fix some format string problems, should fix CVE-2008-0072 (There is no exact information available, so I've patched all uses of non-constant strings as format specifiers.) bump PKGREVISION

(drochner)

 @@ -1,17 +1,17 @@
-# $NetBSD: Makefile,v 1.127 2008/01/18 05:08:23 tnn Exp $
+# $NetBSD: Makefile,v 1.128 2008/03/05 19:08:05 drochner Exp $
 DISTNAME=		evolution-2.12.3
-PKGREVISION=		1
+PKGREVISION=		2
 CATEGORIES=		mail time gnome
 MASTER_SITES=		${MASTER_SITE_GNOME:=sources/evolution/2.12/}
 EXTRACT_SUFX=		.tar.bz2
 MAINTAINER=		rh@NetBSD.org
 HOMEPAGE=		http://www.gnome.org/projects/evolution/
 COMMENT=		GNOME mailer, calendar, contact manager, and communications tool
 PKG_OPTIONS_VAR=	PKG_OPTIONS.evolution
 PKG_SUGGESTED_OPTIONS=	inet6 ssl
 PKG_SUPPORTED_OPTIONS=	inet6 krb4 krb5 ssl
 .include "../../mk/bsd.options.mk"

 @@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.52 2008/01/11 13:46:38 drochner Exp $
+$NetBSD: distinfo,v 1.53 2008/03/05 19:08:05 drochner Exp $
 SHA1 (evolution-2.12.3.tar.bz2) = 14861dd497e935074424269f2d1e6c11be56abfe
 RMD160 (evolution-2.12.3.tar.bz2) = afe803833e213387fde3c180afc91bfc1e792262
 Size (evolution-2.12.3.tar.bz2) = 25938535 bytes
 SHA1 (patch-aa) = 6b7a9364a71ee8b9c8bd9084ceded06c7e384a7f
 SHA1 (patch-ab) = 871a322eefd1a42e7197da764d49cd1d24f6535d
 SHA1 (patch-ac) = 6ec88b37a0817fbe409c04e25b9b9cda5872ca9e

$NetBSD: patch-ac,v 1.15 2008/03/05 19:08:05 drochner Exp $ --- mail/em-format.c.orig 2007-10-12 08:56:01.000000000 +0200 +++ mail/em-format.c @@ -1350,7 +1350,7 @@ emf_multipart_encrypted(EMFormat *emf, C if (valid == NULL) { em_format_format_error(emf, stream, ex->desc?_("Could not parse PGP/MIME message"):_("Could not parse PGP/MIME message: Unknown error")); if (ex->desc) - em_format_format_error(emf, stream, ex->desc); + em_format_format_error(emf, stream, "%s", ex->desc); em_format_part_as(emf, stream, part, "multipart/mixed"); } else { if (emfc == NULL) @@ -1515,7 +1515,7 @@ emf_multipart_signed(EMFormat *emf, Came if (valid == NULL) { em_format_format_error(emf, stream, ex->desc?_("Error verifying signature"):_("Unknown error verifying signature")); if (ex->desc) - em_format_format_error(emf, stream, ex->desc); + em_format_format_error(emf, stream, "%s", ex->desc); em_format_part_as(emf, stream, part, "multipart/mixed"); } else { if (emfc == NULL) @@ -1586,7 +1586,7 @@ emf_inlinepgp_signed(EMFormat *emf, Came if (!valid) { em_format_format_error(emf, stream, ex->desc?_("Error verifying signature"):_("Unknown error verifying signature")); if (ex->desc) - em_format_format_error(emf, stream, ex->desc); + em_format_format_error(emf, stream, "%s", ex->desc); em_format_format_source(emf, stream, ipart); /* I think this will loop: em_format_part_as(emf, stream, part, "text/plain"); */ camel_exception_free(ex); @@ -1657,7 +1657,7 @@ emf_inlinepgp_encrypted(EMFormat *emf, C if (!valid) { em_format_format_error(emf, stream, ex->desc?_("Could not parse PGP message"):_("Could not parse PGP message: Unknown error")); if (ex->desc) - em_format_format_error(emf, stream, ex->desc); + em_format_format_error(emf, stream, "%s", ex->desc); em_format_format_source(emf, stream, ipart); /* I think this will loop: em_format_part_as(emf, stream, part, "text/plain"); */ camel_exception_free(ex);