Fix format string vulnerability.

Security: http://vuxml.FreeBSD.org/a4bd3039-9a48-11d9-a256-0001020eed82.html Security: CAN-2005-0665 Obtained from: Gentoo Linux Approved by: portmgr (marcus), erwin (mentor), maintainer
author: Simon L. B. Nielsen <simon@FreeBSD.org> 2005-03-21 22:45:35 +0000
committer: Simon L. B. Nielsen <simon@FreeBSD.org> 2005-03-21 22:45:35 +0000
commit: 017f92e4e2e732ea8c4a29499977c0723f4f91d8 (patch)
tree: e9bf16a26a4b9abad49ef299a09677069302e967 /graphics/xv
parent: 378a03b28e5ec74649978cada00e771c66edfb7d (diff)
download: ports-017f92e4e2e732ea8c4a29499977c0723f4f91d8.tar.gz
ports-017f92e4e2e732ea8c4a29499977c0723f4f91d8.zip
2 files changed, 12 insertions, 1 deletions
diff --git a/graphics/xv/Makefile b/graphics/xv/Makefile
index 2780180171d9..2e71599d58fc 100644
--- a/graphics/xv/Makefile
+++ b/graphics/xv/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	xv
 PORTVERSION=	3.10a
-PORTREVISION=	4
+PORTREVISION=	5
 CATEGORIES+=	graphics
 MASTER_SITES=	ftp://ftp.cis.upenn.edu/pub/xv/ \
 		${MASTER_SITE_LOCAL} \
diff --git a/graphics/xv/files/patch-CAN-2005-0665 b/graphics/xv/files/patch-CAN-2005-0665
new file mode 100644
index 000000000000..7c61c540108f
--- /dev/null
+++ b/graphics/xv/files/patch-CAN-2005-0665
@@ -0,0 +1,11 @@
+--- xv.c.orig	Mon Mar 21 22:00:43 2005
++++ xv.c	Mon Mar 21 22:21:53 2005
+@@ -2197,7 +2197,7 @@
+   SetISTR(ISTR_INFO,formatStr);
+ 	
+   SetInfoMode(INF_PART);
+-  SetISTR(ISTR_FILENAME, 
++  SetISTR(ISTR_FILENAME, "%s",
+ 	  (filenum==DFLTPIC || filenum==GRABBED || frompipe)
+ 	  ? "<none>" : basefname);
+
author	Simon L. B. Nielsen <simon@FreeBSD.org>	2005-03-21 22:45:35 +0000
committer	Simon L. B. Nielsen <simon@FreeBSD.org>	2005-03-21 22:45:35 +0000
commit	017f92e4e2e732ea8c4a29499977c0723f4f91d8 (patch)
tree	e9bf16a26a4b9abad49ef299a09677069302e967 /graphics/xv
parent	378a03b28e5ec74649978cada00e771c66edfb7d (diff)
download	ports-017f92e4e2e732ea8c4a29499977c0723f4f91d8.tar.gz ports-017f92e4e2e732ea8c4a29499977c0723f4f91d8.zip