| 1 |
commit: 9649e2aae8ded6f8f43aa6e85bc53e048a77c9c4 |
| 2 |
Author: Alexis Ballier <aballier <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Thu Dec 1 17:36:31 2016 +0000 |
| 4 |
Commit: Alexis Ballier <aballier <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Thu Dec 1 17:36:37 2016 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9649e2aa |
| 7 |
|
| 8 |
dev-libs/kpathsea: fix insecure use of /tmp, bug #536454 |
| 9 |
|
| 10 |
Package-Manager: portage-2.3.2 |
| 11 |
|
| 12 |
dev-libs/kpathsea/files/insecure_tmp_mktexlsr.patch | 17 +++++++++++++++++ |
| 13 |
...521-r1.ebuild => kpathsea-6.2.1_p20150521-r2.ebuild} | 1 + |
| 14 |
2 files changed, 18 insertions(+) |
| 15 |
|
| 16 |
diff --git a/dev-libs/kpathsea/files/insecure_tmp_mktexlsr.patch b/dev-libs/kpathsea/files/insecure_tmp_mktexlsr.patch |
| 17 |
new file mode 100644 |
| 18 |
index 00000000..36d2094 |
| 19 |
--- /dev/null |
| 20 |
+++ b/dev-libs/kpathsea/files/insecure_tmp_mktexlsr.patch |
| 21 |
@@ -0,0 +1,17 @@ |
| 22 |
+https://bugzilla.redhat.com/show_bug.cgi?id=1181167 |
| 23 |
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775139 |
| 24 |
+https://bugs.gentoo.org/show_bug.cgi?id=536454 |
| 25 |
+ |
| 26 |
+Index: kpathsea/mktexlsr |
| 27 |
+=================================================================== |
| 28 |
+--- kpathsea.orig/mktexlsr |
| 29 |
++++ kpathsea/mktexlsr |
| 30 |
+@@ -73,7 +73,7 @@ if tty -s; then verbose=true; else verbo |
| 31 |
+ dry_run=false |
| 32 |
+ trees= |
| 33 |
+ |
| 34 |
+-treefile="${TMPDIR-/tmp}/mktexlsrtrees$$.tmp" |
| 35 |
++treefile=`mktemp --tmpdir mktexlsrtrees.XXXXXXXXXX` || exit 1 |
| 36 |
+ trap 'cd /; rm -f $treefile; test -z "$db_dir_tmp" || rm -rf "$db_dir_tmp"; |
| 37 |
+ exit' 0 1 2 3 7 13 15 |
| 38 |
+ |
| 39 |
|
| 40 |
diff --git a/dev-libs/kpathsea/kpathsea-6.2.1_p20150521-r1.ebuild b/dev-libs/kpathsea/kpathsea-6.2.1_p20150521-r2.ebuild |
| 41 |
similarity index 98% |
| 42 |
rename from dev-libs/kpathsea/kpathsea-6.2.1_p20150521-r1.ebuild |
| 43 |
rename to dev-libs/kpathsea/kpathsea-6.2.1_p20150521-r2.ebuild |
| 44 |
index 7829ed5..a678e17 100644 |
| 45 |
--- a/dev-libs/kpathsea/kpathsea-6.2.1_p20150521-r1.ebuild |
| 46 |
+++ b/dev-libs/kpathsea/kpathsea-6.2.1_p20150521-r2.ebuild |
| 47 |
@@ -41,6 +41,7 @@ SRC_URI="${SRC_URI} ) " |
| 48 |
TEXMF_PATH=/usr/share/texmf-dist |
| 49 |
|
| 50 |
src_prepare() { |
| 51 |
+ epatch "${FILESDIR}/insecure_tmp_mktexlsr.patch" |
| 52 |
cd "${WORKDIR}/texlive-${PV#*_p}-source" |
| 53 |
S="${WORKDIR}/texlive-${PV#*_p}-source" elibtoolize #sane .so versionning on gfbsd |
| 54 |
cp "${FILESDIR}/texmf-update-r2" "${S}"/texmf-update |
Archives