Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Please unblock package openmotif Openmotif 2.3.3-7 is an update to 2.3.3-5 to allow two release goals: - - code hardening - - multi-arch and a fix for policy violation 6.8: - - openmotif leaves files behind after purge. debdiff is attached. unblock openmotif/2.3.3-7 - -- System Information: Debian Release: 7.0 APT prefers testing APT policy: (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBCAAGBQJQ/avbAAoJEJxcmesFvXUKXeIH/0X3UNM2B5thrwhWB96itng9 f6/ZHtzGc6lfaCO2DbsEuWU7fLHipumecc9R/oeEFwAoMsVtz96tbn0eVGzJiIEw 5/gOmSDmXopO/aRgop2ycbWyrMXRMpA7VvHRaUPc1o5/PA7dD9vRYiIqs8AWq+Wu Nvx/ru9sS/tEgh3XQ0rTij3MFlCr71Zy7rJUKasP7hnMT8M4uoSv1hwytKd/bTMs O539WEG2YCzz0V7roM9tpZkMUHXR4WqYDUcYSvckU/+lFYzWfTSBzzxjcnxO6b2t FdF+NVXvn4w4DWHmPN2frA8qkkyieTHAarurMg0V/3JoFP3xBgTlCu8z/vT7Mtk= =CIpm -----END PGP SIGNATURE-----
diff -u openmotif-2.3.3/debian/changelog openmotif-2.3.3/debian/changelog --- openmotif-2.3.3/debian/changelog +++ openmotif-2.3.3/debian/changelog @@ -1,3 +1,31 @@ +openmotif (2.3.3-7) unstable; urgency=low + + * QA upload. + * Improve 0005-sprintf-error-message-hardening-format-security.patch to use + strcpy i.s.o. sprintf and properly format string. + + -- Paul Gevers <elb...@debian.org> Sat, 05 Jan 2013 21:36:38 +0100 + +openmotif (2.3.3-6) unstable; urgency=low + + * QA upload. + - Set maintainer to QA group + * Allow multiarch (Closes: #673690) + - Multi-Arch: same for libmotif4 + - Add Pre-Depends: multiarch-support + - d/*.files use wild-card + - d/rules export DEB_HOST_MULTIARCH and use it for configure with --libdir + - Add patch to NOT move /usr/lib/X11 files (thanks Sergio Gelato) + * Enable hardening + - Build-Depend on dpkg-dev (>=1.6.1) + - d/rules: move declaration of CFLAGS earlier + - Add patch to prevent "format not a string literal and no format arguments" + - Add patch to prevent a case of "format '%d' expects argument of type + 'int', but argument 5 has type 'size_t'" + * Remove update-menu created configuration files on purge (Closes: #656169) + + -- Paul Gevers <elb...@debian.org> Tue, 25 Dec 2012 09:04:47 +0100 + openmotif (2.3.3-5) unstable; urgency=low * Fix hopefully the build problems on mips* reverted: --- openmotif-2.3.3/debian/motif-clients.postrm.off +++ openmotif-2.3.3.orig/debian/motif-clients.postrm.off @@ -1,3 +0,0 @@ -#!/bin/sh -test -x /usr/bin/update-menus && /usr/bin/update-menus -#DEBHELPER# diff -u openmotif-2.3.3/debian/libmotif-dev.files openmotif-2.3.3/debian/libmotif-dev.files --- openmotif-2.3.3/debian/libmotif-dev.files +++ openmotif-2.3.3/debian/libmotif-dev.files @@ -1,7 +1,7 @@ -/usr/lib/libMrm.a -/usr/lib/libUil.a -/usr/lib/libXm.a -/usr/lib/lib*.so +/usr/lib/*/libMrm.a +/usr/lib/*/libUil.a +/usr/lib/*/libXm.a +/usr/lib/*/lib*.so /usr/include/Xm /usr/include/Mrm /usr/include/uil diff -u openmotif-2.3.3/debian/rules openmotif-2.3.3/debian/rules --- openmotif-2.3.3/debian/rules +++ openmotif-2.3.3/debian/rules @@ -10,10 +10,16 @@ include /usr/share/quilt/quilt.make +# Enable hardening options +DPKG_EXPORT_BUILDFLAGS = 1 +include /usr/share/dpkg/buildflags.mk +CFLAGS += -fno-strict-aliasing -D_FILE_OFFSET_BITS=64 + # From /usr/share/doc/autotools-dev/README.Debian.gz export DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) export DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) export DEB_HOST_ARCH_CPU ?= $(shell dpkg-architecture -qDEB_HOST_ARCH_CPU) +export DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) ifeq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE)) confflags += $(DEB_HOST_GNU_TYPE) @@ -22,18 +28,18 @@ endif ifeq '$(DEB_HOST_ARCH_CPU)' 'mips' -CFLAGS_NEW =-mplt +CFLAGS +=-mplt endif ifeq '$(DEB_HOST_ARCH_CPU)' 'mipsel' -CFLAGS_NEW =-mplt +CFLAGS +=-mplt endif build: build-stamp build-stamp: $(QUILT_STAMPFN) dh_testdir - CFLAGS="-g -O2 -fno-strict-aliasing -D_FILE_OFFSET_BITS=64 $(CFLAGS_NEW)" ./configure --prefix=/usr --mandir=/usr/share/man --build=$(DEB_HOST_GNU_TYPE) --host=$(DEB_HOST_GNU_TYPE) + ./configure --prefix=/usr --mandir=/usr/share/man --build=$(DEB_HOST_GNU_TYPE) --host=$(DEB_HOST_GNU_TYPE) --libdir=\$${prefix}/lib/$(DEB_HOST_MULTIARCH) make; touch build-stamp diff -u openmotif-2.3.3/debian/libmotif4.files openmotif-2.3.3/debian/libmotif4.files --- openmotif-2.3.3/debian/libmotif4.files +++ openmotif-2.3.3/debian/libmotif4.files @@ -1,3 +1,3 @@ -/usr/lib/lib*.so.* +/usr/lib/*/lib*.so.* /usr/lib/X11/bindings /usr/include/X11/bitmaps diff -u openmotif-2.3.3/debian/control openmotif-2.3.3/debian/control --- openmotif-2.3.3/debian/control +++ openmotif-2.3.3/debian/control @@ -2,17 +2,19 @@ Section: non-free/devel Priority: extra Build-Depends: debhelper (>= 6.0.7), libxaw7-dev, byacc, flex, libsm-dev, libx11-dev, - libxext-dev, libxmu-dev, libxp-dev, libxt-dev, xbitmaps, libxft-dev, autotools-dev, quilt -Maintainer: Stefan Bauer <stefan.ba...@cubewerk.de> + libxext-dev, libxmu-dev, libxp-dev, libxt-dev, xbitmaps, libxft-dev, autotools-dev, + quilt, dpkg-dev (>= 1.16.1) +Maintainer: Debian QA Group <packa...@qa.debian.org> Standards-Version: 3.9.1.0 Homepage: http://www.motifzone.net/ XS-Autobuild: yes Package: libmotif4 Architecture: any +Multi-Arch: same Section: non-free/libs Depends: ${shlibs:Depends}, ${misc:Depends} -Pre-Depends: x11-common (>= 1:7.0.0) +Pre-Depends: multiarch-support, x11-common (>= 1:7.0.0) Conflicts: libmotif3 Replaces: libmotif3 Description: Open Motif - shared libraries diff -u openmotif-2.3.3/debian/patches/series openmotif-2.3.3/debian/patches/series --- openmotif-2.3.3/debian/patches/series +++ openmotif-2.3.3/debian/patches/series @@ -2,0 +3,3 @@ +0004-multiarch-specialcase-libdir-X11.patch +0005-sprintf-error-message-hardening-format-security.patch +0006-cast-size_t-to-int.patch only in patch2: unchanged: --- openmotif-2.3.3.orig/debian/motif-clients.postrm +++ openmotif-2.3.3/debian/motif-clients.postrm @@ -0,0 +1,8 @@ +#!/bin/sh +set -e + +# Remove configuration files created by update-menus +if [ "$1" = "purge" ] ; then + rm -rf /etc/X11/mwm +fi +#DEBHELPER# only in patch2: unchanged: --- openmotif-2.3.3.orig/debian/patches/0005-sprintf-error-message-hardening-format-security.patch +++ openmotif-2.3.3/debian/patches/0005-sprintf-error-message-hardening-format-security.patch @@ -0,0 +1,633 @@ +Description: To prevent build failure during building with Hardening options + enabled due to "format not a string literal and no format arguments", all + sprintf and fprintf functions with two input arguments and a second argument + which is not a literal string are patched. + . + In all cases, the input is a hard-coded string. The sprintf calls are replaced + by a call to strcpy, the fprintf calls get a second argument "%s". +Author: Paul Gevers <elb...@debian.org> + +--- a/lib/Mrm/Mrmhier.c ++++ b/lib/Mrm/Mrmhier.c +@@ -277,10 +277,10 @@ + case MrmSUCCESS: + break; + case MrmNOT_VALID: +- sprintf (err_stg, _MrmMMsg_0113); ++ strcpy (err_stg, _MrmMMsg_0113); + break; + default: +- sprintf (err_stg, _MrmMMsg_0114); ++ strcpy (err_stg, _MrmMMsg_0114); + break; + } + } +--- a/lib/Mrm/Mrmicon.c ++++ b/lib/Mrm/Mrmicon.c +@@ -1189,7 +1189,7 @@ + } + break; + default: +- sprintf(err_msg, _MrmMMsg_0040); ++ strcpy(err_msg, _MrmMMsg_0040); + return Urm__UT_Error ("Urm__RelizeColorTable", + err_msg, NULL, NULL, MrmFAILURE) ; + } +@@ -1265,7 +1265,7 @@ + break; + default: + result = MrmFAILURE; +- sprintf (err_msg, _MrmMMsg_0040); ++ strcpy (err_msg, _MrmMMsg_0040); + Urm__UT_Error ("Urm__RelizeColorTable", + err_msg, NULL, NULL, MrmFAILURE) ; + } +--- a/lib/Mrm/Mrmlread.c ++++ b/lib/Mrm/Mrmlread.c +@@ -711,7 +711,7 @@ + XBlackPixelOfScreen(XDefaultScreenOfDisplay(display))); + break; + default: +- sprintf(err_msg, _MrmMMsg_0040); ++ strcpy(err_msg, _MrmMMsg_0040); + result = Urm__UT_Error ("MrmFetchColorLiteral", + err_msg, NULL, NULL, MrmFAILURE) ; + _MrmAppUnlock(app); +--- a/lib/Mrm/Mrmwcrw.c ++++ b/lib/Mrm/Mrmwcrw.c +@@ -1403,7 +1403,7 @@ + } + break; + default: +- sprintf (err_msg, _MrmMMsg_0040); ++ strcpy (err_msg, _MrmMMsg_0040); + result = Urm__UT_Error ("Urm__CW_ConvertValue", + err_msg, NULL, NULL, MrmFAILURE) ; + }; +@@ -2439,7 +2439,7 @@ + } + break; + default: +- sprintf(err_msg, _MrmMMsg_0040); ++ strcpy(err_msg, _MrmMMsg_0040); + return Urm__UT_Error ("Urm__CW_ConvertValue", + err_msg, NULL, NULL, MrmFAILURE) ; + }; +--- a/tools/wml/wmlouth.c ++++ b/tools/wml/wmlouth.c +@@ -238,12 +238,12 @@ + printf ("\nCouldn't open UilSymGen.h"); + return; + } +-fprintf (outfil, canned_warn); ++fprintf (outfil, "%s", canned_warn); + + /* + * Write the sym_k..._object literals + */ +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned1); + for ( ndx=0 ; ndx<wml_obj_class_ptr->cnt ; ndx++ ) + { + clsobj = (WmlClassDefPtr) wml_obj_class_ptr->hvec[ndx].objptr; +@@ -257,7 +257,7 @@ + /* + * Define the sym_k_..._reason literals + */ +-fprintf (outfil, canned3); ++fprintf (outfil, "%s", canned3); + for ( ndx=0 ; ndx<wml_obj_reason_ptr->cnt ; ndx++ ) + { + resobj = (WmlResourceDefPtr) wml_obj_reason_ptr->hvec[ndx].objptr; +@@ -271,7 +271,7 @@ + /* + * Define the sym_k_..._arg literals + */ +-fprintf (outfil, canned4); ++fprintf (outfil, "%s", canned4); + for ( ndx=0 ; ndx<wml_obj_arg_ptr->cnt ; ndx++ ) + { + resobj = (WmlResourceDefPtr) wml_obj_arg_ptr->hvec[ndx].objptr; +@@ -285,7 +285,7 @@ + /* + * Define the sym_k_..._enumset structs and literals + */ +-fprintf (outfil, canned5); ++fprintf (outfil, "%s", canned5); + for ( ndx=0 ; ndx<wml_obj_enumset_ptr->cnt ; ndx++ ) + { + enumsetobj = (WmlEnumSetDefPtr) wml_obj_enumset_ptr->hvec[ndx].objptr; +@@ -299,7 +299,7 @@ + /* + * Define the sym_k_..._enumval literals + */ +-fprintf (outfil, canned6); ++fprintf (outfil, "%s", canned6); + for ( ndx=0 ; ndx<wml_obj_enumval_ptr->cnt ; ndx++ ) + { + enumvalobj = (WmlEnumValueDefPtr) wml_obj_enumval_ptr->hvec[ndx].objptr; +@@ -314,7 +314,7 @@ + * Define the sym_k_..._charsize literals + * Define the sym_k_..._charset literals + */ +-fprintf (outfil, canned7); ++fprintf (outfil, "%s", canned7); + for ( ndx=0 ; ndx<wml_obj_charset_ptr->cnt ; ndx++ ) + { + charsetobj = (WmlCharSetDefPtr) wml_obj_charset_ptr->hvec[ndx].objptr; +@@ -328,7 +328,7 @@ + /* + * Define the sym_k_..._child literals + */ +-fprintf (outfil, canned8); ++fprintf (outfil, "%s", canned8); + for ( ndx=0 ; ndx<wml_obj_child_ptr->cnt ; ndx++ ) + { + childobj = (WmlChildDefPtr) wml_obj_child_ptr->hvec[ndx].objptr; +@@ -392,12 +392,12 @@ + printf ("\nCouldn't open UilSymChCL.h"); + return; + } +-fprintf (outfil, canned_warn); ++fprintf (outfil, "%s", canned_warn); + + /* + * Create table entries, similar to writing sym_k... + */ +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned1); + for ( ndx=0 ; ndx<wml_obj_child_ptr->cnt ; ndx++ ) + { + childobj = (WmlChildDefPtr) wml_obj_child_ptr->hvec[ndx].objptr; +@@ -405,7 +405,7 @@ + fprintf (outfil, " sym_k_%s_object,\n", + classobj->tkname); + } +-fprintf (outfil, canned1a); ++fprintf (outfil, "%s", canned1a); + + /* + * close the output file +@@ -459,12 +459,12 @@ + printf ("\nCouldn't open UilSymArTy.h"); + return; + } +-fprintf (outfil, canned_warn); ++fprintf (outfil, "%s", canned_warn); + + /* + * Create table entries, similar to writing sym_k... + */ +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned1); + for ( ndx=0 ; ndx<wml_obj_arg_ptr->cnt ; ndx++ ) + { + resobj = (WmlResourceDefPtr) wml_obj_arg_ptr->hvec[ndx].objptr; +@@ -472,7 +472,7 @@ + fprintf (outfil, " sym_k_%s_value,\n", + datobj->tkname); + } +-fprintf (outfil, canned1a); ++fprintf (outfil, "%s", canned1a); + + /* + * close the output file +@@ -522,19 +522,19 @@ + printf ("\nCouldn't open UilSymRArg.h"); + return; + } +-fprintf (outfil, canned_warn); ++fprintf (outfil, "%s", canned_warn); + + /* + * Create table entries, similar to writing sym_k... + */ +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned1); + for ( ndx=0 ; ndx<wml_obj_arg_ptr->cnt ; ndx++ ) + { + resobj = (WmlResourceDefPtr) wml_obj_arg_ptr->hvec[ndx].objptr; + fprintf (outfil, " %d,\n", + resobj->related_code); + } +-fprintf (outfil, canned1a); ++fprintf (outfil, "%s", canned1a); + + /* + * close the output file +@@ -634,12 +634,12 @@ + printf ("\nCouldn't open UilUrmClas.h"); + return; + } +-fprintf (outfil, canned_warn); ++fprintf (outfil, "%s", canned_warn); + + /* + * Write entries for widgets + */ +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned1); + for ( ndx=0 ; ndx<wml_obj_class_ptr->cnt ; ndx++ ) + { + clsobj = (WmlClassDefPtr) wml_obj_class_ptr->hvec[ndx].objptr; +@@ -650,7 +650,7 @@ + else + fprintf (outfil, " \"%s\",\t\n", synobj->convfunc); + } +-fprintf (outfil, canned2); ++fprintf (outfil, "%s", canned2); + + /* + * Write entries for gadget variants of widget classes +@@ -674,7 +674,7 @@ + synobj->name); + } + } +-fprintf (outfil, canned3); ++fprintf (outfil, "%s", canned3); + + /* + * Write entries for non-dialog widgets +@@ -698,7 +698,7 @@ + synobj->name); + } + } +-fprintf (outfil, canned4); ++fprintf (outfil, "%s", canned4); + + /* + * Write entries for the resource a widget's controls map to +@@ -714,7 +714,7 @@ + else + fprintf (outfil, " sym_k_%s_arg,\n", mapresobj->tkname); + } +-fprintf (outfil, canned5); ++fprintf (outfil, "%s", canned5); + + /* + * Write entries for arguments +@@ -727,7 +727,7 @@ + fprintf (outfil, " %s,\n", + synres->resliteral); + } +-fprintf (outfil, canned6); ++fprintf (outfil, "%s", canned6); + + /* + * Write entries for reasons +@@ -740,7 +740,7 @@ + fprintf (outfil, " %s,\n", + synres->resliteral); + } +-fprintf (outfil, canned7); ++fprintf (outfil, "%s", canned7); + + /* + * close the output file +@@ -794,13 +794,13 @@ + printf ("\nCouldn't open UilConst.h"); + return; + } +-fprintf (outfil, canned_warn); ++fprintf (outfil, "%s", canned_warn); + + /* + * Process the arguments in code order. We start with 1, and write out + * the mask after processing 8 codes. + */ +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned1); + strcpy (maskbuf, "0"); + for ( ndx=0 ; ndx<wml_obj_arg_ptr->cnt ; ndx++ ) + { +@@ -818,7 +818,7 @@ + } + if ( bitno != 8 ) + fprintf (outfil, "%s", maskbuf); +-fprintf (outfil, canned1a); ++fprintf (outfil, "%s", canned1a); + + /* + * close the output file +@@ -891,8 +891,8 @@ + printf ("\nCouldn't open UilSymReas.h"); + return; + } +-fprintf (outfil, canned_warn); +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned_warn); ++fprintf (outfil, "%s", canned1); + + /* + * Generate the bit vectors for each class. Outer loop on the reason code, +@@ -938,13 +938,13 @@ + /* + * Write the vector of vectors. + */ +-fprintf (outfil, canned2); ++fprintf (outfil, "%s", canned2); + for ( resndx=0 ; resndx<wml_obj_reason_ptr->cnt ; resndx++ ) + { + resobj = (WmlResourceDefPtr) wml_obj_reason_ptr->hvec[resndx].objptr; + fprintf (outfil, " reason_class_vec%d,\n", resobj->sym_code); + } +-fprintf (outfil, canned3); ++fprintf (outfil, "%s", canned3); + + /* + * close the output file +@@ -1017,8 +1017,8 @@ + printf ("\nCouldn't open UilSymArTa.h"); + return; + } +-fprintf (outfil, canned_warn); +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned_warn); ++fprintf (outfil, "%s", canned1); + + /* + * Generate the bit vectors for each class. Outer loop on the argument code, +@@ -1064,13 +1064,13 @@ + /* + * Write the vector of vectors. + */ +-fprintf (outfil, canned2); ++fprintf (outfil, "%s", canned2); + for ( resndx=0 ; resndx<wml_obj_arg_ptr->cnt ; resndx++ ) + { + resobj = (WmlResourceDefPtr) wml_obj_arg_ptr->hvec[resndx].objptr; + fprintf (outfil, " arg_class_vec%d,\n", resobj->sym_code); + } +-fprintf (outfil, canned3); ++fprintf (outfil, "%s", canned3); + + /* + * close the output file +@@ -1142,8 +1142,8 @@ + printf ("\nCouldn't open UilSymChTa.h"); + return; + } +-fprintf (outfil, canned_warn); +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned_warn); ++fprintf (outfil, "%s", canned1); + + /* + * Generate the bit vectors for each class. Outer loop on the child code, +@@ -1187,13 +1187,13 @@ + /* + * Write the vector of vectors. + */ +-fprintf (outfil, canned2); ++fprintf (outfil, "%s", canned2); + for ( childndx=0 ; childndx<wml_obj_child_ptr->cnt ; childndx++ ) + { + childobj = (WmlChildDefPtr) wml_obj_child_ptr->hvec[childndx].objptr; + fprintf (outfil, " child_class_vec%d,\n", childobj->sym_code); + } +-fprintf (outfil, canned3); ++fprintf (outfil, "%s", canned3); + + /* + * close the output file +@@ -1264,8 +1264,8 @@ + printf ("\nCouldn't open UilSymCtl.h"); + return; + } +-fprintf (outfil, canned_warn); +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned_warn); ++fprintf (outfil, "%s", canned1); + + /* + * Generate the bit vectors for each class. Outer loop on the class code, +@@ -1309,13 +1309,13 @@ + /* + * Write the vector of vectors. + */ +-fprintf (outfil, canned2); ++fprintf (outfil, "%s", canned2); + for ( ctlndx=0 ; ctlndx<wml_obj_class_ptr->cnt ; ctlndx++ ) + { + clsobj = (WmlClassDefPtr) wml_obj_class_ptr->hvec[ctlndx].objptr; + fprintf (outfil, " object_class_vec%d,\n", clsobj->sym_code); + } +-fprintf (outfil, canned3); ++fprintf (outfil, "%s", canned3); + + /* + * close the output file +@@ -1451,7 +1451,7 @@ + printf ("\nCouldn't open UilSymNam.h"); + return; + } +-fprintf (outfil, canned_warn); ++fprintf (outfil, "%s", canned_warn); + + /* + * Write entries for widgets +@@ -1530,7 +1530,7 @@ + fprintf (outfil, " \"%s\",\n", + synch->name); + } +-fprintf (outfil, canned7); ++fprintf (outfil, "%s", canned7); + + /* + * close the output file +@@ -1634,12 +1634,12 @@ + printf ("\nCouldn't open UilSymEnum.h"); + return; + } +-fprintf (outfil, canned_warn); ++fprintf (outfil, "%s", canned_warn); + + /* + * Generate the enumeration value vectors for each enumeration set. + */ +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned1); + for ( ndx=0 ; ndx<wml_obj_enumset_ptr->cnt ; ndx++ ) + { + enumsetobj = (WmlEnumSetDefPtr) wml_obj_enumset_ptr->hvec[ndx].objptr; +@@ -1656,7 +1656,7 @@ + /* + * Generate the enumeration set tables + */ +-fprintf (outfil, canned3); ++fprintf (outfil, "%s", canned3); + for ( ndx=0 ; ndx<wml_obj_enumset_ptr->cnt ; ndx++ ) + { + enumsetobj = (WmlEnumSetDefPtr) wml_obj_enumset_ptr->hvec[ndx].objptr; +@@ -1668,7 +1668,7 @@ + /* + * Create enumset table entries for arguments, similar to writing sym_k... + */ +-fprintf (outfil, canned4); ++fprintf (outfil, "%s", canned4); + for ( ndx=0 ; ndx<wml_obj_arg_ptr->cnt ; ndx++ ) + { + resobj = (WmlResourceDefPtr) wml_obj_arg_ptr->hvec[ndx].objptr; +@@ -1682,13 +1682,13 @@ + /* + * Create the enumval values table. + */ +-fprintf (outfil, canned5); ++fprintf (outfil, "%s", canned5); + for ( ndx=0 ; ndx<wml_obj_enumval_ptr->cnt ; ndx++ ) + { + evobj = (WmlEnumValueDefPtr) wml_obj_enumval_ptr->hvec[ndx].objptr; + fprintf (outfil, " %s,\n", evobj->syndef->enumlit); + } +-fprintf (outfil, canned5a); ++fprintf (outfil, "%s", canned5a); + + /* + * close the output file +@@ -1826,12 +1826,12 @@ + printf ("\nCouldn't open UilSymCSet.h"); + return; + } +-fprintf (outfil, canned_warn); ++fprintf (outfil, "%s", canned_warn); + + /* + * Generate the standards name table + */ +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned1); + for ( ndx=0 ; ndx<wml_obj_charset_ptr->cnt ; ndx++ ) + { + csobj = (WmlCharSetDefPtr) wml_obj_charset_ptr->hvec[ndx].objptr; +@@ -1849,7 +1849,7 @@ + /* + * Generate the writing direction table + */ +-fprintf (outfil, canned2); ++fprintf (outfil, "%s", canned2); + for ( ndx=0 ; ndx<wml_obj_charset_ptr->cnt ; ndx++ ) + { + csobj = (WmlCharSetDefPtr) wml_obj_charset_ptr->hvec[ndx].objptr; +@@ -1871,7 +1871,7 @@ + /* + * Generate the parsing direction table + */ +-fprintf (outfil, canned3); ++fprintf (outfil, "%s", canned3); + for ( ndx=0 ; ndx<wml_obj_charset_ptr->cnt ; ndx++ ) + { + csobj = (WmlCharSetDefPtr) wml_obj_charset_ptr->hvec[ndx].objptr; +@@ -1893,7 +1893,7 @@ + /* + * Generate the character size table + */ +-fprintf (outfil, canned4); ++fprintf (outfil, "%s", canned4); + for ( ndx=0 ; ndx<wml_obj_charset_ptr->cnt ; ndx++ ) + { + csobj = (WmlCharSetDefPtr) wml_obj_charset_ptr->hvec[ndx].objptr; +@@ -1919,7 +1919,7 @@ + /* + * Generate the $LANG name recognition table + */ +-fprintf (outfil, canned5); ++fprintf (outfil, "%s", canned5); + lang_max = 0; + for ( ndx=0 ; ndx<wml_obj_charset_ptr->cnt ; ndx++ ) + { +@@ -1949,7 +1949,7 @@ + /* + * Generate the $LANG code lookup table, in upper case + */ +-fprintf (outfil, canned6); ++fprintf (outfil, "%s", canned6); + for ( ndx=0 ; ndx<wml_obj_charset_ptr->cnt ; ndx++ ) + { + csobj = (WmlCharSetDefPtr) wml_obj_charset_ptr->hvec[ndx].objptr; +--- a/tools/wml/wmloutkey.c ++++ b/tools/wml/wmloutkey.c +@@ -587,16 +587,16 @@ + printf ("\nCouldn't open UilKeyTab.h"); + return; + } +-fprintf (outfil, canned_warn); ++fprintf (outfil, "%s", canned_warn); + + /* + * Print the case sensitive and insensitive tables + */ +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned1); + wmlOutputUilKeyTabBody (outfil, wml_tok_sens_ptr, &maxlen, &maxkey); + fprintf (outfil, canned2, maxlen, maxkey); + wmlOutputUilKeyTabBody (outfil, wml_tok_insens_ptr, &maxlen, &maxkey); +-fprintf (outfil, canned3); ++fprintf (outfil, "%s", canned3); + + /* + * close the output file +@@ -825,8 +825,8 @@ + printf ("\nCouldn't open UilTokName.h"); + return; + } +-fprintf (outfil, canned_warn); +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned_warn); ++fprintf (outfil, "%s", canned1); + + /* + * Print the token name entries +--- a/config/imake/imake.c ++++ b/config/imake/imake.c +@@ -1003,7 +1003,7 @@ + abort (); + + while (fgets (command, len, fp)) +- fprintf (inFile, command); ++ fprintf (inFile, "%s", command); + + len = pclose (fp); + remove (aout); +--- a/localized/util/mkmsgcat.c ++++ b/localized/util/mkmsgcat.c +@@ -207,7 +207,7 @@ + fprintf(catalog, "\n"); + if (header) { + fprintf(header, "/* $%s$ */\n", "XConsortium"); +- fprintf(header, OSF_COPYRIGHT_C); ++ fprintf(header, "%s", OSF_COPYRIGHT_C); + fprintf(header, "/* This file is automatically generated. */\n"); + fprintf(header, "/* Do not edit. */\n\n"); + fprintf(header, "#ifndef NO_MESSAGE_CATALOG\n\n"); +--- a/tools/wml/wmloutmm.c ++++ b/tools/wml/wmloutmm.c +@@ -222,9 +222,9 @@ + /* + * Write out header information + */ +-fprintf (outfil, canned1); ++fprintf (outfil, "%s", canned1); + fprintf (outfil, "%s\n", name); +-fprintf (outfil, canned2); ++fprintf (outfil, "%s", canned2); + + /* + * Alphabetize the controls, reason, and argument lists +@@ -300,7 +300,7 @@ + else + fprintf (outfil, "\n"); + } +-fprintf (outfil, canned3); ++fprintf (outfil, "%s", canned3); + + /* + * Write out the argument table +@@ -336,7 +336,7 @@ + } + argndx += 1; + } +-fprintf (outfil, canned4); ++fprintf (outfil, "%s", canned4); + + } + only in patch2: unchanged: --- openmotif-2.3.3.orig/debian/patches/0006-cast-size_t-to-int.patch +++ openmotif-2.3.3/debian/patches/0006-cast-size_t-to-int.patch @@ -0,0 +1,16 @@ +Description: To prevent build failure during building with Hardening options + enabled due to "format '%d' expects argument of type 'int', but argument 5 has + type 'size_t'", the fifth argument is cast to integer on the input. +Authon: Paul Gevers <elb...@debian.org> + +--- a/tools/wml/wmloutkey.c ++++ b/tools/wml/wmloutkey.c +@@ -640,7 +640,7 @@ + fprintf (outfil, " {%s, %s, %d, %s, \"%s\"},\n", + tkclass, + tksym, +- strlen(tokstg), ++ (int)strlen(tokstg), + tktoken, + tokstg); + if ( (int)strlen(tokstg) > *maxlen ) only in patch2: unchanged: --- openmotif-2.3.3.orig/debian/patches/0004-multiarch-specialcase-libdir-X11.patch +++ openmotif-2.3.3/debian/patches/0004-multiarch-specialcase-libdir-X11.patch @@ -0,0 +1,49 @@ +Description: + For multiarch support, we change libdir to /usr/lib/$(DEB_HOST_MULTIARCH). + However, we do not want to do this to /usr/lib/X11 yet. + . + Note that XMBINDDIR_FALLBACK should really be set to /usr/share/X11/bindings + since the files are platform-independent. We postpone moving them until a + decision has been reached on libmotif-common. + . + The configure.ac fixes are minimal and only suitable for Debian/Ubuntu + packaging. For upstream one might want to add a command line option. +Author: Sergio Gelato <sergio.gel...@astro.su.se> +Bug-Debian: http://bugs.debian.org/673690 + +--- a/configure ++++ b/configure +@@ -18786,13 +18786,13 @@ + LIBDIR="${libdir}/X11" + + +-MWMRCDIR="${libdir}/X11" ++MWMRCDIR="${prefix}/lib/X11" + + + INCDIR="${includedir}/X11" + + +-XMBINDDIR_FALLBACK="${libdir}/X11/bindings" ++XMBINDDIR_FALLBACK="${prefix}/lib/X11/bindings" + + + RM="rm -f" +--- a/configure.ac ++++ b/configure.ac +@@ -179,13 +179,13 @@ + LIBDIR="${libdir}/X11" + AC_SUBST(LIBDIR) + +-MWMRCDIR="${libdir}/X11" ++MWMRCDIR="${prefix}/lib/X11" + AC_SUBST(MWMRCDIR) + + INCDIR="${includedir}/X11" + AC_SUBST(INCDIR) + +-XMBINDDIR_FALLBACK="${libdir}/X11/bindings" ++XMBINDDIR_FALLBACK="${prefix}/lib/X11/bindings" + AC_SUBST(XMBINDDIR_FALLBACK) + + RM="rm -f"