Hello community, here is the log from the commit of package sax2 for openSUSE:Factory checked in at Wed Apr 7 21:10:07 CEST 2010. -------- --- sax2/sax2.changes 2010-03-27 13:31:32.000000000 +0100 +++ sax2/sax2.changes 2010-04-07 12:49:23.000000000 +0200 @@ -1,0 +2,5 @@ +Wed Apr 7 00:02:38 CEST 2010 - sndirsch@suse.de + +- likely fixed buffer overflow in sysp (bnc #586112) + +------------------------------------------------------------------- calling whatdependson for head-i586 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sax2.spec ++++++ --- /var/tmp/diff_new_pack.i7RvDp/_old 2010-04-07 21:09:23.000000000 +0200 +++ /var/tmp/diff_new_pack.i7RvDp/_new 2010-04-07 21:09:23.000000000 +0200 @@ -54,7 +54,7 @@ PreReq: /bin/rm /bin/mkdir /usr/bin/chroot %fillup_prereq %insserv_prereq Summary: SuSE advanced X Window System-configuration Version: 8.1 -Release: 590 +Release: 591 Group: System/X11/Utilities License: GPLv2+ Source: sax2.tar.bz2 ++++++ sax2.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sax/svnbuild new/sax/svnbuild --- old/sax/svnbuild 2010-03-27 13:34:09.000000000 +0100 +++ new/sax/svnbuild 2010-04-07 12:46:56.000000000 +0200 @@ -1 +1 @@ -1910 +1911 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/sax/sysp/lib/hw/monitor.c new/sax/sysp/lib/hw/monitor.c --- old/sax/sysp/lib/hw/monitor.c 2009-11-30 15:57:21.000000000 +0100 +++ new/sax/sysp/lib/hw/monitor.c 2010-04-07 00:01:18.000000000 +0200 @@ -170,8 +170,7 @@ //=================================== // Save Monitor DDC ID ... //----------------------------------- - sprintf(display->ddc,"%c",'\0'); - snprintf(display->ddc, strlen(display->ddc) - 1, "%s%04x", + snprintf(display->ddc, sizeof(display->ddc), "%s%04x", vend_id2str(hd->vendor.id),ID_VALUE(hd->device.id) ); toUpper (display->ddc); ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org