diff options
author | Florian Franzmann | 2019-05-05 12:57:52 +0200 |
---|---|---|
committer | Florian Franzmann | 2019-05-05 19:22:59 +0200 |
commit | 4b34f555856730730c72c7ab3beec7e9cd7ab4d3 (patch) | |
tree | 7814b6ef9567937c67d9942f7285c932b9d8cdad /printer | |
parent | 356112f21e0586c5cecef1b3997476cd444c0e31 (diff) |
printer/a2ps: version 4.14
Diffstat (limited to 'printer')
-rwxr-xr-x | printer/a2ps/BUILD | 2 | ||||
-rwxr-xr-x | printer/a2ps/DETAILS | 6 | ||||
-rw-r--r-- | printer/a2ps/HISTORY | 14 | ||||
-rwxr-xr-x | printer/a2ps/PRE_BUILD | 13 | ||||
-rw-r--r-- | printer/a2ps/a2ps-alphaev67.patch | 20 | ||||
-rw-r--r-- | printer/a2ps/config.sub.patch | 12 | ||||
-rw-r--r-- | printer/a2ps/contrib.patch | 12 | ||||
-rw-r--r-- | printer/a2ps/patches/a2ps-4.13-manpage-chmod.patch | 12 | ||||
-rw-r--r-- | printer/a2ps/patches/a2ps-4.13c-emacs.patch | 10 | ||||
-rw-r--r-- | printer/a2ps/patches/a2ps-4.13c-fnmatch-replacement.patch | 43 | ||||
-rw-r--r-- | printer/a2ps/patches/a2ps-4.14-CVE-2001-1593.patch | 82 | ||||
-rw-r--r-- | printer/a2ps/patches/a2ps-4.14-CVE-2014-0466.patch | 32 | ||||
-rw-r--r-- | printer/a2ps/patches/a2ps-4.14-check-mempcpy.patch | 12 | ||||
-rw-r--r-- | printer/a2ps/patches/a2ps-4.14-fix-stpcpy-proto.patch | 17 | ||||
-rw-r--r-- | printer/a2ps/patches/a2ps-4.14-psset.patch | 21 | ||||
-rw-r--r-- | printer/a2ps/patches/a2ps-4.14-ptrdiff_t.patch | 14 | ||||
-rw-r--r-- | printer/a2ps/path-concat.c.patch | 11 |
17 files changed, 265 insertions, 68 deletions
diff --git a/printer/a2ps/BUILD b/printer/a2ps/BUILD index 35cab8617e..d791c94034 100755 --- a/printer/a2ps/BUILD +++ b/printer/a2ps/BUILD @@ -1,6 +1,6 @@ OPTS="$OPTS \ --sysconfdir=$INSTALL_ROOT/etc/a2ps \ - --with-media=${A2PS_MEDIA_SIZE}" && + --with-medium=${A2PS_MEDIA_SIZE}" && default_build diff --git a/printer/a2ps/DETAILS b/printer/a2ps/DETAILS index 23b85a87bf..75ded04716 100755 --- a/printer/a2ps/DETAILS +++ b/printer/a2ps/DETAILS @@ -1,9 +1,9 @@ SPELL=a2ps - VERSION=4.13b + VERSION=4.14 SOURCE=$SPELL-$VERSION.tar.gz -SOURCE_DIRECTORY=$BUILD_DIRECTORY/$SPELL-4.13 +SOURCE_DIRECTORY=$BUILD_DIRECTORY/$SPELL-$VERSION SOURCE_URL[0]=$GNU_URL/$SPELL/$SOURCE - SOURCE_HASH=sha512:34e466c56640c04397a4764053e20d5cc816766523c9e97f94d2e3aaa6ab890b3ce9e25f2dbcd1dccb74d05c6c797cb12f3cd119f1b99ba6d3158d11b6c2647e + SOURCE_HASH=sha512:fd6ac8ab47d789114c283e8ca508f7f56feabd1a189f4ac772cad9e6be7e3791e210892cfffd04ad1d39efe4b15386b2e61bf4cd56b70ed581c0554f36bfe06f WEB_SITE=http://www.gnu.org/directory/GNU/a2ps.html ENTERED=20010922 UPDATED=20050627 diff --git a/printer/a2ps/HISTORY b/printer/a2ps/HISTORY index 994c984281..5ba95d3b0d 100644 --- a/printer/a2ps/HISTORY +++ b/printer/a2ps/HISTORY @@ -1,3 +1,17 @@ +2019-05-05 Florian Franzmann <siflfran@hawo.stw.uni-erlangen.de> + * DETAILS: version 4.14 + * PRE_BUILD, patches/a2ps-4.13c-emacs.patch + patches/a2ps-4.13c-fnmatch-replacement.patch + patches/a2ps-4.13-manpage-chmod.patch + patches/a2ps-4.14-check-mempcpy.patch + patches/a2ps-4.14-CVE-2001-1593.patch + patches/a2ps-4.14-CVE-2014-0466.patch + patches/a2ps-4.14-fix-stpcpy-proto.patch + patches/a2ps-4.14-psset.patch patches/a2ps-4.14-ptrdiff_t.patch: add bug + fixes from gentoo + * PRE_BUILD, *.patch: remove obsolete patches + * BUILD: fix typo in configure flag + 2009-09-24 Andraž "ruskie" Levstik <ruskie+f03a580f@codemages.net> * DEPENDS: switch from tetex to texlive [auto] diff --git a/printer/a2ps/PRE_BUILD b/printer/a2ps/PRE_BUILD index 8e2c3e7481..a70a3a0186 100755 --- a/printer/a2ps/PRE_BUILD +++ b/printer/a2ps/PRE_BUILD @@ -1,9 +1,4 @@ -default_pre_build && -patch $SOURCE_DIRECTORY/lib/path-concat.c \ - $SCRIPT_DIRECTORY/path-concat.c.patch && -patch $SOURCE_DIRECTORY/auxdir/config.sub \ - $SCRIPT_DIRECTORY/config.sub.patch && -patch $SOURCE_DIRECTORY/contrib/emacs/Makefile.in \ - $SCRIPT_DIRECTORY/contrib.patch && -patch $SOURCE_DIRECTORY/auxdir/config.sub \ - $SCRIPT_DIRECTORY/a2ps-alphaev67.patch +default_pre_build && +cd "$SOURCE_DIRECTORY" && + +apply_patch_dir patches diff --git a/printer/a2ps/a2ps-alphaev67.patch b/printer/a2ps/a2ps-alphaev67.patch deleted file mode 100644 index 4493bebd2a..0000000000 --- a/printer/a2ps/a2ps-alphaev67.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- auxdir/config.sub 2006-06-01 20:29:45.966819770 +0200 -+++ ../config.sub 2006-06-01 20:31:26.000000000 +0200 -@@ -170,7 +170,7 @@ - | arme[lb] | pyramid | mn10200 | mn10300 | tron | a29k \ - | 580 | i960 | h8300 \ - | hppa | hppa1.0 | hppa1.1 | hppa2.0 | hppa2.0w | hppa2.0n \ -- | alpha | alphaev[4-7] | alphaev56 | alphapca5[67] \ -+ | alpha | alphaev[4-7] | alphaev56 | alphapca5[67] | alphaev67 \ - | we32k | ns16k | clipper | i370 | sh | powerpc | powerpcle \ - | 1750a | dsp16xx | pdp11 | mips16 | mips64 | mipsel | mips64el \ - | mips64orion | mips64orionel | mipstx39 | mipstx39el \ -@@ -202,7 +202,7 @@ - | power-* | none-* | 580-* | cray2-* | h8300-* | h8500-* | i960-* \ - | xmp-* | ymp-* \ - | hppa-* | hppa1.0-* | hppa1.1-* | hppa2.0-* | hppa2.0w-* | hppa2.0n-* \ -- | alpha-* | alphaev[4-7]-* | alphaev56-* | alphapca5[67]-* \ -+ | alpha-* | alphaev[4-7]-* | alphaev56-* | alphapca5[67]-* | alphaev67-* \ - | we32k-* | cydra-* | ns16k-* | pn-* | np1-* | xps100-* \ - | clipper-* | orion-* \ - | sparclite-* | pdp11-* | sh-* | powerpc-* | powerpcle-* \ diff --git a/printer/a2ps/config.sub.patch b/printer/a2ps/config.sub.patch deleted file mode 100644 index 68d939c520..0000000000 --- a/printer/a2ps/config.sub.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- auxdir/config.sub.old 2000-02-02 16:53:22.000000000 -0800 -+++ auxdir/config.sub 2005-04-04 23:12:05.000000000 -0700 -@@ -632,6 +631,9 @@ - pentiumii-* | pentium2-*) - basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; -+ x86_64-*) -+ basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` -+ ;; - pn) - basic_machine=pn-gould - ;; diff --git a/printer/a2ps/contrib.patch b/printer/a2ps/contrib.patch deleted file mode 100644 index bf78a51b68..0000000000 --- a/printer/a2ps/contrib.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Naur a2ps-4.13.orig/contrib/emacs/Makefile.in a2ps-4.13/contrib/emacs/Makefile.in ---- a2ps-4.13.orig/contrib/emacs/Makefile.in 2005-06-24 14:24:07.024494280 -0700 -+++ a2ps-4.13/contrib/emacs/Makefile.in 2005-06-24 14:24:15.678178720 -0700 -@@ -31,7 +31,7 @@ - includedir = @includedir@ - oldincludedir = /usr/include - --DESTDIR = -+DESTDIR = @datadir@/@PACKAGE@ - - pkgdatadir = $(datadir)/@PACKAGE@ - pkglibdir = $(libdir)/@PACKAGE@ diff --git a/printer/a2ps/patches/a2ps-4.13-manpage-chmod.patch b/printer/a2ps/patches/a2ps-4.13-manpage-chmod.patch new file mode 100644 index 0000000000..e0c61124e9 --- /dev/null +++ b/printer/a2ps/patches/a2ps-4.13-manpage-chmod.patch @@ -0,0 +1,12 @@ +diff -ur a2ps-4.13.orig/man/Makefile.maint a2ps-4.13/man/Makefile.maint +--- a2ps-4.13.orig/man/Makefile.maint 2002-03-04 20:46:26.000000000 +0200 ++++ a2ps-4.13/man/Makefile.maint 2007-02-19 21:50:29.000000000 +0200 +@@ -20,7 +20,7 @@ + --include=$(basename $@).x \ + --include=common.x \ + $(executable) > $@-t || exit 1; \ +- chmod -w $@-t || exit 1; \ ++ chmod a-w $@-t || exit 1; \ + rm -f $@ || exit 1; \ + mv $@-t $@ || exit 1; \ + else \ diff --git a/printer/a2ps/patches/a2ps-4.13c-emacs.patch b/printer/a2ps/patches/a2ps-4.13c-emacs.patch new file mode 100644 index 0000000000..f1cd5d9ebd --- /dev/null +++ b/printer/a2ps/patches/a2ps-4.13c-emacs.patch @@ -0,0 +1,10 @@ +--- a2ps-4.13/contrib/emacs/a2ps-print.el.orig 2005-12-05 08:03:48.000000000 +0100 ++++ a2ps-4.13/contrib/emacs/a2ps-print.el 2005-12-06 16:38:14.000000000 +0100 +@@ -93,6 +93,7 @@ + (concat "--center-title=" name) + (concat "--footer=" (concat name " Emacs buffer")) + (concat "--pretty-print=" filetype) ++ (concat "-d") + ;Uncommenting the following gives a print preview (only): + ; (concat "--output=/tmp/foo.ps") + ) diff --git a/printer/a2ps/patches/a2ps-4.13c-fnmatch-replacement.patch b/printer/a2ps/patches/a2ps-4.13c-fnmatch-replacement.patch new file mode 100644 index 0000000000..c49ab78c93 --- /dev/null +++ b/printer/a2ps/patches/a2ps-4.13c-fnmatch-replacement.patch @@ -0,0 +1,43 @@ +diff -Naurp a2ps-4.13.orig/lib/fnmatch.c a2ps-4.13/lib/fnmatch.c +--- a2ps-4.13.orig/lib/fnmatch.c 2002-03-04 12:46:25 -0600 ++++ a2ps-4.13/lib/fnmatch.c 2006-05-27 11:41:15 -0500 +@@ -27,18 +27,6 @@ + #include <fnmatch.h> + #include <ctype.h> + +- +-/* Comment out all this code if we are using the GNU C Library, and are not +- actually compiling the library itself. This code is part of the GNU C +- Library, but also included in many other GNU distributions. Compiling +- and linking in this code is a waste when using the GNU C library +- (especially if it is a shared library). Rather than having every GNU +- program understand `configure --with-gnu-libc' and omit the object files, +- it is simpler to just do this in the source for each such file. */ +- +-#if defined _LIBC || !defined __GNU_LIBRARY__ +- +- + # if defined STDC_HEADERS || !defined isascii + # define ISASCII(c) 1 + # else +@@ -52,10 +40,13 @@ + extern int errno; + # endif + ++/* fnmatch replacement taken from the GNU C Library for systems that ++ provide a broken implementation. */ ++ + /* Match STRING against the filename pattern PATTERN, returning zero if + it matches, nonzero if not. */ + int +-fnmatch (const char *pattern, const char *string, int flags) ++rpl_fnmatch (const char *pattern, const char *string, int flags) + { + register const char *p = pattern, *n = string; + register char c; +@@ -233,5 +224,3 @@ fnmatch (const char *pattern, const char + + # undef FOLD + } +- +-#endif /* _LIBC or not __GNU_LIBRARY__. */ diff --git a/printer/a2ps/patches/a2ps-4.14-CVE-2001-1593.patch b/printer/a2ps/patches/a2ps-4.14-CVE-2001-1593.patch new file mode 100644 index 0000000000..06153f4858 --- /dev/null +++ b/printer/a2ps/patches/a2ps-4.14-CVE-2001-1593.patch @@ -0,0 +1,82 @@ +CVE-2001-1593: Fix insecure use of /tmp + + +Author(s): + + * Fri Jan 05 2001 Preston Brown <pbrown@redhat.com> + +followed the next month by a fix to that patch: + + * Mon Feb 12 2001 Tim Waugh <twaugh@redhat.com> + +(see https://bugzilla.redhat.com/show_bug.cgi?id=1060630#c5) + +Origin: + +http://pkgs.fedoraproject.org/cgit/a2ps.git/plain/a2ps-4.13-security.patch + +--- a/lib/routines.c ++++ b/lib/routines.c +@@ -242,3 +242,50 @@ + /* Don't complain if you can't unlink. Who cares of a tmp file? */ + unlink (filename); + } ++ ++/* ++ * Securely generate a temp file, and make sure it gets ++ * deleted upon exit. ++ */ ++static char ** tempfiles; ++static unsigned ntempfiles; ++ ++static void ++cleanup_tempfiles() ++{ ++ while (ntempfiles--) ++ unlink(tempfiles[ntempfiles]); ++} ++ ++char * ++safe_tempnam(const char *pfx) ++{ ++ char *dirname, *filename; ++ int fd; ++ ++ if (!(dirname = getenv("TMPDIR"))) ++ dirname = "/tmp"; ++ ++ tempfiles = (char **) realloc(tempfiles, ++ (ntempfiles+1) * sizeof(char *)); ++ if (tempfiles == NULL) ++ return NULL; ++ ++ filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX")); ++ if (!filename) ++ return NULL; ++ ++ sprintf(filename, "%s/%sXXXXXX", dirname, pfx); ++ ++ if ((fd = mkstemp(filename)) < 0) { ++ free(filename); ++ return NULL; ++ } ++ close(fd); ++ ++ if (ntempfiles == 0) ++ atexit(cleanup_tempfiles); ++ tempfiles[ntempfiles++] = filename; ++ ++ return filename; ++} +--- a/lib/routines.h ++++ b/lib/routines.h +@@ -255,7 +255,8 @@ + /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */ + #define tempname_ensure(Str) \ + do { \ +- (Str) = (Str) ? (Str) : tempnam (NULL, "a2_"); \ ++ (Str) = (Str) ? (Str) : safe_tempnam("a2_"); \ + } while (0) ++char * safe_tempnam(const char *); + + #endif diff --git a/printer/a2ps/patches/a2ps-4.14-CVE-2014-0466.patch b/printer/a2ps/patches/a2ps-4.14-CVE-2014-0466.patch new file mode 100644 index 0000000000..56f0b2f527 --- /dev/null +++ b/printer/a2ps/patches/a2ps-4.14-CVE-2014-0466.patch @@ -0,0 +1,32 @@ +CVE-2014-0466: fixps does not invoke gs with -dSAFER + +A malicious PostScript file could delete files with the privileges of +the invoking user. + +Author: Salvatore Bonaccorso <carnil@debian.org> +Origin: https://bugs.debian.org/742902 + +diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' a2ps~/contrib/fixps.in a2ps/contrib/fixps.in +--- a2ps~/contrib/fixps.in 2014-03-30 12:24:50.000000000 +0200 ++++ a2ps/contrib/fixps.in 2014-03-30 12:40:36.763249218 +0200 +@@ -389,7 +389,7 @@ + eval "$command" ;; + gs) + $verbose "$program: making a full rewrite of the file ($gs)." >&2 +- $gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;; ++ $gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;; + esac + ) + fi +diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' a2ps~/contrib/fixps.m4 a2ps/contrib/fixps.m4 +--- a2ps~/contrib/fixps.m4 2014-03-30 12:24:50.000000000 +0200 ++++ a2ps/contrib/fixps.m4 2014-03-30 12:40:36.767249254 +0200 +@@ -307,7 +307,7 @@ + eval "$command" ;; + gs) + $verbose "$program: making a full rewrite of the file ($gs)." >&2 +- $gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;; ++ $gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;; + esac + ) + fi diff --git a/printer/a2ps/patches/a2ps-4.14-check-mempcpy.patch b/printer/a2ps/patches/a2ps-4.14-check-mempcpy.patch new file mode 100644 index 0000000000..7b820cead0 --- /dev/null +++ b/printer/a2ps/patches/a2ps-4.14-check-mempcpy.patch @@ -0,0 +1,12 @@ +--- a2ps-4.14-orig/configure.in 2008-04-16 08:36:03.000000000 +0200 ++++ a2ps-4.14/configure.in 2008-04-16 08:36:29.000000000 +0200 +@@ -137,7 +137,8 @@ + ad_REPLACE_FUNC_STRCASECMP + ad_REPLACE_FUNC_STRNCASECMP + ad_REPLACE_FUNC_RENAME +-AC_CHECK_FUNCS(uname strchr strerror strerror_r getcwd bcopy bzero tempnam strsignal psignal setlocale) ++AC_CHECK_FUNCS(uname strchr strerror strerror_r getcwd bcopy bzero \ ++ tempnam strsignal psignal setlocale mempcpy) + ad_FUNC_SYSTEMPAPERNAME + ad_FUNC_ATEXIT + ad_FUNC_STRFTIME diff --git a/printer/a2ps/patches/a2ps-4.14-fix-stpcpy-proto.patch b/printer/a2ps/patches/a2ps-4.14-fix-stpcpy-proto.patch new file mode 100644 index 0000000000..c5bdfc57cd --- /dev/null +++ b/printer/a2ps/patches/a2ps-4.14-fix-stpcpy-proto.patch @@ -0,0 +1,17 @@ +=== modified file 'lib/xstrrpl.c' +--- a/lib/xstrrpl.c 2008-04-14 18:04:50 +0000 ++++ b/lib/xstrrpl.c 2008-04-14 18:20:20 +0000 +@@ -20,12 +20,10 @@ + + #include "system.h" + #include <assert.h> + #include "xstrrpl.h" + +-extern char * stpcpy(); +- + /* Perform subsitutions in string. Result is malloc'd + E.g., result = xstrrrpl ("1234", subst) gives result = "112333" + where subst = { {"1", "11"}, {"3", "333"}, { "4", ""}} + */ + char * + diff --git a/printer/a2ps/patches/a2ps-4.14-psset.patch b/printer/a2ps/patches/a2ps-4.14-psset.patch new file mode 100644 index 0000000000..291c3aac4f --- /dev/null +++ b/printer/a2ps/patches/a2ps-4.14-psset.patch @@ -0,0 +1,21 @@ +diff -Naur a2ps-4.14.orig/contrib/psset.in a2ps-4.14/contrib/psset.in +--- a2ps-4.14.orig/contrib/psset.in 2007-12-29 12:29:01.000000000 +0900 ++++ a2ps-4.14/contrib/psset.in 2009-04-12 12:17:43.000000000 +0900 +@@ -219,7 +219,7 @@ + done + + pspagedevice="% Pagedevice definitions: +-countdictstack ++ countdictstack + % Push our own mark, since there can be several PS marks pushed depending + % where the failure really occured. + /psset_mark +@@ -227,7 +227,7 @@ + } stopped + % My cleartomark + { /psset_mark eq { exit } if } loop +-countdictstack exch sub dup 0 gt ++ countdictstack exch sub dup 0 gt + { + { end } repeat + }{ diff --git a/printer/a2ps/patches/a2ps-4.14-ptrdiff_t.patch b/printer/a2ps/patches/a2ps-4.14-ptrdiff_t.patch new file mode 100644 index 0000000000..00d955a819 --- /dev/null +++ b/printer/a2ps/patches/a2ps-4.14-ptrdiff_t.patch @@ -0,0 +1,14 @@ +diff -uNr a2ps-4.14/lib/obstack.h a2ps-4.14.test/lib/obstack.h +--- a2ps-4.14/lib/obstack.h 2007-12-29 09:37:59.000000000 +0800 ++++ a2ps-4.14.test/lib/obstack.h 2009-06-10 18:49:45.000000000 +0900 +@@ -138,9 +138,9 @@ + #define __need_ptrdiff_t + #endif + #endif ++#endif + + #include <stddef.h> +-#endif + + #if defined (__STDC__) && __STDC__ + #define PTR_INT_TYPE ptrdiff_t diff --git a/printer/a2ps/path-concat.c.patch b/printer/a2ps/path-concat.c.patch deleted file mode 100644 index 5f4fd0a885..0000000000 --- a/printer/a2ps/path-concat.c.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a2ps-4.13.old/lib/path-concat.c 2002-03-04 13:46:25.000000000 -0500 -+++ a2ps-4.13.new/lib/path-concat.c 2004-04-13 01:47:03.596895984 -0400 -@@ -31,7 +31,7 @@ - #endif - #include <sys/types.h> - --char *malloc (); -+/* char *malloc (); */ - - #ifndef DIRECTORY_SEPARATOR - # define DIRECTORY_SEPARATOR '/' |