Package: gnustep-dl2
Version: 0.12.0-7
Severity: normal
Tags: upstream patch
User: debian...@lists.debian.org
Usertags: hardening-format-security
gnustep-dl2 fails to build with -Werror=format-security compiler option.
Build log in Ubuntu:
https://launchpad.net/ubuntu/+source/gnustep-dl2/0.12.0-7/+build/2851245/+files/buildlog_ubuntu-precise-i386.gnustep-dl2_0.12.0-7_FAILEDTOBUILD.txt.gz
See also:
http://wiki.debian.org/Hardening
http://lists.debian.org/debian-devel-announce/2011/09/msg00001.html
Patch from Ubuntu attached.
https://launchpad.net/ubuntu/+source/gnustep-dl2/0.12.0-7ubuntu1
-- System Information:
Debian Release: wheezy/sid
APT prefers oneiric-updates
APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500,
'oneiric-proposed'), (500, 'oneiric'), (100, 'oneiric-backports')
Architecture: i386 (i686)
Kernel: Linux 3.0.0-13-generic (SMP w/2 CPU cores)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Description: Fix FTBFS with -Werror=format-security.
Author: Ilya Barygin <randomact...@ubuntu.com>
--- gnustep-dl2-0.12.0.orig/EOControl/EODebug.m
+++ gnustep-dl2-0.12.0/EOControl/EODebug.m
@@ -71,7 +71,7 @@ EOFLogC_(const char *file, int line, con
}
fprintf(stderr, "File %s: %d. ", file, line);
- fprintf(stderr, string);
+ fprintf(stderr, "%s", string);
len = strlen(string);
