[SCM] Debian package checker branch, etch, updated. fbe0c92b2ef7e360d13414bf40d6af5507d0c86d

["Raphael Geissert" <atomo64@gmail.com>]

The following commit has been merged in the etch branch:
commit b79a8d1d8098dd9f69d1db52e06127757c10932d
Author: Raphael Geissert <atomo64@gmail.com>
Date:   Mon Jan 25 23:54:43 2010 -0600

    Fix CVE-2009-4014, format string vulnerabilities
    
    Multiple check scripts and the lintian frontend were using
    user-provided input as part of the sprintf/printf format string.

diff --git a/checks/control-files b/checks/control-files
index 24a8bc8..ddef388 100644
--- a/checks/control-files
+++ b/checks/control-files
@@ -92,7 +92,7 @@ while (<IN>) {
     # correct permissions?
     unless ($operm == $ctrl{$file}) {
 	tag "control-file-has-bad-permissions",
-	    sprintf("$file %04o != %04o",$operm,$ctrl{$file});
+	    sprintf("%s %04o != %04o",$file,$operm,$ctrl{$file});
     }
 
     # correct owner?
diff --git a/checks/files b/checks/files
index 02c80a7..11f48b6 100644
--- a/checks/files
+++ b/checks/files
@@ -114,12 +114,12 @@ while (<IN>) {
 	}
 	# ---------------- /etc/cron.d
 	elsif ($file =~ m,^etc/cron\.d/\S, and $operm != 0644) {
-	    tag "bad-permissions-for-etc-cron.d-script", sprintf("$file %04o != 0644",$operm);
+	    tag "bad-permissions-for-etc-cron.d-script", sprintf("%s %04o != 0644",$file,$operm);
 	}
 	# ---------------- /etc/emacs.*
 	elsif ($file =~ m,^etc/emacs.*/\S, and $perm =~ m/^-/
 	       and $operm != 0644) {
-	    tag "bad-permissions-for-etc-emacs-script", sprintf("$file %04o != 0644",$operm);
+	    tag "bad-permissions-for-etc-emacs-script", sprintf("%s %04o != 0644",$file,$operm);
 	}
 	# ---------------- /etc/gconf/schemas
 	elsif ($file =~ m,^etc/gconf/schemas/\S,) {
@@ -129,7 +129,7 @@ while (<IN>) {
 	elsif ($file =~ m,^etc/init\.d/\S, and $operm != 0755
 	       and $perm =~ m/^-/) {
 	    tag "non-standard-file-permissions-for-etc-init.d-script",
-		sprintf("$file %04o != 0755",$operm);
+		sprintf("%s %04o != 0755",$file,$operm);
 	}
 	#----------------- /etc/pam.conf
 	elsif ($file =~ m,^etc/pam.conf, and $pkg ne "libpam-runtime" ) {
@@ -575,11 +575,11 @@ while (<IN>) {
 
 	    # Check for setuid and setgid that isn't expected.
 	    if ($setuid and $setgid) {
-		tag "setuid-gid-binary", $file, sprintf("%04o $owner",$operm);
+		tag "setuid-gid-binary", $file, sprintf("%04o %s",$operm,$owner);
 	    } elsif ($setuid) {
-		tag "setuid-binary", $file, sprintf("%04o $owner",$operm);
+		tag "setuid-binary", $file, sprintf("%04o %s",$operm,$owner);
 	    } elsif ($setgid) {
-		tag "setgid-binary", $file, sprintf("%04o $owner",$operm);
+		tag "setgid-binary", $file, sprintf("%04o %s",$operm,$owner);
 	    }
 
 	    # Check for permission problems other than the setuid status.
diff --git a/checks/menus b/checks/menus
index 280d70e..6fdb9cb 100644
--- a/checks/menus
+++ b/checks/menus
@@ -86,7 +86,7 @@ while (<IN>) {
 	# menu file?
 	if ($file =~ m,^usr/(lib|share)/menu/\S,o) { # correct permissions?
 	    if ($perm =~ m,x,o) {
-		tag "executable-menu-file", sprintf("$file %04o",$operm);
+		tag "executable-menu-file", sprintf("%s %04o",$file,$operm);
 	    }
 
 	    next if $file =~ m,^usr/(lib|share)/menu/README$,;
diff --git a/frontend/lintian b/frontend/lintian
index 676f7ac..e53ba93 100755
--- a/frontend/lintian
+++ b/frontend/lintian
@@ -1571,8 +1571,9 @@ sub schedule_package {
 
     if ( $already_scheduled{$s}++ ) {
 	if ($verbose) {
-	    printf "N: Ignoring duplicate %s package $pkg (version $ver)\n",
-		$type eq 'b' ? 'binary' : ($type eq 's' ? 'source': 'udeb');
+	    printf "N: Ignoring duplicate %s package %s (version %s)\n",
+		$type eq 'b' ? 'binary' : ($type eq 's' ? 'source': 'udeb'),
+		$pkg, $ver;
 	}
 	return;
     }

-- 
Debian package checker