Bug#698619: unblock: swath/0.4.3-3
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package swath
It fixes potential security hole.
(Security team has been contacted for stable version fix.)
The debdiff has been attached for your review.
unblock swath/0.4.3-3
-- System Information:
Debian Release: 7.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=th_TH.utf8, LC_CTYPE=th_TH.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru swath-0.4.3/debian/changelog swath-0.4.3/debian/changelog
--- swath-0.4.3/debian/changelog 2012-08-10 17:54:12.000000000 +0700
+++ swath-0.4.3/debian/changelog 2013-01-16 22:42:14.000000000 +0700
@@ -1,3 +1,12 @@
+swath (0.4.3-3) unstable; urgency=medium
+
+ * Urgency medium for security fix.
+ * debian/patches/01_buffer-overflow.patch: backport patch from upstream
+ to fix potential buffer overflow in Mule mode.
+ Thanks Dominik Maier for the report. (Closes: #698189)
+
+ -- Theppitak Karoonboonyanan <thep@debian.org> Wed, 16 Jan 2013 22:34:04 +0700
+
swath (0.4.3-2) unstable; urgency=low
* Build with xz compression.
diff -Nru swath-0.4.3/debian/patches/01_buffer-overflow.patch swath-0.4.3/debian/patches/01_buffer-overflow.patch
--- swath-0.4.3/debian/patches/01_buffer-overflow.patch 1970-01-01 07:00:00.000000000 +0700
+++ swath-0.4.3/debian/patches/01_buffer-overflow.patch 2013-01-16 22:42:14.000000000 +0700
@@ -0,0 +1,22 @@
+Author: Theppitak Karoonboonyanan <thep@linux.thai.net>
+Description: Fix potential buffer overflow
+Origin: backport, http://linux.thai.net/websvn/wsvn/software.swath/trunk?op=revision&rev=238&peg=238
+Bug-Debian: http://bugs.debian.org/698189
+
+Index: swath/src/wordseg.cpp
+===================================================================
+--- swath.orig/src/wordseg.cpp 2012-02-08 15:45:57.893937559 +0700
++++ swath/src/wordseg.cpp 2013-01-16 22:08:29.341085326 +0700
+@@ -282,11 +282,7 @@
+ }
+ else
+ {
+- char stopstr[20];
+- if (muleMode)
+- strcpy (stopstr, wbr);
+- else
+- stopstr[0] = '\0';
++ const char *stopstr = muleMode ? wbr : "";
+ for (;;)
+ { // read until end of file.
+ if (mode == 0)
diff -Nru swath-0.4.3/debian/patches/series swath-0.4.3/debian/patches/series
--- swath-0.4.3/debian/patches/series 1970-01-01 07:00:00.000000000 +0700
+++ swath-0.4.3/debian/patches/series 2013-01-16 22:42:14.000000000 +0700
@@ -0,0 +1 @@
+01_buffer-overflow.patch
Reply to: