Hello community, here is the log from the commit of package gv checked in at Thu Dec 7 20:23:43 CET 2006. -------- --- gv/gv.changes 2006-11-09 18:46:38.000000000 +0100 +++ /mounts/work_src_done/STABLE/gv/gv.changes 2006-11-17 13:00:41.000000000 +0100 @@ -1,0 +2,5 @@ +Wed Nov 17 13:00:41 CET 2006 - werner@suse.de + +- Corrected version of last fix (bug #219454) + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gv.spec ++++++ --- /var/tmp/diff_new_pack.Ar2EPm/_old 2006-12-07 20:23:08.000000000 +0100 +++ /var/tmp/diff_new_pack.Ar2EPm/_new 2006-12-07 20:23:08.000000000 +0100 @@ -12,7 +12,7 @@ Name: gv BuildRequires: desktop-data-SuSE update-desktop-files xaw3d xorg-x11 xorg-x11-devel -License: GNU General Public License (GPL) - all versions +License: GNU General Public License (GPL) Group: Productivity/Publishing/PS Requires: ghostscript_x11 Conflicts: gs_serv gs_vga @@ -23,7 +23,7 @@ URL: http://wwwthep.physik.uni-mainz.de/~plass/gv/ Summary: A Program to View PostScript Files Version: 3.5.8 -Release: 1177 +Release: 1186 Source0: gv-3.5.8.tar.bz2 Patch0: gv-3.5.8-deb.patch Patch1: gv-3.5.8.dif @@ -143,6 +143,8 @@ %dir %{_defaultdocdir}/gv/ %changelog -n gv +* Fri Nov 17 2006 - werner@suse.de +- Corrected version of last fix (bug #219454) * Thu Nov 09 2006 - werner@suse.de - Avoid buffer overflow in gv gettext() (bug #219454) * Thu Aug 24 2006 - werner@suse.de ++++++ gv-3.5.8-sec2.patch ++++++ --- /var/tmp/diff_new_pack.Ar2EPm/_old 2006-12-07 20:23:08.000000000 +0100 +++ /var/tmp/diff_new_pack.Ar2EPm/_new 2006-12-07 20:23:08.000000000 +0100 @@ -1,22 +1,26 @@ ---- source/ps.c.sec2 2006-11-09 17:31:34.000000000 +0000 +--- source/ps.c +++ source/ps.c 2006-11-09 17:37:07.000000000 +0000 -@@ -1423,6 +1423,8 @@ +@@ -1423,6 +1423,10 @@ quoted=1; line++; while (*line && !(*line == ')' && level == 0 )) { -+ if (cp - text >= PSLINELENGTH - 2) -+ break; ++ if (cp - text >= PSLINELENGTH - 2) { ++ ENDMESSAGE(gettext) ++ return NULL; ++ } if (*line == '\\') { if (*(line+1) == 'n') { *cp++ = '\n'; -@@ -1477,8 +1479,11 @@ +@@ -1477,8 +1481,13 @@ } } } else { - while (*line && !(*line == ' ' || *line == '\t' || *line == '\n')) + while (*line && !(*line == ' ' || *line == '\t' || *line == '\n')) { -+ if (cp - text >= PSLINELENGTH - 2) -+ break; ++ if (cp - text >= PSLINELENGTH - 2) { ++ ENDMESSAGE(gettext) ++ return NULL; ++ } *cp++ = *line++; + } } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org