![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/debian/patches/CVE-2013-2131 b/debian/patches/CVE-2013-2131
--- /dev/null
@@ -0,0 +1,69 @@
+diff --git a/src/rrd_graph.c b/src/rrd_graph.c
+index 25ae485..e714e4f 100644
+--- a/src/rrd_graph.c
++++ b/src/rrd_graph.c
+@@ -4144,6 +4144,12 @@ rrd_info_t *rrd_graph_v(
+ char *path;
+ char *filename;
+
++ if (bad_format_imginfo(im.imginfo)) {
++ rrd_info_free(im.grinfo);
++ im_free(&im);
++ rrd_set_error("bad format for imginfo");
++ return NULL;
++ }
+ path = strdup(im.graphfile);
+ filename = basename(path);
+ info.u_str =
+@@ -4961,6 +4967,51 @@ int bad_format(
+ }
+
+
++int bad_format_imginfo(
++ char *fmt)
++{
++ char *ptr;
++ int n = 0;
++
++ ptr = fmt;
++ while (*ptr != '\0')
++ if (*ptr++ == '%') {
++
++ /* line cannot end with percent char */
++ if (*ptr == '\0')
++ return 1;
++ /* '%%' is allowed */
++ if (*ptr == '%')
++ ptr++;
++ /* '%s', '%S' are allowed */
++ else if (*ptr == 's' || *ptr == 'S') {
++ n = 1;
++ ptr++;
++ }
++
++ /* or else '% 4lu' and such are allowed */
++ else {
++ /* optional padding character */
++ if (*ptr == ' ')
++ ptr++;
++ /* This should take care of 'm' */
++ while (*ptr >= '0' && *ptr <= '9')
++ ptr++;
++ /* 'lu' must follow here */
++ if (*ptr++ != 'l')
++ return 1;
++ if (*ptr == 'u')
++ ptr++;
++ else
++ return 1;
++ n++;
++ }
++ }
++
++ return (n != 3);
++}
++
++
+ int vdef_parse(
+ struct graph_desc_t
+ *gdes,