Hello community, here is the log from the commit of package lmms for openSUSE:Factory checked in at 2017-06-01 16:33:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/lmms (Old) and /work/SRC/openSUSE:Factory/.lmms.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "lmms" Thu Jun 1 16:33:24 2017 rev:24 rq:499910 version:1.1.3 Changes: -------- --- /work/SRC/openSUSE:Factory/lmms/lmms.changes 2017-04-06 11:02:19.674076742 +0200 +++ /work/SRC/openSUSE:Factory/.lmms.new/lmms.changes 2017-06-01 16:33:24.605402705 +0200 @@ -1,0 +2,5 @@ +Tue May 30 15:18:22 UTC 2017 - meissner@suse.com + +- lmms-fix.patch: Fixed potential 1 byte sprintf overflow. (bsc#1041293) + +------------------------------------------------------------------- New: ---- lmms-fix.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ lmms.spec ++++++ --- /var/tmp/diff_new_pack.bH4Xdj/_old 2017-06-01 16:33:25.457282534 +0200 +++ /var/tmp/diff_new_pack.bH4Xdj/_new 2017-06-01 16:33:25.461281970 +0200 @@ -1,7 +1,7 @@ # # spec file for package lmms # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -42,6 +42,7 @@ Patch6: lmms-code-indent.patch Patch7: lmms-code-min.patch Patch8: lmms-code-macro.patch +Patch9: lmms-fix.patch BuildRequires: cmake BuildRequires: desktop-file-utils @@ -115,6 +116,7 @@ %patch6 -p1 %patch7 -p1 %patch8 -p1 +%patch9 -p1 %build mkdir build ++++++ lmms-fix.patch ++++++ Index: lmms-1.1.3/plugins/flp_import/unrtf/convert.c =================================================================== --- lmms-1.1.3.orig/plugins/flp_import/unrtf/convert.c +++ lmms-1.1.3/plugins/flp_import/unrtf/convert.c @@ -1548,7 +1548,7 @@ cmd_ftech (Word *w, int align, char has_ static int cmd_expand (Word *w, int align, char has_param, int param) { - char str[10]; + char str[11]; if (has_param) { sprintf(str, "%d", param/4); if (!param) Index: lmms-1.1.3/plugins/LadspaEffect/swh/vynil_1905.c =================================================================== --- lmms-1.1.3.orig/plugins/LadspaEffect/swh/vynil_1905.c +++ lmms-1.1.3/plugins/LadspaEffect/swh/vynil_1905.c @@ -234,6 +234,9 @@ static LADSPA_Handle instantiateVynil( unsigned int i; unsigned int buffer_size; + click_buffer_omega.all = 0; + click_buffer_pos.all = 0; + fs = (float)s_rate; buffer_size = 4096; while (buffer_size < s_rate * BUF_LEN) {