Hello community, here is the log from the commit of package brasero checked in at Fri Jan 25 16:28:00 CET 2008. -------- --- GNOME/brasero/brasero.changes 2007-12-18 19:34:22.000000000 +0100 +++ /mounts/work_src_done/STABLE/brasero/brasero.changes 2008-01-25 08:42:02.000000000 +0100 @@ -1,0 +2,7 @@ +Fri Jan 25 08:37:19 CET 2008 - aj@suse.de + +- Fix open call. +- Fix buffer overflow. +- Use -fno-strict-aliasing. + +------------------------------------------------------------------- New: ---- brasero-0.6.90.dif ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ brasero.spec ++++++ --- /var/tmp/diff_new_pack.H13959/_old 2008-01-25 16:27:32.000000000 +0100 +++ /var/tmp/diff_new_pack.H13959/_new 2008-01-25 16:27:32.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package brasero (Version 0.6.90) # -# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine # package are under the same license as the package itself. # @@ -12,13 +12,14 @@ Name: brasero Version: 0.6.90 -Release: 1 +Release: 18 License: GPL v2 or later Group: Productivity/Multimedia/CD/Record Summary: CD/DVD burning application for GNOME Url: http://gnome.org/projects/brasero Source: %{name}-%{version}.tar.bz2 Patch: fix-desktop-file.diff +Patch1: brasero-0.6.90.dif AutoReqProv: on PreReq: filesystem gconf2 BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -47,9 +48,10 @@ %prep %setup -q %patch +%patch1 %build -export CFLAGS="$RPM_OPT_FLAGS -fstack-protector" +export CFLAGS="$RPM_OPT_FLAGS -fstack-protector -fno-strict-aliasing" %configure \ --enable-libnotify \ --enable-search \ @@ -113,7 +115,11 @@ %files lang -f %{name}.lang %changelog -* Tue Dec 18 2007 - abockover@suse.de +* Fri Jan 25 2008 aj@suse.de +- Fix open call. +- Fix buffer overflow. +- Use -fno-strict-aliasing. +* Tue Dec 18 2007 abockover@suse.de - Updated to 0.6.90 release * Burning backends are now plugins * Enable/Disable backends via gconf and plugin UI @@ -122,12 +128,12 @@ * GNOME Power Manager support for inhibit when burning CDs * Updates and fixes in the libburn backend * Many bugs fixed in bugzilla -* Tue Sep 11 2007 - cthiel@suse.de +* Tue Sep 11 2007 cthiel@suse.de - proper obsoltes/provides to gnomebaker -* Mon Sep 10 2007 - cthiel@suse.de +* Mon Sep 10 2007 cthiel@suse.de - fix Obsoletes: gnomebaker <= 0.6.1 -* Sat Sep 01 2007 - stbinner@suse.de +* Sat Sep 01 2007 stbinner@suse.de - fix Name of .desktop file by moving description to GenericName -* Fri Aug 31 2007 - abockover@suse.de +* Fri Aug 31 2007 abockover@suse.de - Initial package for Brasero 0.6.1 - Package added to 10.3 in response to BNC #302492 ++++++ brasero-0.6.90.dif ++++++ --- src/plugins/local-track/burn-local-image.c +++ src/plugins/local-track/burn-local-image.c @@ -126,7 +126,7 @@ gint bytes; FILE *file; gchar *path; - gchar checksum [33]; + gchar checksum [34]; BraseroTrack *track; BraseroLocalTrackPrivate *priv; @@ -140,13 +140,13 @@ if (!file) return BRASERO_BURN_ERR; - bytes = fread (checksum, 1, sizeof (checksum) - 1, file); + bytes = fread (checksum, 1, sizeof (checksum) - 2, file); fclose (file); - if (bytes != sizeof (checksum) - 1) + if (bytes != sizeof (checksum) - 2) return BRASERO_BURN_ERR; - checksum [sizeof (checksum)] = '\0'; + checksum [sizeof (checksum) - 1] = '\0'; brasero_job_get_current_track (BRASERO_JOB (self), &track); brasero_track_set_checksum (track, --- src/plugins/transcode/burn-transcode.c +++ src/plugins/transcode/burn-transcode.c @@ -922,7 +922,7 @@ output = NULL; brasero_job_get_audio_output (BRASERO_JOB (transcode), &output); - fd = open (output, O_WRONLY | O_CREAT | O_APPEND); + fd = open (output, O_WRONLY | O_CREAT | O_APPEND, 0600); g_free (output); if (fd == -1) { ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org