[oe-commits] Holger Hans Peter Freyther : ez-ipzpdate.bb: Address flaw in syslog handling

[git version control]

Module: openembedded.git
Branch: org.openembedded.dev
Commit: 75d85f77f336fb67b752f227f24351131b329924
URL:    http://gitweb.openembedded.net/?p=openembedded.git&a=commit;h=75d85f77f336fb67b752f227f24351131b329924

Author: Holger Hans Peter Freyther <zecke at selfish.org>
Date:   Thu Mar 18 19:29:19 2010 +0800

ez-ipzpdate.bb: Address flaw in syslog handling

Address CVE-2004-0980.

---

 recipes/ez-ipupdate/ez-ipupdate_3.0.10.bb     |    3 ++-
 recipes/ez-ipupdate/files/CVE-2004-0980.patch |   13 +++++++++++++
 2 files changed, 15 insertions(+), 1 deletions(-)

diff --git a/recipes/ez-ipupdate/ez-ipupdate_3.0.10.bb b/recipes/ez-ipupdate/ez-ipupdate_3.0.10.bb
index f3434e1..661ff96 100644
--- a/recipes/ez-ipupdate/ez-ipupdate_3.0.10.bb
+++ b/recipes/ez-ipupdate/ez-ipupdate_3.0.10.bb
@@ -4,12 +4,13 @@ HOMEPAGE = "http://www.ez-ipupdate.com/"
 SECTION = "console/network"
 PRIORITY = "optional"
 LICENSE = "GPL"
-PR = "r1"
+PR = "r2"
 
 SRC_URI = "http://www.ez-ipupdate.com/dist/ez-ipupdate-${PV}.tar.gz \
 	   file://configure.patch;patch=1 \
 	   file://conffile.patch;patch=1 \
 	   file://zoneedit.patch;patch=1 \
+	   file://CVE-2004-0980.patch;patch=1;pnum=0 \
 	   file://init \
 	   file://ipupdate.conf \
 	  "
diff --git a/recipes/ez-ipupdate/files/CVE-2004-0980.patch b/recipes/ez-ipupdate/files/CVE-2004-0980.patch
new file mode 100644
index 0000000..27b7ee9
--- /dev/null
+++ b/recipes/ez-ipupdate/files/CVE-2004-0980.patch
@@ -0,0 +1,13 @@
+$FreeBSD: ports/dns/ez-ipupdate/files/patch-ez-ipupdate.c,v 1.1 2004/11/11 15:46:04 naddy Exp $
+
+--- ez-ipupdate.c.orig
++++ ez-ipupdate.c
+@@ -798,7 +798,7 @@
+     sprintf(buf, "message incomplete because your OS sucks: %s\n", fmt);
+ #endif
+ 
+-    syslog(LOG_NOTICE, buf);
++    syslog(LOG_NOTICE, "%s", buf);
+   }
+   else
+   {