reinit the tree, so we can have metadata

author: V3n3RiX <venerix@redcorelinux.org> 2017-10-09 18:53:29 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2017-10-09 18:53:29 +0100
commit: 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
tree: ba5f07bf3f9d22d82e54a462313f5d244036c768 /media-sound/orpheus/files/101_fix-buffer-overflow.diff
1 files changed, 15 insertions, 0 deletions
diff --git a/media-sound/orpheus/files/101_fix-buffer-overflow.diff b/media-sound/orpheus/files/101_fix-buffer-overflow.diff
new file mode 100644
index 000000000000..4d6c8e4e18a4
--- /dev/null
+++ b/media-sound/orpheus/files/101_fix-buffer-overflow.diff
@@ -0,0 +1,15 @@
+Fix a stack-based buffer overflow in kkstrtext.h in ktools library.
+(CVE-2005-3863) (Closes: #368402)
+Index: orpheus-1.5/kkstrtext-0.1/kkstrtext.h
+===================================================================
+--- orpheus-1.5.orig/kkstrtext-0.1/kkstrtext.h	2003-12-14 11:51:38.000000000 +0100
++++ orpheus-1.5/kkstrtext-0.1/kkstrtext.h	2006-08-01 21:57:14.000000000 +0200
+@@ -87,7 +87,7 @@
+     { \
+ 	va_list vgs__ap; char vgs__buf[1024]; \
+ 	va_start(vgs__ap, fmt); \
+-	vsprintf(vgs__buf, fmt, vgs__ap); c = vgs__buf; \
++	vsnprintf(vgs__buf, 1024, fmt, vgs__ap); c = vgs__buf; \
+ 	va_end(vgs__ap); \
+     }
+
author	V3n3RiX <venerix@redcorelinux.org>	2017-10-09 18:53:29 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2017-10-09 18:53:29 +0100
commit	4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
tree	ba5f07bf3f9d22d82e54a462313f5d244036c768 /media-sound/orpheus/files/101_fix-buffer-overflow.diff