Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Please unblock package swath It fixes potential security hole. (Security team has been contacted for stable version fix.) The debdiff has been attached for your review. unblock swath/0.4.3-3 -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=th_TH.utf8, LC_CTYPE=th_TH.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
diff -Nru swath-0.4.3/debian/changelog swath-0.4.3/debian/changelog --- swath-0.4.3/debian/changelog 2012-08-10 17:54:12.000000000 +0700 +++ swath-0.4.3/debian/changelog 2013-01-16 22:42:14.000000000 +0700 @@ -1,3 +1,12 @@ +swath (0.4.3-3) unstable; urgency=medium + + * Urgency medium for security fix. + * debian/patches/01_buffer-overflow.patch: backport patch from upstream + to fix potential buffer overflow in Mule mode. + Thanks Dominik Maier for the report. (Closes: #698189) + + -- Theppitak Karoonboonyanan <t...@debian.org> Wed, 16 Jan 2013 22:34:04 +0700 + swath (0.4.3-2) unstable; urgency=low * Build with xz compression. diff -Nru swath-0.4.3/debian/patches/01_buffer-overflow.patch swath-0.4.3/debian/patches/01_buffer-overflow.patch --- swath-0.4.3/debian/patches/01_buffer-overflow.patch 1970-01-01 07:00:00.000000000 +0700 +++ swath-0.4.3/debian/patches/01_buffer-overflow.patch 2013-01-16 22:42:14.000000000 +0700 @@ -0,0 +1,22 @@ +Author: Theppitak Karoonboonyanan <t...@linux.thai.net> +Description: Fix potential buffer overflow +Origin: backport, http://linux.thai.net/websvn/wsvn/software.swath/trunk?op=revision&rev=238&peg=238 +Bug-Debian: http://bugs.debian.org/698189 + +Index: swath/src/wordseg.cpp +=================================================================== +--- swath.orig/src/wordseg.cpp 2012-02-08 15:45:57.893937559 +0700 ++++ swath/src/wordseg.cpp 2013-01-16 22:08:29.341085326 +0700 +@@ -282,11 +282,7 @@ + } + else + { +- char stopstr[20]; +- if (muleMode) +- strcpy (stopstr, wbr); +- else +- stopstr[0] = '\0'; ++ const char *stopstr = muleMode ? wbr : ""; + for (;;) + { // read until end of file. + if (mode == 0) diff -Nru swath-0.4.3/debian/patches/series swath-0.4.3/debian/patches/series --- swath-0.4.3/debian/patches/series 1970-01-01 07:00:00.000000000 +0700 +++ swath-0.4.3/debian/patches/series 2013-01-16 22:42:14.000000000 +0700 @@ -0,0 +1 @@ +01_buffer-overflow.patch