I'm applying the following pathch wich includes the patch from Alec
Berryman <[EMAIL PROTECTED]> who corrects CVE-2006-2465.
Also in this patch is corrected a lintian error about the missing target
build-indep at debian/rules
This is a patch for the package.
-- Carlos C Soto :: eclipxe
diff -ru mp3info-0.8.4-orig/debian/changelog mp3info-0.8.4/debian/changelog
--- mp3info-0.8.4-orig/debian/changelog 2006-08-13 19:14:09.000000000 -0500
+++ mp3info-0.8.4/debian/changelog 2006-08-13 19:12:04.000000000 -0500
@@ -1,3 +1,11 @@
+mp3info (0.8.4-9.1) unstable; urgency=low
+
+ * Applied patch from Alec Berryman <[EMAIL PROTECTED]> (Closes: #368207)
+ * Added an empty binary-indep target in debian/rules, to fix Lintian
+ error message
+
+ -- Carlos C Soto <[EMAIL PROTECTED]> Sun, 13 Aug 2006 19:10:14 -0500
+
mp3info (0.8.4-9) unstable; urgency=low
* Changed debconf dependency to include debconf-2.0 (closes: #332032)
diff -ru mp3info-0.8.4-orig/debian/rules mp3info-0.8.4/debian/rules
--- mp3info-0.8.4-orig/debian/rules 2006-08-13 19:14:09.000000000 -0500
+++ mp3info-0.8.4/debian/rules 2006-08-13 19:09:42.000000000 -0500
@@ -87,5 +87,8 @@
dh_md5sums
dh_builddeb
+binary-indep:
+ true
+
binary: binary-arch
.PHONY: build clean binary-arch binary install configure
diff -ru mp3info-0.8.4-orig/mp3info.c mp3info-0.8.4/mp3info.c
--- mp3info-0.8.4-orig/mp3info.c 2006-08-13 19:14:09.000000000 -0500
+++ mp3info-0.8.4/mp3info.c 2006-08-13 19:01:00.000000000 -0500
@@ -183,7 +183,7 @@
file_open=0;
if (view_only == 1) {
if ( !( fp=fopen(argv[i],"r") ) ) {
- sprintf(error_msg,"Error opening MP3: %s",argv[i]);
+ snprintf(error_msg,sizeof(error_msg),"Error opening MP3: %s",argv[i]);
perror(error_msg);
retcode |= 1;
} else {
@@ -191,7 +191,7 @@
}
} else {
if ( !( fp=fopen(argv[i],"rb+") ) ) {
- sprintf(error_msg,"Error opening MP3: %s",argv[i]);
+ snprintf(error_msg,sizeof(error_msg),"Error opening MP3: %s",argv[i]);
perror(error_msg);
retcode |= 1;
} else {
