Your message dated Thu, 24 Jul 2008 21:02:21 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#490150: fixed in gtk2-engines-cleanice 2.4.1-0.1
has caused the Debian Bug report #490150,
regarding gtk2-engines-cleanice: [PATCH] segfault in draw_flat_box():
dereferencing NULL pointer
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
490150: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=490150
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: gtk2-engines-cleanice
Version: 2.4.0-1.1
Severity: critical
Justification: breaks unrelated software
Version 2.4.0 does not check for possible NULL pointers supplied to strncmp()
in draw_flat_box() in cleanice-draw.c, line 1013. This breaks unrelated
software (noticed with Geeqie, bug #457098 could be also related).
Please either apply the attached patch or update the package to 2.4.1
released upstream. However, in my opinion, the upstream's fix for this
bug is not fully correct (it fixes the segfault but changes the operation
of the code in a way incompatible with the docs on GtkTreeView).
Meanwhile I am trying to contact the upstream by e-mail. As one can
see can see from his changelog there were no significant changes in
2.4.1 except this fix.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (900, 'testing'), (90, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages gtk2-engines-cleanice depends on:
ii libatk1.0-0 1.22.0-1 The ATK accessibility toolkit
ii libc6 2.7-10 GNU C Library: Shared libraries
ii libcairo2 1.6.4-6 The Cairo 2D vector graphics libra
ii libglib2.0-0 2.16.3-2 The GLib library of C routines
ii libgtk2.0-0 [gtk2.0-binver-2. 2.12.10-2 The GTK+ graphical user interface
ii libpango1.0-0 1.20.3-2 Layout and rendering of internatio
gtk2-engines-cleanice recommends no packages.
-- no debconf information
diff -urN gtk2-engines-cleanice-2.4.0-orig/src/cleanice-draw.c gtk2-engines-cleanice-2.4.0/src/cleanice-draw.c
--- gtk2-engines-cleanice-2.4.0-orig/src/cleanice-draw.c 2005-01-30 06:55:08.000000000 +0300
+++ gtk2-engines-cleanice-2.4.0/src/cleanice-draw.c 2008-07-10 12:29:50.000000000 +0400
@@ -25,6 +25,7 @@
#include "cleanice.h"
#define DETAIL(xx) ((detail) && (!strcmp(xx, detail)))
+#define DETAILN(xx) ((detail) && (!strncmp(xx, detail, strlen(xx))))
static void cleanice_style_init (CleanIceStyle * style);
static void cleanice_style_class_init (CleanIceStyleClass * klass);
@@ -1010,8 +1011,7 @@
if (area) {
gdk_gc_set_clip_rectangle (style->bg_gc[GTK_STATE_NORMAL], NULL);
}
- } else if (!strncmp ("cell_even", detail, strlen ("cell_even")) ||
- !strncmp ("cell_odd", detail, strlen ("cell_odd"))) {
+ } else if (DETAILN ("cell_even") || DETAILN ("cell_odd")) {
if (state_type == GTK_STATE_SELECTED) {
if (GTK_WIDGET_HAS_FOCUS (widget)) {
gdk_draw_rectangle (window, style->bg_gc[state_type], TRUE,
--- End Message ---
--- Begin Message ---
Source: gtk2-engines-cleanice
Source-Version: 2.4.1-0.1
We believe that the bug you reported is fixed in the latest version of
gtk2-engines-cleanice, which is due to be installed in the Debian FTP archive:
gtk2-engines-cleanice_2.4.1-0.1.diff.gz
to pool/main/g/gtk2-engines-cleanice/gtk2-engines-cleanice_2.4.1-0.1.diff.gz
gtk2-engines-cleanice_2.4.1-0.1.dsc
to pool/main/g/gtk2-engines-cleanice/gtk2-engines-cleanice_2.4.1-0.1.dsc
gtk2-engines-cleanice_2.4.1-0.1_i386.deb
to pool/main/g/gtk2-engines-cleanice/gtk2-engines-cleanice_2.4.1-0.1_i386.deb
gtk2-engines-cleanice_2.4.1.orig.tar.gz
to pool/main/g/gtk2-engines-cleanice/gtk2-engines-cleanice_2.4.1.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Anthony Fok <[EMAIL PROTECTED]> (supplier of updated gtk2-engines-cleanice
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 25 Jul 2008 02:36:07 +0800
Source: gtk2-engines-cleanice
Binary: gtk2-engines-cleanice
Architecture: source i386
Version: 2.4.1-0.1
Distribution: unstable
Urgency: low
Maintainer: Jorge Octavio Ocharan Hernandez <[EMAIL PROTECTED]>
Changed-By: Anthony Fok <[EMAIL PROTECTED]>
Description:
gtk2-engines-cleanice - CleanIce themes for GTK+ 2.x
Closes: 450386 490150
Changes:
gtk2-engines-cleanice (2.4.1-0.1) unstable; urgency=low
.
* Non-maintainer upload.
* New upstream release.
- Update Copyright year for 2007
- Modernized autotools as of 2007-08-08
- src/cleanice-draw.c (draw_flat_box):
Use DETAIL () macro instead of strncmp to fix a possible crash
* src/cleanice-draw.c:
- Stanislav Maslovski offered an improved patch for the above
draw_flat_box() segfault problem (Closes: #490150).
* debian/watch:
- Fixed uscan entry; upgraded to version 3 (Closes: #450386).
* debian/control:
- Bumped Standards-Version to 3.8.0 (No change necessary).
- Fixed Lintian warning: "build-depends-on-1-revision build-depends:
libgtk2.0-dev (>= 2.10.1-1)".
* debian/copyright:
- Added more authors from AUTHORS file.
- Fixed Lintian warnings: "debian-copyright-line-too-long" and
"copyright-without-copyright-notice".
* debian/rules:
- Added missing dh_clean run in the "clean" target. The file
debian/gtk2-engines-cleanice.substvars was left lying around.
Checksums-Sha1:
b015ca62ec4419c7308e0ff1c70ea8d44c45fd2f 1202
gtk2-engines-cleanice_2.4.1-0.1.dsc
10e0cd3d32408ae6f37b299091dad6eb1a7c266b 329188
gtk2-engines-cleanice_2.4.1.orig.tar.gz
e6f82e4e2079e415d94ba4f54178558ed6d69a05 9123
gtk2-engines-cleanice_2.4.1-0.1.diff.gz
163187867be1a595358132fb4d6771604be9084f 28332
gtk2-engines-cleanice_2.4.1-0.1_i386.deb
Checksums-Sha256:
285753847282e13d039a3283faae54b42d27977626c5f48f325a6e56d1381c7d 1202
gtk2-engines-cleanice_2.4.1-0.1.dsc
f927f7b06b979ced52cc11e3febecffc3f1aaca07a78c9d0aada31f25c48fb0d 329188
gtk2-engines-cleanice_2.4.1.orig.tar.gz
d47d109235b0469c331f6f87e52d4f1229100d16c4ff6ea15bf3496c141196fd 9123
gtk2-engines-cleanice_2.4.1-0.1.diff.gz
b3a74ab4c9648d419ace615aeff141add61055129b15f766ffc06029d62a5a84 28332
gtk2-engines-cleanice_2.4.1-0.1_i386.deb
Files:
b5193779dcad04409be60802f67b9e39 1202 graphics optional
gtk2-engines-cleanice_2.4.1-0.1.dsc
bc9d3eb31671f6918666d0a58f64d1ae 329188 graphics optional
gtk2-engines-cleanice_2.4.1.orig.tar.gz
a87b0ff5655a89fc45d28d1d1c87ef63 9123 graphics optional
gtk2-engines-cleanice_2.4.1-0.1.diff.gz
b0cd9b08b64e098354bbc14d18c8846e 28332 graphics optional
gtk2-engines-cleanice_2.4.1-0.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkiIzDQACgkQLa8qZm1n95CYgwCdEa85sHJhgv3k3bfG/tC6wNAF
vNEAoJCpFpZ8TbmtX1nsdRVugnRW/q1W
=Bjhk
-----END PGP SIGNATURE-----
--- End Message ---
