From: [email protected]

--gQt10JDuGyDb0HQ5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

At least the attached patch which contains all the changes from
DSA-513-1 hasn't been applied to the package yet.

Cheers,
Flo

--gQt10JDuGyDb0HQ5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="DSA-513-1.diff" Content-Transfer-Encoding: quoted-printable

diff -Nru /tmp/fRdk2a57VV/log2mail-0.2.5.1/debian/changelog /tmp/4L3b3sOkec/log2mail-0.2.5.2/debian/changelog
--- /tmp/fRdk2a57VV/log2mail-0.2.5.1/debian/changelog 2002-10-27 10:26:47.000000000 +0100
+++ /tmp/4L3b3sOkec/log2mail-0.2.5.2/debian/changelog 2004-05-29 22:02:28.000000000 +0200
@@ -1,3 +1,10 @@
+log2mail (0.2.5.2) stable-security; urgency=high
+
+ * Non-maintainer upload by the Security Team
+ * Fix format string bug in printlog() (CAN-2004-0450)
+
+ -- Matt Zimmerman <[email protected]> Sat, 29 May 2004 13:02:02 -0700
+
log2mail (0.2.5.1) stable-security; urgency=high

* Non-maintainer upload by the Security Team
diff -Nru /tmp/fRdk2a57VV/log2mail-0.2.5.1/main.cc /tmp/4L3b3sOkec/log2mail-0.2.5.2/main.cc
--- /tmp/fRdk2a57VV/log2mail-0.2.5.1/main.cc 2001-07-16 13:14:55.000000000 +0200
+++ /tmp/4L3b3sOkec/log2mail-0.2.5.2/main.cc 2004-05-29 22:01:20.000000000 +0200
@@ -60,7 +60,7 @@
return -1;
}
}
- syslog(priority, p);
+ syslog(priority, "%s", p);
free(p);
} else {
va_start (ap, format