From 8e03d2bb818953aa285775647415eea4272a092b Mon Sep 17 00:00:00 2001 From: Jaromir Capik Date: Mon, 14 Apr 2014 18:46:16 +0200 Subject: [PATCH] - Fixing format-security flaws (#1037293) --- qhull-2003.1-format-security.patch | 12 ++++++++++++ qhull.spec | 7 ++++++- 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 qhull-2003.1-format-security.patch diff --git a/qhull-2003.1-format-security.patch b/qhull-2003.1-format-security.patch new file mode 100644 index 0000000..727b809 --- /dev/null +++ b/qhull-2003.1-format-security.patch @@ -0,0 +1,12 @@ +diff -Naur qhull-2003.1.orig/src/io.c qhull-2003.1/src/io.c +--- qhull-2003.1.orig/src/io.c 2014-04-14 18:38:38.000000000 +0200 ++++ qhull-2003.1/src/io.c 2014-04-14 18:42:15.924000000 +0200 +@@ -2166,7 +2166,7 @@ + qh_memfree (point, qh normal_size); + qh_settempfree(&points); + qh_settempfree(&vertices); +- fprintf(fp, endfmt); ++ fprintf(fp, "%s", endfmt); + } /* printfacet3math */ + + diff --git a/qhull.spec b/qhull.spec index cd61860..d256fe7 100644 --- a/qhull.spec +++ b/qhull.spec @@ -1,7 +1,7 @@ Summary: General dimension convex hull programs Name: qhull Version: 2003.1 -Release: 22%{?dist} +Release: 23%{?dist} License: Qhull Group: System Environment/Libraries Source0: http://www.qhull.org/download/qhull-%{version}.tar.gz @@ -13,6 +13,7 @@ Patch2: qhull-2003.1-pkgconfig.patch Patch3: qhull-2003.1-64bit.patch # Update config.{guess,sub} for *-aarch64 (RHBZ #926411) Patch4: qhull-2003.1-config.patch +Patch5: qhull-2003.1-format-security.patch URL: http://www.qhull.org @@ -48,6 +49,7 @@ about a point. %patch2 -p1 %patch3 -p1 %patch4 -p1 +%patch5 -p1 sed -i -e "s,\"../html/,\"html/,g" src/*.htm %build @@ -91,6 +93,9 @@ install -m644 -D qhull.pc ${RPM_BUILD_ROOT}%{_libdir}/pkgconfig/qhull.pc %changelog +* Mon Apr 14 2014 Jaromir Capik - 2003.1-23 +- Fixing format-security flaws (#1037293) + * Tue Aug 06 2013 Ralf Corsépius - 2003.1-22 - Reflect docdir changes (RHBZ #993921). - Fix bogus %%changelog date.