commit gnutls for openSUSE:Factory

Tue, 18 Oct 2011 05:09:08 -0700 

Hello community,

here is the log from the commit of package gnutls for openSUSE:Factory
checked in at Tue Oct 18 14:09:02 CEST 2011.



--------
--- openSUSE:Factory/gnutls/gnutls.changes      2011-10-11 17:16:19.000000000 
+0200
+++ /mounts/work_src_done/STABLE/gnutls/gnutls.changes  2011-10-17 
16:19:39.000000000 +0200
@@ -1,0 +2,6 @@
+Mon Oct 17 13:21:57 UTC 2011 - vu...@opensuse.org
+
+- Add gnutls-fix-crash-on-strcat.patch: make sure a string is
+  nul-terminated before using strcat on it. Fix bnc#724421.
+
+-------------------------------------------------------------------

calling whatdependson for head-i586


New:
----
  gnutls-fix-crash-on-strcat.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ gnutls.spec ++++++
--- /var/tmp/diff_new_pack.G9g5Us/_old  2011-10-18 14:08:54.000000000 +0200
+++ /var/tmp/diff_new_pack.G9g5Us/_new  2011-10-18 14:08:54.000000000 +0200
@@ -32,6 +32,8 @@
 Source1:        baselibs.conf
 # PATCH-FIX-UPSTREAM gnutls-fix-compression.patch vu...@opensuse.org -- Taken 
from git, fix decompression/compression
 Patch0:         gnutls-fix-compression.patch
+# PATCH-FIX-UPSTREAM gnutls-fix-crash-on-strcat.patch bnc#724421 
vu...@opensuse.org -- Fix a crash because of badly used strcat, sent upstream 
by mail on 2011-10-17
+Patch1:         gnutls-fix-crash-on-strcat.patch
 BuildRequires:  gcc-c++
 BuildRequires:  libnettle-devel >= 2.2
 BuildRequires:  p11-kit-devel
@@ -156,6 +158,7 @@
 %prep
 %setup -q
 %patch0 -p1
+%patch1 -p1
 
 %build
 %configure \


++++++ gnutls-fix-crash-on-strcat.patch ++++++
>From 7043a8e9e314b0c2eb7ac5c2278a0b103f6a758a Mon Sep 17 00:00:00 2001
From: Vincent Untz <vu...@gnome.org>
Date: Mon, 17 Oct 2011 15:15:46 +0200
Subject: [PATCH] Correctly terminate a string with \0 before concatenating to
 it

Fix a potential crash:
https://bugzilla.novell.com/show_bug.cgi?id=724421
---
 lib/x509/common.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/lib/x509/common.c b/lib/x509/common.c
index 6bb4746..0651d2e 100644
--- a/lib/x509/common.c
+++ b/lib/x509/common.c
@@ -390,6 +390,7 @@ _gnutls_x509_data2hex (const opaque * data, size_t 
data_size,
   if (out)
     {
       out[0] = '#';
+      out[1] = '\0';
       _gnutls_str_cat (out, *sizeof_out, res);
     }
 
-- 
1.7.7

continue with "q"...



Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

Reply via email to