--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock: horgand/1.14-5
- From: Alessio Treglia <alessio@debian.org>
- Date: Wed, 02 Jan 2013 21:02:25 +0000
- Message-id: <20130102210225.3917.82810.reportbug@Aspire-1410>
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package horgand 1.14-5, it fixes the
bug #695467 "Horgand too short buffer" - basically a
a buffer overflow which leads horgand to SIGSEGV at
startup.
Thanks for considering, cheers!
unblock horgand/1.14-5
-- System Information:
Debian Release: 7.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff --git a/debian/changelog b/debian/changelog
index 443cb07..6e64cea 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+horgand (1.14-5) unstable; urgency=medium
+
+ * Prevent SIGSEGV by fixing a buffer overflow, it was tryng to
+ strcpy() of an 11 char string (+ '\0') into a 10 char fixed
+ array. (Closes: #695467) (LP: #891939)
+
+ -- Alessio Treglia <alessio@debian.org> Wed, 02 Jan 2013 14:06:58 +0000
+
horgand (1.14-4) unstable; urgency=low
* Rely on dh-autoreconf rather than call autoreconf -f -i in
diff --git a/debian/patches/03-buffer_overflow.patch b/debian/patches/03-buffer_overflow.patch
new file mode 100644
index 0000000..655727f
--- /dev/null
+++ b/debian/patches/03-buffer_overflow.patch
@@ -0,0 +1,20 @@
+Description: Buffer was too short for chord name
+Author: dave@treblig.org
+Bug-Ubuntu: https://launchpad.net/bugs/891939
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695467
+Forwarded: no
+---
+ src/Holrgan.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- horgand.orig/src/Holrgan.h
++++ horgand/src/Holrgan.h
+@@ -398,7 +398,7 @@ struct Ch3
+ struct Ch4
+
+ {
+- char Nom[10];
++ char Nom[12];
+ int type;
+ int fund;
+ int dist1;
diff --git a/debian/patches/series b/debian/patches/series
index def9ac0..47a5fd8 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
01-fix_manpage.patch
02-binutils_gold.patch
+03-buffer_overflow.patch
--- End Message ---
--- Begin Message ---
- To: Alessio Treglia <alessio@debian.org>, 697226-done@bugs.debian.org
- Subject: Re: Bug#697226: unblock: horgand/1.14-5
- From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Date: Wed, 02 Jan 2013 21:10:21 +0000
- Message-id: <1357161021.28716.12.camel@jacala.jungle.funky-badger.org>
- In-reply-to: <20130102210225.3917.82810.reportbug@Aspire-1410>
- References: <20130102210225.3917.82810.reportbug@Aspire-1410>
On Wed, 2013-01-02 at 21:02 +0000, Alessio Treglia wrote:
> Please unblock package horgand 1.14-5, it fixes the
> bug #695467 "Horgand too short buffer" - basically a
> a buffer overflow which leads horgand to SIGSEGV at
> startup.
Unblocked; thanks.
Regards,
Adam
--- End Message ---