diff -u plib-1.8.5/debian/control plib-1.8.5/debian/control --- plib-1.8.5/debian/control +++ plib-1.8.5/debian/control @@ -1,7 +1,7 @@ Source: plib Section: devel Priority: extra -Maintainer: Bradley Smith +Maintainer: Debian QA Group Standards-Version: 3.8.1 Build-Depends: libgl1-mesa-dev | libgl-dev, freeglut3-dev, libx11-dev, libxmu-dev, debhelper (>= 7), libxi-dev, quilt, autoconf, automake, libtool Homepage: http://plib.sourceforge.net/ diff -u plib-1.8.5/debian/changelog plib-1.8.5/debian/changelog --- plib-1.8.5/debian/changelog +++ plib-1.8.5/debian/changelog @@ -1,3 +1,10 @@ +plib (1.8.5-6) unstable; urgency=low + + * QA upload. + * Apply patch to fix CVE-2012-4552 by Hans de Goede (Closes: #694810). + + -- Michael Stapelberg Tue, 04 Dec 2012 20:06:46 +0100 + plib (1.8.5-5.2) unstable; urgency=low * Non-maintainer upload. diff -u plib-1.8.5/debian/patches/series plib-1.8.5/debian/patches/series --- plib-1.8.5/debian/patches/series +++ plib-1.8.5/debian/patches/series @@ -5,0 +6 @@ +05_CVE-2012-4552.diff only in patch2: unchanged: --- plib-1.8.5.orig/debian/patches/05_CVE-2012-4552.diff +++ plib-1.8.5/debian/patches/05_CVE-2012-4552.diff @@ -0,0 +1,55 @@ +diff -up plib-1.8.5/src/ssg/ssgParser.cxx~ plib-1.8.5/src/ssg/ssgParser.cxx +--- plib-1.8.5/src/ssg/ssgParser.cxx~ 2008-03-11 03:06:23.000000000 +0100 ++++ plib-1.8.5/src/ssg/ssgParser.cxx 2012-11-01 15:33:12.424483374 +0100 +@@ -57,18 +57,16 @@ void _ssgParser::error( const char *form + char msgbuff[ 255 ]; + va_list argp; + +- char* msgptr = msgbuff; +- if (linenum) +- { +- msgptr += sprintf ( msgptr,"%s, line %d: ", +- path, linenum ); +- } +- + va_start( argp, format ); +- vsprintf( msgptr, format, argp ); ++ vsnprintf( msgbuff, sizeof(msgbuff), format, argp ); + va_end( argp ); + +- ulSetError ( UL_WARNING, "%s", msgbuff ) ; ++ if (linenum) ++ { ++ ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ; ++ } else { ++ ulSetError ( UL_WARNING, "%s", msgbuff ) ; ++ } + } + + +@@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo + char msgbuff[ 255 ]; + va_list argp; + +- char* msgptr = msgbuff; +- if (linenum) +- { +- msgptr += sprintf ( msgptr,"%s, line %d: ", +- path, linenum ); +- } +- + va_start( argp, format ); +- vsprintf( msgptr, format, argp ); ++ vsnprintf( msgbuff, sizeof(msgbuff), format, argp ); + va_end( argp ); + +- ulSetError ( UL_DEBUG, "%s", msgbuff ) ; ++ if (linenum) ++ { ++ ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ; ++ } else { ++ ulSetError ( UL_DEBUG, "%s", msgbuff ) ; ++ } + } + + // Opens the file and does a few internal calculations based on the spec.