diff options
| author |   Tobias Heinlein <keytoaster@gentoo.org> | 2008-05-26 19:56:44 +0000 |
|---|---|---|
| committer | Tobias Heinlein <keytoaster@gentoo.org> | 2008-05-26 19:56:44 +0000 |
| commit | 76bd3e46342d66572d345638f0745b4fab7438bb (patch) | |
| tree | c5a815c723c345516ae6a76550fb15e502eaf902 /app-misc/cbrpager/files | |
| parent | ppc stable, bug #215705 (diff) | |
| download | historical-76bd3e46342d66572d345638f0745b4fab7438bb.tar.gz historical-76bd3e46342d66572d345638f0745b4fab7438bb.tar.bz2 historical-76bd3e46342d66572d345638f0745b4fab7438bb.zip | |
Version bump and additional patch for security bug #223657
Package-Manager: portage-2.1.5.2
Diffstat (limited to 'app-misc/cbrpager/files')
| -rw-r--r-- | app-misc/cbrpager/files/cbrpager-0.9.17-zip-filen-escape.patch | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/app-misc/cbrpager/files/cbrpager-0.9.17-zip-filen-escape.patch b/app-misc/cbrpager/files/cbrpager-0.9.17-zip-filen-escape.patch new file mode 100644 index 000000000000..b191114df918 --- /dev/null +++ b/app-misc/cbrpager/files/cbrpager-0.9.17-zip-filen-escape.patch @@ -0,0 +1,23 @@ +--- cbrpager-0.9.17/src/global.c.debug 2008-05-24 05:46:57.000000000 +0900 ++++ cbrpager-0.9.17/src/global.c 2008-05-26 04:11:08.000000000 +0900 +@@ -324,7 +324,7 @@ + esc[idx] = '\0'; + + printf(_("Requesting page %d/%d (%s)\n"), nr+1, +- g_list_length(pagelist), esc); ++ g_list_length(pagelist), p); + + /* The following patch was received from Mamoru Tasaka, 2008/05/22 + to solve potential security problems with the system() call */ +@@ -354,9 +354,10 @@ + pref.lastbook, p, (char *)NULL); + return; /* should not reach here */ + case ZIP_FILE: ++ /* for zip file, esc must be passed instead of p */ + execlp("unzip", + "unzip", "-p", "-C", +- pref.lastbook, p, (char *)NULL); ++ pref.lastbook, esc, (char *)NULL); + return; /* should not reach here */ + } + return; /* should not reach here */ |