From c4f8eb1d96f78c9222ff704c65149374a01ad464 Mon Sep 17 00:00:00 2001
From: Adrian Reber <adrian@lisas.de>
Date: Dec 02 2014 13:03:59 +0000
Subject: Merge branch 'master' into el6


---

diff --git a/antiword-0.32-fix-flags.patch b/antiword-0.32-fix-flags.patch
index a2ae3d8..7e03392 100644
--- a/antiword-0.32-fix-flags.patch
+++ b/antiword-0.32-fix-flags.patch
@@ -1,5 +1,5 @@
 --- ./Makefile.gege	Sat Jul 21 21:58:03 2001
-+++ ./Makefile	Mon Oct 15 16:56:48 2001
++++ ./Makefile.Linux	Mon Oct 15 16:56:48 2001
 @@ -8,7 +8,7 @@
  # must be equal to DEBUG or NDEBUG
  DB	= NDEBUG
diff --git a/antiword-bGetPPS-Prevent-buffer-overflow-of-atPPSlist-_szName.diff b/antiword-bGetPPS-Prevent-buffer-overflow-of-atPPSlist-_szName.diff
new file mode 100644
index 0000000..48a752b
--- /dev/null
+++ b/antiword-bGetPPS-Prevent-buffer-overflow-of-atPPSlist-_szName.diff
@@ -0,0 +1,28 @@
+From a17e48746d7203f91a2c3bb1cdcbe9023c8d37a0 Mon Sep 17 00:00:00 2001
+From: Fabian Keil <fk () fabiankeil de>
+Date: Tue, 25 Nov 2014 18:58:52 +0100
+Subject: [PATCH] bGetPPS(): Prevent overflow of atPPSlist[].szName[]
+
+---
+ wordole.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/wordole.c b/wordole.c
+index 8a95fb9..7797d1f 100644
+--- a/wordole.c
++++ b/wordole.c
+@@ -259,6 +259,11 @@ bGetPPS(FILE *pFile,
+ 		}
+ 		tNameSize = (size_t)usGetWord(0x40, aucBytes);
+ 		tNameSize = (tNameSize + 1) / 2;
++		if (tNameSize >= sizeof(atPPSlist[0].szName)) {
++			werr(0, "PPS %d appears to be invalid.", iIndex);
++			atPPSlist = xfree(atPPSlist);
++			return FALSE;
++		}
+ 		vName2String(atPPSlist[iIndex].szName, aucBytes, tNameSize);
+ 		atPPSlist[iIndex].ucType = ucGetByte(0x42, aucBytes);
+ 		if (atPPSlist[iIndex].ucType == 5) {
+-- 
+2.1.2
+
diff --git a/antiword.spec b/antiword.spec
index 5d93702..3efd4c5 100644
--- a/antiword.spec
+++ b/antiword.spec
@@ -1,11 +1,12 @@
 Summary:    MS Word to ASCII/Postscript converter
 Name:       antiword
 Version:    0.37
-Release:    9%{?dist}
+Release:    17%{?dist}
 Source0:    http://www.winfield.demon.nl/linux/%{name}-%{version}.tar.gz
 Source1:    antiword.sh
 URL:        http://www.winfield.demon.nl/
 Patch0:     antiword-0.32-fix-flags.patch
+Patch1:     http://seclists.org/oss-sec/2014/q4/att-870/antiword-bGetPPS-Prevent-buffer-overflow-of-atPPSlist-_szName.diff
 License:    GPLv2+
 Group:      Applications/Text
 BuildRoot:  %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -13,12 +14,13 @@ BuildRequires: /usr/bin/iconv
 
 %description
 Antiword is a free MS-Word reader for Linux, BeOS and RISC OS. It converts
-the documets from Word 6, 7, 97 and 2000 to ASCII and Postscript. Antiword
+the documents from Word 6, 7, 97 and 2000 to ASCII and Postscript. Antiword
 tries to keep the layout of the document intact.
 
 %prep
 %setup -q
 %patch0 -p0
+%patch1 -p1
 %{__chmod} a+r * Resources/* Docs/*
 
 %build
@@ -52,6 +54,31 @@ iconv -f iso-8859-1 -t utf-8 Docs/Netscape > Docs/Netscape.utf8
 %{_datadir}/%{name}
 
 %changelog
+* Tue Dec 02 2014 Adrian Reber <adrian@lisas.de> - 0.37-17
+- added patch for "CVE-2014-8123 antiword: buffer overflow of atPPSlist[].szName[]" (#1169665)
+- fixed dates in changelog
+
+* Fri Aug 15 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.37-16
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.37-15
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.37-14
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.37-13
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.37-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.37-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.37-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
 * Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.37-9
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
 
@@ -62,7 +89,7 @@ iconv -f iso-8859-1 -t utf-8 Docs/Netscape > Docs/Netscape.utf8
 - added wrapper script from Michal Jaegermann to better
   handle UTF input files (#191060)
 
-* Thu Feb 12 2008 Adrian Reber <adrian@lisas.de> - 0.37-6
+* Tue Feb 12 2008 Adrian Reber <adrian@lisas.de> - 0.37-6
 - rebuilt for gcc43
 
 * Wed Dec 12 2007 Adrian Reber <adrian@lisas.de> - 0.37-5
@@ -85,7 +112,7 @@ iconv -f iso-8859-1 -t utf-8 Docs/Netscape > Docs/Netscape.utf8
 * Tue May 10 2005 Adrian Reber <adrian@lisas.de> - 0.36.1-2
 - updated to 0.36.1
 
-* Fri Apr  7 2005 Michael Schwendt <mschwendt[AT]users.sf.net>
+* Thu Apr  7 2005 Michael Schwendt <mschwendt[AT]users.sf.net>
 - rebuilt
 
 * Thu Feb 03 2005 Adrian Reber <adrian@lisas.de> - 0:0.36-1