- CVE-2007-1002 (Shared memo categories format string vulnerability)

- Add -Wdeclaration-after-statement to strict build settings.

evolution.spec

@@ -47,7 +47,7 @@
 
 Name: evolution
 Version: 2.10.0
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: GPL
 Group: Applications/Productivity
 Summary: GNOME's next-generation groupware suite
@@ -158,6 +158,9 @@ Patch46: evolution-2.10.0-use-glib-i18n.patch
 # GNOME bug #418971
 Patch47: evolution-2.10.0-drop-old-glib-support.patch
 
+# CVE-2007-1002
+Patch48: evolution-2.10.0-CVE-2007-1002.patch
+
 ## Dependencies ###
 
 Requires(post): GConf2
@@ -309,6 +312,7 @@ Development files needed for building things which link against evolution.
 %patch45 -p1 -b .shell-main-cleanups
 %patch46 -p1 -b .use-glib-i18n
 %patch47 -p1 -b .drop-old-glib-support
+%patch48 -p1 -b .CVE-2007-1002
 
 mkdir -p krb5-fakeprefix/include
 mkdir -p krb5-fakeprefix/lib
@@ -383,6 +387,7 @@ CFLAGS="$CFLAGS \
 	-DGDK_DISABLE_DEPRECATED=1 \
 	-DEDS_DISABLE_DEPRECATED=1 \
 	-DCAMEL_DISABLE_DEPRECATED=1 \
+	-Wdeclaration-after-statement \
 	-Werror-implicit-function-declaration"
 %endif
 
@@ -724,6 +729,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/evolution/%{evo_major}/libmenus.so
 
 %changelog
+* Thu Mar 29 2007 Matthew Barnes <mbarnes@redhat.com> - 2.10.0-5.fc7
+- CVE-2007-1002 (Shared memo categories format string vulnerability)
+- Add -Wdeclaration-after-statement to strict build settings.
+
 * Mon Mar 26 2007 Matthew Barnes <mbarnes@redhat.com> - 2.10.0-4.fc7
 - Run gtk-update-icon-cache in %post and %postun (RH bug #234018).