Mailinglist Archive: opensuse-commit (1187 mails)

< Previous Next >
commit xine-lib
  • From: root@xxxxxxx (h_root)
  • Date: Thu, 20 Apr 2006 18:11:30 +0200 (CEST)
  • Message-id: <20060420161130.B40FD8BE9E@xxxxxxxxxxxxxxx>

Hello community,

here is the log from the commit of package xine-lib
checked in at Thu Apr 20 18:11:30 CEST 2006.

--------
--- xine-lib/xine-lib.changes 2006-04-11 11:32:23.000000000 +0200
+++ STABLE/xine-lib/xine-lib.changes 2006-04-20 17:46:03.000000000 +0200
@@ -1,0 +2,10 @@
+Thu Apr 20 17:45:27 CEST 2006 - mhopf@xxxxxxx
+
+- Security fix for #167276: http://open-security.org/advisories/16
+
+-------------------------------------------------------------------
+Thu Apr 20 14:16:16 CEST 2006 - meissner@xxxxxxx
+
+- Removed -U_FORTIFY_SOURCE. Verified xine --keymap working.
+
+-------------------------------------------------------------------

New:
----
xine-ui-playlist-security.diff

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ xine-lib.spec ++++++
--- /var/tmp/diff_new_pack.uaTDDa/_old 2006-04-20 18:11:09.000000000 +0200
+++ /var/tmp/diff_new_pack.uaTDDa/_new 2006-04-20 18:11:09.000000000 +0200
@@ -15,7 +15,7 @@
%define DISTRIBUTABLE 1
Summary: Video Player with Plug-Ins
Version: 1.1.1
-Release: 17
+Release: 20
%define libversion 1.1.1
%define uiversion 0.99.4
Obsoletes: xine
@@ -49,6 +49,7 @@
Patch103: xine-ui-fix-gcc-warnings.diff
Patch104: xine-ui-snapshot.diff
Patch105: xine-ui-sharedpixmap.diff
+Patch106: xine-ui-playlist-security.diff
URL: http://xine.sourceforge.net
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if %DISTRIBUTABLE
@@ -111,7 +112,7 @@
Group: Productivity/Multimedia/Video/Players
Provides: xine:/usr/bin/xine
Version: 0.99.4
-Release: 25
+Release: 28
Autoreqprov: on

%description -n xine-ui
@@ -187,6 +188,7 @@
%patch103 -p1
%patch104
%patch105 -p1
+%patch106
)
libtoolize --force
%if %suse_version > 820
@@ -199,7 +201,7 @@
autoconf

%build
-export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -U_FORTIFY_SOURCE"
+export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
./configure --prefix=/usr \
--libdir=%_libdir \
--mandir=%_mandir \
@@ -521,6 +523,10 @@
/usr/include/xine.h

%changelog -n xine-lib
+* Thu Apr 20 2006 - mhopf@xxxxxxx
+- Security fix for #167276: http://open-security.org/advisories/16
+* Thu Apr 20 2006 - meissner@xxxxxxx
+- Removed -U_FORTIFY_SOURCE. Verified xine --keymap working.
* Tue Apr 11 2006 - mhopf@xxxxxxx
- Security fix for http://www.xfocus.org/advisories/200603/11.html,
as far as xine is affected.



++++++ xine-ui-playlist-security.diff ++++++
Index: src/xitk/main.c
===================================================================
RCS file: /cvsroot/xine/xine-ui/src/xitk/main.c,v
retrieving revision 1.308
retrieving revision 1.309
diff -u -p -r1.308 -r1.309
--- src/xitk/main.c 24 Jul 2005 02:40:37 -0000 1.308
+++ src/xitk/main.c 1 Aug 2005 23:49:53 -0000 1.309
@@ -456,7 +456,7 @@ static void print_formatted(char *title,
int len;
char *blanks = " ";

- printf(title);
+ printf("%s", title);

sprintf(buffer, "%s", blanks);
plugin = *plugins++;
@@ -469,7 +469,7 @@ static void print_formatted(char *title,
sprintf(buffer, "%s%s%s", buffer, (strlen(buffer) == strlen(blanks)) ? "" : ", ", plugin);
}
else {
- printf(buffer);
+ printf("%s", buffer);
printf(",\n");
snprintf(buffer, sizeof(buffer), "%s%s", blanks, plugin);
}
@@ -478,7 +478,7 @@ static void print_formatted(char *title,
}

if(strlen(buffer))
- printf(buffer);
+ printf("%s", buffer);

printf(".\n\n");
}
Index: src/xitk/xine-toolkit/xitk.c
--- src/xitk/xine-toolkit/xitk.c 2005-05-21 00:02:05.000000000 +0200
+++ src/xitk/xine-toolkit/xitk.c 2006-02-20 12:10:58.000000000 +0100
@@ -1877,7 +1896,7 @@
sprintf(buffer, "%s%s", buffer, " ]-");

if(verbosity)
- printf(buffer);
+ printf("%s", buffer);

gXitk->wm_type = xitk_check_wm(display);

Index: src/xitk/main.c
===================================================================
RCS file: /cvsroot/xine/xine-ui/src/xitk/main.c,v
retrieving revision 1.311
diff -u -p -r1.311 main.c
--- src/xitk/main.c 24 Dec 2005 09:56:24 -0000 1.311
+++ src/xitk/main.c 20 Apr 2006 15:04:04 -0000
@@ -1219,7 +1219,7 @@ static void event_listener(void *user_da
}

if(strlen(buffer))
- report(buffer);
+ report("%s", buffer);

}
break;

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Remember to have fun...


< Previous Next >
This Thread