Fix format string vulnerability.

Obtained from:	Paul Herman <pherman@frenchfries.net> on BUGTRAQ

2 files changed, 17 insertions, 1 deletions

diff --git a/security/tripwire/Makefile b/security/tripwire/Makefile
index eb19a96ecc56..431e3dd808e8 100644
--- a/security/tripwire/Makefile
+++ b/security/tripwire/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	tripwire
 PORTVERSION=	2.3.1.2
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	security
 MASTER_SITES=	http://download.sourceforge.net/tripwire/
 DISTNAME=	${PORTNAME}-${PORTVERSION:C/\.[0-9]*$/-&/:C/-\./-/}
diff --git a/security/tripwire/files/patch-src::tripwire::pipedmailmessage.cpp b/security/tripwire/files/patch-src::tripwire::pipedmailmessage.cpp
new file mode 100644
index 000000000000..f88afd69aea0
--- /dev/null
+++ b/security/tripwire/files/patch-src::tripwire::pipedmailmessage.cpp
@@ -0,0 +1,16 @@
+Index: src/tripwire/pipedmailmessage.cpp
+===================================================================
+retrieving revision 1.1
+retrieving revision 1.2
+diff -u -r1.1 -r1.2
+--- src/tripwire/pipedmailmessage.cpp   21 Jan 2001 00:46:48 -0000      1.1
++++ src/tripwire/pipedmailmessage.cpp   26 May 2004 20:59:15 -0000      1.2
+@@ -180,7 +180,7 @@
+
+ void cPipedMailMessage::SendString( const TSTRING& s )
+ {
+-    if( _ftprintf( mpFile, s.c_str() ) < 0 )
++    if( _ftprintf( mpFile, "%s", s.c_str() ) < 0 )
+     {
+         TOSTRINGSTREAM estr;
+         estr << TSS_GetString( cTripwire, tripwire::STR_ERR2_MAIL_MESSAGE_COMMAND )