.

OBS-URL: https://build.opensuse.org/package/show/Publishing/a2ps?expand=0&rev=61

a2ps-4.14-bnc955194.patch

@@ -0,0 +1,28 @@
+From seclists.org/oss-sec/2015/q4/284
+CVE-2015-8107 - a2ps(gnu) v4.14 format string vulnerability
+
+Be aware that if compiled with -D_FORTIFY_SOURCE=2 the a2ps
+does abort with
+
+  a2ps --prologue=exploit /etc/hosts -o /dev/null
+  *** %n in writable segment detected ***
+  Abort
+
+Also the explpoit has to be installed as a pro file in the
+appropiate system paths or $HOME/.a2ps of the attacked user.
+
+---
+ lib/output.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- lib/output.c
++++ lib/output.c	2015-11-16 15:01:23.414079544 +0000
+@@ -525,7 +525,7 @@ output_file (struct output * out, a2ps_j
+ 		     expand_user_string (job, FIRST_FILE (job),
+ 					 (const uchar *) "Expand: requirement",
+ 					 (const uchar *) token));
+-	output (dest, expansion);
++	output (dest, "%s", expansion);
+ 	continue;
+       }
+ 

a2ps.changes

@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Mon Nov 16 15:05:43 UTC 2015 - werner@suse.de
+
+- Add patch a2ps-4.14-bnc955194.patch to fix format string
+  vulnerability (bnc#955194)
+
 -------------------------------------------------------------------
 Sun May 24 10:13:38 UTC 2015 - mpluskal@suse.com
 

a2ps.spec

@@ -44,6 +44,8 @@ Patch13:        a2ps-4.14-linker.patch
 # PATCH-FIX-USTREAM Bug 871097 - CVE-2014-0466: a2ps: fixps does not use -dSAFER
 Patch14:        CVE-2014-0466.diff
 Patch15:        a2ps-4.14-gperf.patch
+# PATCH-FIX-SUSE Bug 955194 - CVE-2015-8107: CVE-2015-8107 - a2ps(gnu) v4.14 format string vulnerability
+Patch16:        a2ps-4.14-bnc955194.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  emacs-nox
@@ -120,6 +122,7 @@ touch -r configure.in .ref
 %patch13 -p1
 %patch14 -p1
 %patch15 -p1
+%patch16 -p0
 %patch0    -b .p0
 cp -f %{SOURCE3} po/ko.po
 find -type f | grep -vE '(parseppd|parsessh).y' | xargs \