Version in base suite: 1.06.002-1

Base version: gnubg_1.06.002-1
Target version: gnubg_1.06.002-1+deb10u1
Base file: /srv/ftp-master.debian.org/ftp/pool/main/g/gnubg/gnubg_1.06.002-1.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/g/gnubg/gnubg_1.06.002-1+deb10u1.dsc

 changelog                                                   |    9 ++
 patches/0002-Expand-size-of-buffers-for-eval-messages.patch |   48 ++++++++++++
 patches/series                                              |    1 
 3 files changed, 58 insertions(+)

diff -Nru gnubg-1.06.002/debian/changelog gnubg-1.06.002/debian/changelog
--- gnubg-1.06.002/debian/changelog	2018-08-26 22:02:10.000000000 +0000
+++ gnubg-1.06.002/debian/changelog	2020-01-13 10:27:20.000000000 +0000
@@ -1,3 +1,12 @@
+gnubg (1.06.002-1+deb10u1) buster; urgency=medium
+
+  [ Russ Allbery ]
+  * Increase the size of static buffers used to build messages during
+    program start so that the Spanish translation doesn't overflow a
+    buffer.  (Closes: #932351)
+
+ -- Andreas Beckmann <anbe@debian.org>  Mon, 13 Jan 2020 11:27:20 +0100
+
 gnubg (1.06.002-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru gnubg-1.06.002/debian/patches/0002-Expand-size-of-buffers-for-eval-messages.patch gnubg-1.06.002/debian/patches/0002-Expand-size-of-buffers-for-eval-messages.patch
--- gnubg-1.06.002/debian/patches/0002-Expand-size-of-buffers-for-eval-messages.patch	1970-01-01 00:00:00.000000000 +0000
+++ gnubg-1.06.002/debian/patches/0002-Expand-size-of-buffers-for-eval-messages.patch	2020-01-13 10:27:20.000000000 +0000
@@ -0,0 +1,48 @@
+From: Russ Allbery <rra@debian.org>
+Date: Sun, 21 Jul 2019 11:35:00 -0700
+Subject: Expand size of buffers for eval messages
+
+CommandSetEvalCubeful, CommandSetEvalPrune, and
+CommandSetEvalDeterministic used static buffers of 128 bytes for
+displaying messages, but the Spanish translation for at least
+CommandSetEvalDeterministic used more space than the length of
+that buffer.  This, in turn, triggered a bounds checking error
+during program start.
+
+Double the length of the buffers to work around the immediate
+problem.
+---
+ set.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/set.c b/set.c
+index 4e2e826..09f43e8 100644
+--- a/set.c
++++ b/set.c
+@@ -1024,7 +1024,7 @@ extern void
+ CommandSetEvalCubeful(char *sz)
+ {
+ 
+-    char asz[2][128], szCommand[64];
++    char asz[2][256], szCommand[64];
+     int f = pecSet->fCubeful;
+ 
+     sprintf(asz[0], _("%s will use cubeful evaluation.\n"), szSet);
+@@ -1038,7 +1038,7 @@ extern void
+ CommandSetEvalPrune(char *sz)
+ {
+ 
+-    char asz[2][128], szCommand[64];
++    char asz[2][256], szCommand[64];
+     int f = pecSet->fUsePrune;
+ 
+     sprintf(asz[0], _("%s will use pruning.\n"), szSet);
+@@ -1052,7 +1052,7 @@ extern void
+ CommandSetEvalDeterministic(char *sz)
+ {
+ 
+-    char asz[2][128], szCommand[64];
++    char asz[2][256], szCommand[64];
+     int f = pecSet->fDeterministic;
+ 
+     sprintf(asz[0], _("%s will use deterministic noise.\n"), szSet);
diff -Nru gnubg-1.06.002/debian/patches/series gnubg-1.06.002/debian/patches/series
--- gnubg-1.06.002/debian/patches/series	2018-08-26 22:02:10.000000000 +0000
+++ gnubg-1.06.002/debian/patches/series	2020-01-13 10:27:20.000000000 +0000
@@ -1 +1,2 @@
 0001-Support-finding-databases-in-var-as-well-as-usr.patch
+0002-Expand-size-of-buffers-for-eval-messages.patch