Bug#697226: marked as done (unblock: horgand/1.14-5)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Wed, 02 Jan 2013 21:10:21 +0000
with message-id <1357161021.28716.12.camel@jacala.jungle.funky-badger.org>
and subject line Re: Bug#697226: unblock: horgand/1.14-5
has caused the Debian Bug report #697226,
regarding unblock: horgand/1.14-5
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
697226: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697226
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: horgand/1.14-5
• From: Alessio Treglia <alessio@debian.org>
• Date: Wed, 02 Jan 2013 21:02:25 +0000
• Message-id: <20130102210225.3917.82810.reportbug@Aspire-1410>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package horgand 1.14-5, it fixes the
bug #695467 "Horgand too short buffer" - basically a
a buffer overflow which leads horgand to SIGSEGV at
startup.

Thanks for considering, cheers!

unblock horgand/1.14-5

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff --git a/debian/changelog b/debian/changelog
index 443cb07..6e64cea 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+horgand (1.14-5) unstable; urgency=medium
+
+  * Prevent SIGSEGV by fixing a buffer overflow, it was tryng to
+    strcpy() of an 11 char string (+ '\0') into a 10 char fixed
+    array. (Closes: #695467) (LP: #891939)
+
+ -- Alessio Treglia <alessio@debian.org>  Wed, 02 Jan 2013 14:06:58 +0000
+
 horgand (1.14-4) unstable; urgency=low
 
   * Rely on dh-autoreconf rather than call autoreconf -f -i in
diff --git a/debian/patches/03-buffer_overflow.patch b/debian/patches/03-buffer_overflow.patch
new file mode 100644
index 0000000..655727f
--- /dev/null
+++ b/debian/patches/03-buffer_overflow.patch
@@ -0,0 +1,20 @@
+Description: Buffer was too short for chord name
+Author: dave@treblig.org
+Bug-Ubuntu: https://launchpad.net/bugs/891939
+Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695467
+Forwarded: no
+---
+ src/Holrgan.h |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- horgand.orig/src/Holrgan.h
++++ horgand/src/Holrgan.h
+@@ -398,7 +398,7 @@ struct Ch3
+ struct Ch4
+ 
+ {
+-  char Nom[10];
++  char Nom[12];
+   int type;
+   int fund;
+   int dist1;
diff --git a/debian/patches/series b/debian/patches/series
index def9ac0..47a5fd8 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
 01-fix_manpage.patch
 02-binutils_gold.patch
+03-buffer_overflow.patch

--- End Message ---

--- Begin Message ---

• To: Alessio Treglia <alessio@debian.org>, 697226-done@bugs.debian.org
• Subject: Re: Bug#697226: unblock: horgand/1.14-5
• From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
• Date: Wed, 02 Jan 2013 21:10:21 +0000
• Message-id: <1357161021.28716.12.camel@jacala.jungle.funky-badger.org>
• In-reply-to: <20130102210225.3917.82810.reportbug@Aspire-1410>
• References: <20130102210225.3917.82810.reportbug@Aspire-1410>

On Wed, 2013-01-02 at 21:02 +0000, Alessio Treglia wrote:
> Please unblock package horgand 1.14-5, it fixes the
> bug #695467 "Horgand too short buffer" - basically a
> a buffer overflow which leads horgand to SIGSEGV at
> startup.

Unblocked; thanks.

Regards,

Adam

--- End Message ---