch4: tcl-snack-2.2.10-CVE-2012-6303-fix.patch
|
Patch4: tcl-snack-2.2.10-CVE-2012-6303-fix.patch
|
||||||
|
Patch5: snack2.2.10-format-security.patch
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||||
BuildRequires: tcl-devel, tk-devel, libogg-devel, libvorbis-devel
|
BuildRequires: tcl-devel, tk-devel, libogg-devel, libvorbis-devel
|
||||||
BuildRequires: libXft-devel
|
BuildRequires: libXft-devel
|
||||||
|
@ -79,6 +80,7 @@ Tkinter are also required to use Snack.
|
||||||
%patch2 -p1 -b .shared-stubs
|
%patch2 -p1 -b .shared-stubs
|
||||||
%patch3 -p1 -b .newALSA
|
%patch3 -p1 -b .newALSA
|
||||||
%patch4 -p1 -b .CVE20126303
|
%patch4 -p1 -b .CVE20126303
|
||||||
|
%patch5 -p1 -b .format-security
|
||||||
cp %{SOURCE1} .
|
cp %{SOURCE1} .
|
||||||
chmod -x generic/*.c generic/*.h unix/*.c COPYING README demos/python/*
|
chmod -x generic/*.c generic/*.h unix/*.c COPYING README demos/python/*
|
||||||
iconv -f iso-8859-1 -t utf-8 -o README{.utf8,}
|
iconv -f iso-8859-1 -t utf-8 -o README{.utf8,}
|
||||||
|
@ -135,6 +137,9 @@ rm -rf %{buildroot}
|
||||||
%{python_sitelib}/tkSnack*
|
%{python_sitelib}/tkSnack*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Dec 9 2013 Tom Callaway <spot@fedoraproject.org> - 2.2.10-21
|
||||||
|
- fix format-security issues
|
||||||
|
|
||||||
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.10-20
|
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.10-20
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue