- Fixing format-security flaws (#1037293)

qhull-2003.1-format-security.patch

@@ -0,0 +1,12 @@
+diff -Naur qhull-2003.1.orig/src/io.c qhull-2003.1/src/io.c
+--- qhull-2003.1.orig/src/io.c	2014-04-14 18:38:38.000000000 +0200
++++ qhull-2003.1/src/io.c	2014-04-14 18:42:15.924000000 +0200
+@@ -2166,7 +2166,7 @@
+     qh_memfree (point, qh normal_size);
+   qh_settempfree(&points);
+   qh_settempfree(&vertices);
+-  fprintf(fp, endfmt);
++  fprintf(fp, "%s", endfmt);
+ } /* printfacet3math */
+ 
+ 

qhull.spec

@@ -1,7 +1,7 @@
 Summary: General dimension convex hull programs
 Name: qhull
 Version: 2003.1
-Release: 22%{?dist}
+Release: 23%{?dist}
 License: Qhull
 Group: System Environment/Libraries
 Source0: http://www.qhull.org/download/qhull-%{version}.tar.gz
@@ -13,6 +13,7 @@ Patch2: qhull-2003.1-pkgconfig.patch
 Patch3: qhull-2003.1-64bit.patch
 # Update config.{guess,sub} for *-aarch64 (RHBZ #926411)
 Patch4: qhull-2003.1-config.patch
+Patch5: qhull-2003.1-format-security.patch
 
 URL: http://www.qhull.org
 
@@ -48,6 +49,7 @@ about a point.
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
 sed -i -e "s,\"../html/,\"html/,g" src/*.htm
 
 %build
@@ -91,6 +93,9 @@ install -m644 -D qhull.pc ${RPM_BUILD_ROOT}%{_libdir}/pkgconfig/qhull.pc
 
 
 %changelog
+* Mon Apr 14 2014 Jaromir Capik <jcapik@redhat.com> - 2003.1-23
+- Fixing format-security flaws (#1037293)
+
 * Tue Aug 06 2013 Ralf Corsépius <corsepiu@fedoraproject.org> - 2003.1-22
 - Reflect docdir changes (RHBZ #993921).
 - Fix bogus %%changelog date.