Package: xine-ui Version: 0.99.3-1.3 Severity: serious Posted to xine-devel by Diego Pettenó <[EMAIL PROTECTED]>:
: Seems like there's disclosure of a vulnerability in latest released xine-ui : (0.99.4) at http://www.open-security.org/advisories/16 . The code that's : there referred to is already fixed in current CVS since last August, I'm : re-attaching the patch I submitted that time for who wants to fix this : independently from a new release. The patch (attached) is not present in 0.99.3-1.3. -- | Darren Salt | linux or ds at | nr. Ashington, | Toon | RISC OS, Linux | youmustbejoking,demon,co,uk | Northumberland | Army | + Travel less. Share transport more. PRODUCE LESS CARBON DIOXIDE. If you think this tagline is confusing, then change one pig.
Index: xine-ui-0.99.4/src/xitk/main.c =================================================================== --- xine-ui-0.99.4.orig/src/xitk/main.c +++ xine-ui-0.99.4/src/xitk/main.c @@ -456,7 +456,7 @@ static void print_formatted(char *title, int len; char *blanks = " "; - printf(title); + printf("%s", title); sprintf(buffer, "%s", blanks); plugin = *plugins++; @@ -469,7 +469,7 @@ static void print_formatted(char *title, sprintf(buffer, "%s%s%s", buffer, (strlen(buffer) == strlen(blanks)) ? "" : ", ", plugin); } else { - printf(buffer); + printf("%s", buffer); printf(",\n"); snprintf(buffer, sizeof(buffer), "%s%s", blanks, plugin); } @@ -478,7 +478,7 @@ static void print_formatted(char *title, } if(strlen(buffer)) - printf(buffer); + printf("%s", buffer); printf(".\n\n"); } Index: xine-ui-0.99.4/src/xitk/xine-toolkit/xitk.c =================================================================== --- xine-ui-0.99.4.orig/src/xitk/xine-toolkit/xitk.c +++ xine-ui-0.99.4/src/xitk/xine-toolkit/xitk.c @@ -1875,7 +1875,7 @@ void xitk_init(Display *display, XColor sprintf(buffer, "%s%s", buffer, " ]-"); if(verbosity) - printf(buffer); + printf("%s", buffer); gXitk->wm_type = xitk_check_wm(display);