Hello community, here is the log from the commit of package gftp checked in at Thu Dec 21 19:42:16 CET 2006. -------- --- GNOME/gftp/gftp.changes 2006-12-18 18:25:15.000000000 +0100 +++ /mounts/work_src_done/STABLE/gftp/gftp.changes 2006-12-21 17:07:47.000000000 +0100 @@ -1,0 +2,5 @@ +Thu Dec 21 17:07:29 CET 2006 - maw@suse.de + +- Fix a potential buffer overflow bug (strncat.patch). + +------------------------------------------------------------------- New: ---- strncat.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gftp.spec ++++++ --- /var/tmp/diff_new_pack.cRILEc/_old 2006-12-21 19:42:00.000000000 +0100 +++ /var/tmp/diff_new_pack.cRILEc/_new 2006-12-21 19:42:00.000000000 +0100 @@ -16,7 +16,7 @@ Group: Productivity/Networking/Ftp/Clients Autoreqprov: on Version: 2.0.18 -Release: 49 +Release: 50 Source0: gftp-%{version}.tar.bz2 URL: http://gftp.seul.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -24,6 +24,7 @@ Patch1: gftp-show-busy-cursor.patch Patch2: %{name}-%{version}-overflow.patch Patch3: gedit-tmp-file-deletion.patch +Patch4: strncat.patch %description GFTP is a multithreaded FTP client for X11 written using Gtk. It has @@ -44,6 +45,7 @@ %patch1 %patch2 %patch3 +%patch4 %build rename no nb po/no.* @@ -78,6 +80,8 @@ /opt/gnome/share/pixmaps/*.png %changelog -n gftp +* Thu Dec 21 2006 - maw@suse.de +- Fix a potential buffer overflow bug (strncat.patch). * Mon Dec 18 2006 - maw@suse.de - Make gftp find its license (#227368) * Thu May 18 2006 - sreeves@suse.de ++++++ strncat.patch ++++++ --- src/uicommon/gftpui.c 2005-01-25 03:34:19.000000000 +0100 +++ src/uicommon/gftpui.c.new 2006-12-21 17:05:54.448967000 +0100 @@ -847,7 +847,8 @@ g_snprintf (cmdstr, sizeof (cmdstr), "%-10s", gftpui_common_commands[ele].command); - strncat (commands, cmdstr, sizeof (commands)); + strncat (commands, cmdstr, + sizeof (commands) - strlen (commands) - 1); } gftpui_common_logfunc (gftp_logging_misc_nolog, request, "%s\n", commands); ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org