Fix format string vulnerability.

Security:	http://open-security.org/advisories/16
Security:	http://secunia.com/advisories/19671/
Obtained from:	xine CVS
Notified by:	simon

2 files changed, 30 insertions, 1 deletions

diff --git a/multimedia/xine/Makefile b/multimedia/xine/Makefile
index 79132505d834..971f24ec9f29 100644
--- a/multimedia/xine/Makefile
+++ b/multimedia/xine/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	xine
 PORTVERSION=	0.99.4
-PORTREVISION=	3
+PORTREVISION=	4
 CATEGORIES=	multimedia
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
 MASTER_SITE_SUBDIR=	${PORTNAME}
diff --git a/multimedia/xine/files/patch-src_xitk_main.c b/multimedia/xine/files/patch-src_xitk_main.c
new file mode 100644
index 000000000000..6a4670e311ac
--- /dev/null
+++ b/multimedia/xine/files/patch-src_xitk_main.c
@@ -0,0 +1,29 @@
+--- src/xitk/main.c.orig	Sun Jul 24 11:40:37 2005
++++ src/xitk/main.c	Thu Apr 20 01:03:46 2006
+@@ -456,7 +456,7 @@
+   int          len;
+   char        *blanks = "     ";
+ 
+-  printf(title);
++  printf("%s", title);
+   
+   sprintf(buffer, "%s", blanks);
+   plugin = *plugins++;
+@@ -469,7 +469,7 @@
+       sprintf(buffer, "%s%s%s", buffer, (strlen(buffer) == strlen(blanks)) ? "" : ", ", plugin);
+     }
+     else {
+-      printf(buffer);
++      printf("%s", buffer);
+       printf(",\n");
+       snprintf(buffer, sizeof(buffer), "%s%s", blanks, plugin);
+     }
+@@ -478,7 +478,7 @@
+   }
+   
+   if(strlen(buffer))
+-    printf(buffer);
++    printf("%s", buffer);
+   
+   printf(".\n\n");
+ }