cuneiform team mailing list archive

[MaxiPunkt <maxantispam@xxxxxxxxxx>]

*** This bug is a security vulnerability ***

Private security bug reported:

As already mentioned in an old bug (#362224, comment #16), cuneiform has
issues with the CFLAG mentioned above which is used by default with
Mandriva's %cmake-macro.

Setting this CFLAG leads in several build-errors ("format not a string
literal and no format arguments") and the build breaks.

If I disable this CFLAG the source does compile fine.
But this could also be a security issue then, because this CFLAG is used by default to prevent possible format strings-attacks.

** Affects: cuneiform-linux
     Importance: Undecided
         Status: New

-- 
Build-error with CFLAG "-Werror=format-security"
https://bugs.launchpad.net/bugs/520867
You received this bug notification because you are a member of Cuneiform
Linux, which is a direct subscriber.

Status in Linux port of Cuneiform: New

Bug description:
As already mentioned in an old bug (#362224, comment #16), cuneiform has issues with the CFLAG mentioned above which is used by default with Mandriva's %cmake-macro.

Setting this CFLAG leads in several build-errors ("format not a string literal and no format arguments") and the build breaks.

If I disable this CFLAG the source does compile fine.
But this could also be a security issue then, because this CFLAG is used by default to prevent possible format strings-attacks.