Hello community, here is the log from the commit of package gnushogi checked in at Wed Oct 8 11:44:23 CEST 2008. -------- --- gnushogi/gnushogi.changes 2007-03-30 02:06:50.000000000 +0200 +++ /mounts/work_src_done/STABLE/gnushogi/gnushogi.changes 2008-10-08 04:48:03.000000000 +0200 @@ -1,0 +2,5 @@ +Wed Oct 8 04:47:52 CEST 2008 - crrodriguez@suse.de + +- fix buffer overflow + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- gnushogi-1.3-destbufferoverflow.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnushogi.spec ++++++ --- /var/tmp/diff_new_pack.a22695/_old 2008-10-08 11:44:01.000000000 +0200 +++ /var/tmp/diff_new_pack.a22695/_new 2008-10-08 11:44:01.000000000 +0200 @@ -1,27 +1,35 @@ # # spec file for package gnushogi (Version 1.3) # -# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. -# This file and all modifications and additions to the pristine -# package are under the same license as the package itself. +# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild + Name: gnushogi BuildRequires: bison flex ncurses-devel xorg-x11 xorg-x11-devel -License: GNU General Public License (GPL) +License: GPL v2 or later Group: Amusements/Games/Board/Chess Provides: gshogi xshogi Obsoletes: gshogi xshogi PreReq: %install_info_prereq -Autoreqprov: on +AutoReqProv: on Version: 1.3 -Release: 429 +Release: 584 Summary: Japanese Version of Chess -URL: ftp://ftp.gnu.org/pub/gnu/gnushogi/ +Url: ftp://ftp.gnu.org/pub/gnu/gnushogi/ Source: gnushogi-%{version}.tar.bz2 Patch0: gnushogi-%{version}-prototypes.patch Patch1: gnushogi-%{version}-fsigned-char.patch @@ -32,6 +40,7 @@ Patch6: gnushogi-%{version}-gcc4.1fix.patch Patch7: gnushogi-%{version}-strip.patch Patch8: gnushogi-%{version}-array.patch +Patch9: gnushogi-1.3-destbufferoverflow.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -57,16 +66,14 @@ %patch6 %patch7 %patch8 +%patch9 %build %{suse_update_config -f} -autoreconf -f -i +autoreconf -f -i -v export CFLAGS="$RPM_OPT_FLAGS -I." export CXXFLAGS="$RPM_OPT_FLAGS -I." -./configure --mandir=%{_mandir} \ - --prefix=%{_prefix} \ - --infodir=%{_infodir} -rm -rf $RPM_BUILD_ROOT +%configure make LCURSES=-lncurses make -C doc info @@ -91,50 +98,52 @@ %doc doc/BOOKFILES ChangeLog CONTRIB COPYING NEWS README doc/shogi.rules doc/tutorial1.gam doc/tutorial2.gam %changelog -* Fri Mar 30 2007 - ro@suse.de +* Wed Oct 08 2008 crrodriguez@suse.de +- fix buffer overflow +* Fri Mar 30 2007 ro@suse.de - added ncurses-devel,flex,bison to buildreq -* Tue Feb 13 2007 - anicka@suse.cz +* Tue Feb 13 2007 anicka@suse.cz - fix [#243009], array subscript is above array bounds (-array.patch) -* Fri May 26 2006 - schwab@suse.de +* Fri May 26 2006 schwab@suse.de - Don't strip binaries. -* Wed Jan 25 2006 - mls@suse.de +* Wed Jan 25 2006 mls@suse.de - converted neededforbuild to BuildRequires -* Wed Dec 07 2005 - anicka@suse.cz +* Wed Dec 07 2005 anicka@suse.cz - fix uninitialized variables in genmove.c - fix for gcc 4. (bug #136790) -* Tue Jun 28 2005 - anicka@suse.cz +* Tue Jun 28 2005 anicka@suse.cz - compile without -fsigned-char - split patches into tematic files -* Thu Apr 14 2005 - mcihar@suse.cz +* Thu Apr 14 2005 mcihar@suse.cz - fix compilation -* Sun Jan 11 2004 - adrian@suse.de +* Sun Jan 11 2004 adrian@suse.de - add %%defattr -* Thu Apr 24 2003 - ro@suse.de +* Thu Apr 24 2003 ro@suse.de - fix install_info --delete call and move from preun to postun -* Mon Mar 03 2003 - ro@suse.de +* Mon Mar 03 2003 ro@suse.de - add info dir entry -* Mon Feb 10 2003 - mcihar@suse.cz +* Mon Feb 10 2003 mcihar@suse.cz - used %%install_info macro (fixes bug #23418) -* Mon Dec 02 2002 - ro@suse.de +* Mon Dec 02 2002 ro@suse.de - include errno.h where needed -* Wed Jun 12 2002 - mcihar@suse.cz +* Wed Jun 12 2002 mcihar@suse.cz - updated to 1.3: * gnushogi is now only one executable. * Merged xshogi into the gnushogi source tree. * Added texinfo documentation. - merged with xshogi -* Mon Mar 12 2001 - schwab@suse.de +* Mon Mar 12 2001 schwab@suse.de - Fix missing include. -* Wed Nov 29 2000 - vinil@suse.cz +* Wed Nov 29 2000 vinil@suse.cz - renamed from gshogi to gnushogi - source bzip2ed -* Tue May 23 2000 - vinil@suse.cz +* Tue May 23 2000 vinil@suse.cz - /usr/share/doc path fixed -* Tue Apr 18 2000 - vinil@suse.cz +* Tue Apr 18 2000 vinil@suse.cz - buildroot added - some docs included -* Thu Jan 20 2000 - ro@suse.de +* Thu Jan 20 2000 ro@suse.de - specfile cleanup -* Mon Sep 13 1999 - bs@suse.de +* Mon Sep 13 1999 bs@suse.de - ran old prepare_spec on spec file to switch to new prepare_spec. ++++++ gnushogi-1.3-destbufferoverflow.patch ++++++ Index: gnushogi/commondsp.c =================================================================== --- gnushogi/commondsp.c.orig 2002-04-26 17:42:22.000000000 +0200 +++ gnushogi/commondsp.c 2008-10-08 04:42:08.000000000 +0200 @@ -1737,7 +1737,7 @@ InputCommand(char *command) s[0] = sx[0] = '\0'; while(!sx[0]) - (void)fgets(sx, 256, stdin); + (void)fgets(sx, 80, stdin); } else { ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org