Hello community, here is the log from the commit of package sblim-cmpi-boot_control_profile for openSUSE:Factory checked in at Wed Mar 17 17:24:51 CET 2010. -------- --- sblim-cmpi-boot_control_profile/sblim-cmpi-boot_control_profile.changes 2009-04-15 22:14:22.000000000 +0200 +++ sblim-cmpi-boot_control_profile/sblim-cmpi-boot_control_profile.changes 2010-03-16 22:37:05.000000000 +0100 @@ -1,0 +2,5 @@ +Tue Mar 16 21:36:50 UTC 2010 - aj@suse.de + +- Fix bufferoverflow. + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- sblim-overflow.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sblim-cmpi-boot_control_profile.spec ++++++ --- /var/tmp/diff_new_pack.OMpatb/_old 2010-03-17 17:23:02.000000000 +0100 +++ /var/tmp/diff_new_pack.OMpatb/_new 2010-03-17 17:23:02.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package sblim-cmpi-boot_control_profile (Version 1.0.0) # -# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -21,12 +21,13 @@ Name: sblim-cmpi-boot_control_profile BuildRequires: konkretcmpi sblim-cmpi-base sblim-cmpi-devel sblim-cmpiutil-devel sblim-sfcb Url: http://www.omc-project.org -Summary: Instrumentation for DMTF Boot Control Profile. +Summary: Instrumentation for DMTF Boot Control Profile Version: 1.0.0 -Release: 4 -License: Other uncritical OpenSource License; EPL 1.0 +Release: 5 +License: Other uncritical OpenSource License ; EPL 1.0 Group: System/Management Source: %{name}-%{version}.tar.gz +Patch1: sblim-overflow.patch #PreReq: /usr/sbin/provider-register.sh BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: sblim-sfcb sblim-cmpi-base @@ -45,9 +46,9 @@ %prep %setup -q +%patch1 -p0 %build -autoreconf --force --install CFLAGS="$RPM_OPT_FLAGS -fstack-protector" \ CXXFLAGS="$RPM_OPT_FLAGS -fstack-protector" \ %configure --disable-static --with-pic ++++++ sblim-overflow.patch ++++++ Index: src/Resource.c =================================================================== --- src/Resource.c.orig +++ src/Resource.c @@ -98,7 +98,7 @@ int LoadGrubMenu(const char* path, struc { item = &menu->items[menu->numItems]; item->title[0] = '\0'; - strncat(item->title, p + 6, sizeof(item->title)); + strncat(item->title, p + 6, sizeof(item->title)-1); menu->numItems++; } else if (strncmp(p, "root", 4) == 0 && isspace(p[4])) @@ -112,7 +112,7 @@ int LoadGrubMenu(const char* path, struc item = &menu->items[menu->numItems-1]; item->root[0] = '\0'; - strncat(item->root, p + 5, sizeof(item->root)); + strncat(item->root, p + 5, sizeof(item->root)-1); } else if (strncmp(p, "kernel", 6) == 0 && isspace(p[6])) { @@ -125,7 +125,7 @@ int LoadGrubMenu(const char* path, struc item = &menu->items[menu->numItems-1]; item->kernel[0] = '\0'; - strncat(item->kernel, p + 7, sizeof(item->kernel)); + strncat(item->kernel, p + 7, sizeof(item->kernel)-1); } else if (strncmp(p, "initrd", 6) == 0 && isspace(p[6])) { @@ -138,7 +138,7 @@ int LoadGrubMenu(const char* path, struc item = &menu->items[menu->numItems-1]; item->initrd[0] = '\0'; - strncat(item->initrd, p + 7, sizeof(item->initrd)); + strncat(item->initrd, p + 7, sizeof(item->initrd)-1); } else if (strncmp(p, "rootnoverify", 12) == 0 && isspace(p[12])) { @@ -151,7 +151,7 @@ int LoadGrubMenu(const char* path, struc item = &menu->items[menu->numItems-1]; item->rootnoverify[0] = '\0'; - strncat(item->rootnoverify, p + 13, sizeof(item->rootnoverify)); + strncat(item->rootnoverify, p + 13, sizeof(item->rootnoverify)-1); } else if (strncmp(p, "chainloader", 11) == 0 && isspace(p[11])) { @@ -164,7 +164,7 @@ int LoadGrubMenu(const char* path, struc item = &menu->items[menu->numItems-1]; item->chainloader[0] = '\0'; - strncat(item->chainloader, p + 12, sizeof(item->chainloader)); + strncat(item->chainloader, p + 12, sizeof(item->chainloader)-1); } } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org