Hello community, here is the log from the commit of package iscan-free checked in at Wed Jun 28 18:50:18 CEST 2006. -------- --- iscan-free/iscan-free.changes 2006-06-26 15:47:29.000000000 +0200 +++ iscan-free/iscan-free.changes 2006-06-28 12:07:04.000000000 +0200 @@ -1,0 +2,6 @@ +Wed Jun 28 12:06:03 CEST 2006 - jsmeix@suse.de + +- fix-buffer-overflow.patch fixes a too small char array + which causes a buffer overflow if SANE_DEBUG_EPKOWA is set. + +------------------------------------------------------------------- New: ---- fix-buffer-overflow.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ iscan-free.spec ++++++ --- /var/tmp/diff_new_pack.9byweS/_old 2006-06-28 18:50:08.000000000 +0200 +++ /var/tmp/diff_new_pack.9byweS/_new 2006-06-28 18:50:08.000000000 +0200 @@ -36,11 +36,13 @@ Source1: README # Patch1 adds forward declarations of friend functions: Patch1: fix-friend-declaration.diff +# Patch2 fixes a too small char array which causes a buffer overflow if SANE_DEBUG_EPKOWA is set: +Patch2: fix-buffer-overflow.patch # Patch10 changes the "sane-epkowa" man page so that the no longer supported models are removed: Patch10: adapt-man-for-free.patch # Have Epson Avasys' release number at the end of the SUSE package Version: Version: 2.1.0.1 -Release: 1 +Release: 2 # See the post and triggerin sections what is pre-required: PreReq: coreutils, /bin/grep, /bin/sed Requires: sane @@ -63,6 +65,8 @@ cp %{SOURCE1} . # Add forward declarations of friend functions: %patch1 +# Patch2 fixes a too small char array which causes a buffer overflow if SANE_DEBUG_EPKOWA is set: +%patch2 # Remove the no longer supported models from the man page: %patch10 # Distinguish the no longer supported models in the description file @@ -231,6 +235,9 @@ %changelog -n iscan-free +* Wed Jun 28 2006 - jsmeix@suse.de +- fix-buffer-overflow.patch fixes a too small char array + which causes a buffer overflow if SANE_DEBUG_EPKOWA is set. * Mon Jun 26 2006 - jsmeix@suse.de - Updated to version 2.1.0-1 (results package version 2.1.0.1): The disable-nonfree.patch is no longer needed because the ++++++ fix-buffer-overflow.patch ++++++ --- backend/epkowa.c.orig 2006-06-28 11:56:49.000000000 +0200 +++ backend/epkowa.c 2006-06-28 11:58:22.000000000 +0200 @@ -1847,7 +1847,7 @@ { for (i = 0; i < 256; i += 16) { - char gammaValues[16 * 3 + 1], newValue[3]; + char gammaValues[16 * 3 + 1], newValue[4]; gammaValues[0] = '\0'; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit-unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit-help@opensuse.org