Merge branch 'master' into core-updates

Conflicts: gnu/local.mk gnu/packages/python-xyz.scm gnu/packages/xml.scm guix/gexp.scm po/guix/POTFILES.in
author: Marius Bakke <mbakke@fastmail.com> 2019-07-12 01:03:53 +0200
committer: Marius Bakke <mbakke@fastmail.com> 2019-07-12 01:03:53 +0200
commit: fb9a23a3f3ad3d7b5b7f03b2007baf27684d6bbd (patch)
tree: afbd3f4f33771c61254b0c3d977092542fbe8009 /gnu/packages/patches/a2ps-CVE-2015-8107.patch
parent: 1c4b72cb34640638e40c5190676e5c8c352d292d (diff)
parent: 5a836ce38c9c29e9c2bd306007347486b90c5064 (diff)
download: guix-fb9a23a3f3ad3d7b5b7f03b2007baf27684d6bbd.tar
guix-fb9a23a3f3ad3d7b5b7f03b2007baf27684d6bbd.tar.gz
1 files changed, 80 insertions, 0 deletions
diff --git a/gnu/packages/patches/a2ps-CVE-2015-8107.patch b/gnu/packages/patches/a2ps-CVE-2015-8107.patch
new file mode 100644
index 0000000000..5ea35d45da
--- /dev/null
+++ b/gnu/packages/patches/a2ps-CVE-2015-8107.patch
@@ -0,0 +1,80 @@
+https://sources.debian.org/data/main/a/a2ps/1:4.14-2/debian/patches/fix-format-security.diff
+
+Index: b/lib/psgen.c
+===================================================================
+--- a/lib/psgen.c
++++ b/lib/psgen.c
+@@ -232,7 +232,7 @@
+     default:
+       *buf = '\0';
+       ps_escape_char (job, cp[i], buf);
+-      output (jdiv, (char *) buf);
++      output (jdiv, "%s", (char *) buf);
+       break;
+     }
+   }
+Index: b/lib/output.c
+===================================================================
+--- a/lib/output.c
++++ b/lib/output.c
+@@ -525,7 +525,7 @@
+ 		     expand_user_string (job, FIRST_FILE (job),
+ 					 (const uchar *) "Expand: requirement",
+ 					 (const uchar *) token));
+-	output (dest, expansion);
++	output (dest, "%s", expansion);
+ 	continue;
+       }
+ 
+Index: b/lib/parseppd.y
+===================================================================
+--- a/lib/parseppd.y
++++ b/lib/parseppd.y
+@@ -154,7 +154,7 @@
+ void
+ yyerror (const char *msg)
+ {
+-  error_at_line (1, 0, ppdfilename, ppdlineno, msg);
++  error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
+ }
+ 
+ /*
+Index: b/src/parsessh.y
+===================================================================
+--- a/src/parsessh.y
++++ b/src/parsessh.y
+@@ -740,7 +740,7 @@
+ void
+ yyerror (const char *msg)
+ {
+-  error_at_line (1, 0, sshfilename, sshlineno, msg);
++  error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
+ }
+ 
+ /*
+Index: b/lib/parseppd.c
+===================================================================
+--- a/lib/parseppd.c
++++ b/lib/parseppd.c
+@@ -1707,7 +1707,7 @@
+ void
+ yyerror (const char *msg)
+ {
+-  error_at_line (1, 0, ppdfilename, ppdlineno, msg);
++  error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
+ }
+ 
+ /*
+Index: b/src/parsessh.c
+===================================================================
+--- a/src/parsessh.c
++++ b/src/parsessh.c
+@@ -2639,7 +2639,7 @@
+ void
+ yyerror (const char *msg)
+ {
+-  error_at_line (1, 0, sshfilename, sshlineno, msg);
++  error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
+ }
+ 
+ /*
author	Marius Bakke <mbakke@fastmail.com>	2019-07-12 01:03:53 +0200
committer	Marius Bakke <mbakke@fastmail.com>	2019-07-12 01:03:53 +0200
commit	fb9a23a3f3ad3d7b5b7f03b2007baf27684d6bbd (patch)
tree	afbd3f4f33771c61254b0c3d977092542fbe8009 /gnu/packages/patches/a2ps-CVE-2015-8107.patch
parent	1c4b72cb34640638e40c5190676e5c8c352d292d (diff)
parent	5a836ce38c9c29e9c2bd306007347486b90c5064 (diff)
download	guix-fb9a23a3f3ad3d7b5b7f03b2007baf27684d6bbd.tar guix-fb9a23a3f3ad3d7b5b7f03b2007baf27684d6bbd.tar.gz