[Erp5-report] r29206 - /experimental/erp5.buildout-zope-2.12/trunk/
nobody at svn.erp5.org
nobody at svn.erp5.org
Mon Sep 28 14:12:30 CEST 2009
Author: leonardo
Date: Mon Sep 28 14:12:28 2009
New Revision: 29206
URL: http://svn.erp5.org?rev=29206&view=rev
Log:
itools needs this patch to compile on Mandriva, with reason since it is a potential security vulnerability
Added:
experimental/erp5.buildout-zope-2.12/trunk/itools-PyErr_Format_security_vulnerability.patch
Added: experimental/erp5.buildout-zope-2.12/trunk/itools-PyErr_Format_security_vulnerability.patch
URL: http://svn.erp5.org/experimental/erp5.buildout-zope-2.12/trunk/itools-PyErr_Format_security_vulnerability.patch?rev=29206&view=auto
==============================================================================
--- experimental/erp5.buildout-zope-2.12/trunk/itools-PyErr_Format_security_vulnerability.patch (added)
+++ experimental/erp5.buildout-zope-2.12/trunk/itools-PyErr_Format_security_vulnerability.patch [utf8] Mon Sep 28 14:12:28 2009
@@ -1,0 +1,11 @@
+--- ../itools-0.60.4.orig/xml/pyparser.c 2009-09-08 14:52:29.000000000 +0200
++++ xml/pyparser.c 2009-09-25 19:46:57.000000000 +0200
+@@ -97,7 +97,7 @@
+ doctype = doctype_new (PubidLiteral, SystemLiteral, intSubset, &error_msg);
+ if (!doctype)
+ {
+- PyErr_Format (XMLError, error_msg);
++ PyErr_Format (XMLError, "%.400s", error_msg);
+ return -1;
+ }
+ self->doctype = doctype;
More information about the Erp5-report
mailing list