1 |
commit: d78cf9b0a31ec3209bdc43b2dcabe0606ff6af13 |
2 |
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Jan 21 16:28:53 2017 +0000 |
4 |
Commit: Matthias Maier <tamiko <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Jan 24 03:05:14 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d78cf9b0 |
7 |
|
8 |
app-text/a2ps: Add patch for CVE-2001-1593 (bug #507024) |
9 |
|
10 |
Package-Manager: Portage-2.3.3, Repoman-2.3.1 |
11 |
Signed-off-by: Matthias Maier <tamiko <AT> gentoo.org> |
12 |
|
13 |
app-text/a2ps/a2ps-4.14-r6.ebuild | 143 ++++++++++++++++++++++ |
14 |
app-text/a2ps/files/a2ps-4.14-CVE-2001-1593.patch | 82 +++++++++++++ |
15 |
2 files changed, 225 insertions(+) |
16 |
|
17 |
diff --git a/app-text/a2ps/a2ps-4.14-r6.ebuild b/app-text/a2ps/a2ps-4.14-r6.ebuild |
18 |
new file mode 100644 |
19 |
index 00000000..7845a5a |
20 |
--- /dev/null |
21 |
+++ b/app-text/a2ps/a2ps-4.14-r6.ebuild |
22 |
@@ -0,0 +1,143 @@ |
23 |
+# Copyright 1999-2017 Gentoo Foundation |
24 |
+# Distributed under the terms of the GNU General Public License v2 |
25 |
+# $Id$ |
26 |
+ |
27 |
+EAPI=6 |
28 |
+inherit autotools elisp-common flag-o-matic |
29 |
+ |
30 |
+DESCRIPTION="Any to PostScript filter" |
31 |
+HOMEPAGE="https://www.gnu.org/software/a2ps/" |
32 |
+SRC_URI="mirror://gnu/${PN}/${P}.tar.gz |
33 |
+ linguas_ja? ( mirror://gentoo/${P}-ja_nls.patch.gz )" |
34 |
+ |
35 |
+LICENSE="GPL-3" |
36 |
+SLOT="0" |
37 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos" |
38 |
+IUSE="emacs latex linguas_ja nls static-libs userland_BSD userland_GNU vanilla" |
39 |
+ |
40 |
+RESTRICT=test |
41 |
+ |
42 |
+RDEPEND="app-text/ghostscript-gpl |
43 |
+ app-text/libpaper |
44 |
+ >=app-text/psutils-1.17 |
45 |
+ app-text/wdiff |
46 |
+ emacs? ( virtual/emacs ) |
47 |
+ latex? ( virtual/latex-base ) |
48 |
+ nls? ( virtual/libintl ) |
49 |
+ userland_GNU? ( >=sys-apps/coreutils-6.10-r1 ) |
50 |
+ userland_BSD? ( sys-freebsd/freebsd-ubin )" |
51 |
+DEPEND="${RDEPEND} |
52 |
+ >=dev-util/gperf-2.7.2 |
53 |
+ virtual/yacc |
54 |
+ nls? ( sys-devel/gettext )" |
55 |
+ |
56 |
+SITEFILE=50${PN}-gentoo.el |
57 |
+ |
58 |
+S=${WORKDIR}/${PN}-${PV:0:4} |
59 |
+ |
60 |
+src_prepare() { |
61 |
+ default |
62 |
+ |
63 |
+ eapply "${FILESDIR}"/${PN}-4.13c-locale-gentoo.diff |
64 |
+ use vanilla || eapply -p0 "${FILESDIR}"/${PN}-4.13-stdout.diff |
65 |
+ if use linguas_ja; then |
66 |
+ eapply "${WORKDIR}"/${P}-ja_nls.patch |
67 |
+ # bug #335803 |
68 |
+ eapply -p0 "${FILESDIR}"/${P}-ja-cleanup.patch |
69 |
+ else |
70 |
+ eapply "${FILESDIR}"/${P}-cleanup.patch |
71 |
+ fi |
72 |
+ |
73 |
+ # fix fnmatch replacement, bug #134546 |
74 |
+ eapply "${FILESDIR}"/${PN}-4.13c-fnmatch-replacement.patch |
75 |
+ |
76 |
+ # bug #122026 |
77 |
+ eapply "${FILESDIR}"/${P}-psset.patch |
78 |
+ |
79 |
+ # fix emacs printing, bug #114627 |
80 |
+ eapply "${FILESDIR}"/a2ps-4.13c-emacs.patch |
81 |
+ |
82 |
+ # fix chmod error, #167670 |
83 |
+ eapply "${FILESDIR}"/a2ps-4.13-manpage-chmod.patch |
84 |
+ |
85 |
+ # add configure check for mempcpy, bug 216588 |
86 |
+ eapply "${FILESDIR}"/${P}-check-mempcpy.patch |
87 |
+ |
88 |
+ # fix compilation error due to invalid stpcpy() prototype, bug 216588 |
89 |
+ eapply -p0 "${FILESDIR}"/${P}-fix-stpcpy-proto.patch |
90 |
+ |
91 |
+ # fix compilation error due to obstack.h issue, bug 269638 |
92 |
+ eapply "${FILESDIR}"/${P}-ptrdiff_t.patch |
93 |
+ |
94 |
+ # fix compilation error due to texinfo 5.x, bug 482748 |
95 |
+ eapply "${FILESDIR}"/${P}-texinfo-5.x.patch |
96 |
+ |
97 |
+ # fix CVE-2014-0466, bug 506352 |
98 |
+ eapply "${FILESDIR}"/${P}-CVE-2014-0466.patch |
99 |
+ |
100 |
+ # fix CVE-2001-1593, bug 507024 |
101 |
+ eapply "${FILESDIR}"/${P}-CVE-2001-1593.patch |
102 |
+ |
103 |
+ # fix building with sys-devel/automake >= 1.12, bug 420503 |
104 |
+ rm -f {.,ogonkify}/aclocal.m4 || die |
105 |
+ sed -i \ |
106 |
+ -e '/^AM_C_PROTOTYPES/d' \ |
107 |
+ -e '/^AUTOMAKE_OPTIONS.*ansi2knr/d' \ |
108 |
+ -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:' \ |
109 |
+ -e 's:AM_PROG_CC_STDC:AC_PROG_CC:' \ |
110 |
+ configure.in {contrib/sample,lib,src}/Makefile.am m4/protos.m4 || die |
111 |
+ |
112 |
+ eautoreconf |
113 |
+} |
114 |
+ |
115 |
+src_configure() { |
116 |
+ append-cppflags -DPROTOTYPES #420503 |
117 |
+ |
118 |
+ local myconf="COM_netscape=no COM_acroread=no" |
119 |
+ |
120 |
+ use emacs || myconf="${myconf} EMACS=no" |
121 |
+ use latex || myconf="${myconf} COM_latex=no" |
122 |
+ |
123 |
+ export LANG=C LC_ALL=C |
124 |
+ |
125 |
+ econf \ |
126 |
+ --enable-shared \ |
127 |
+ $(use_enable static-libs static) \ |
128 |
+ --sysconfdir="${EPREFIX}"/etc/a2ps \ |
129 |
+ $(use_enable nls) \ |
130 |
+ ${myconf} |
131 |
+} |
132 |
+ |
133 |
+src_compile() { |
134 |
+ # parallel make b0rked |
135 |
+ emake -j1 |
136 |
+} |
137 |
+ |
138 |
+src_install() { |
139 |
+ emake \ |
140 |
+ DESTDIR="${D}" \ |
141 |
+ lispdir="${EPREFIX}${SITELISP}"/${PN} \ |
142 |
+ install |
143 |
+ |
144 |
+ newdoc "${ED}"/usr/share/a2ps/README README.a2ps |
145 |
+ newdoc "${ED}"/usr/share/a2ps/ppd/README README.a2ps.ppd |
146 |
+ newdoc "${ED}"/usr/share/ogonkify/README README.ogonkify |
147 |
+ |
148 |
+ rm -f "${ED}"/usr/share/{a2ps,a2ps/ppd,ogonkify}/README || die |
149 |
+ |
150 |
+ prune_libtool_files |
151 |
+ |
152 |
+ if use emacs; then |
153 |
+ elisp-site-file-install "${FILESDIR}"/${SITEFILE} || die |
154 |
+ fi |
155 |
+ |
156 |
+ dodoc ANNOUNCE AUTHORS ChangeLog FAQ NEWS README* THANKS TODO |
157 |
+} |
158 |
+ |
159 |
+pkg_postinst() { |
160 |
+ use emacs && elisp-site-regen |
161 |
+} |
162 |
+ |
163 |
+pkg_postrm() { |
164 |
+ use emacs && elisp-site-regen |
165 |
+} |
166 |
|
167 |
diff --git a/app-text/a2ps/files/a2ps-4.14-CVE-2001-1593.patch b/app-text/a2ps/files/a2ps-4.14-CVE-2001-1593.patch |
168 |
new file mode 100644 |
169 |
index 00000000..06153f4 |
170 |
--- /dev/null |
171 |
+++ b/app-text/a2ps/files/a2ps-4.14-CVE-2001-1593.patch |
172 |
@@ -0,0 +1,82 @@ |
173 |
+CVE-2001-1593: Fix insecure use of /tmp |
174 |
+ |
175 |
+ |
176 |
+Author(s): |
177 |
+ |
178 |
+ * Fri Jan 05 2001 Preston Brown <pbrown@××××××.com> |
179 |
+ |
180 |
+followed the next month by a fix to that patch: |
181 |
+ |
182 |
+ * Mon Feb 12 2001 Tim Waugh <twaugh@××××××.com> |
183 |
+ |
184 |
+(see https://bugzilla.redhat.com/show_bug.cgi?id=1060630#c5) |
185 |
+ |
186 |
+Origin: |
187 |
+ |
188 |
+http://pkgs.fedoraproject.org/cgit/a2ps.git/plain/a2ps-4.13-security.patch |
189 |
+ |
190 |
+--- a/lib/routines.c |
191 |
++++ b/lib/routines.c |
192 |
+@@ -242,3 +242,50 @@ |
193 |
+ /* Don't complain if you can't unlink. Who cares of a tmp file? */ |
194 |
+ unlink (filename); |
195 |
+ } |
196 |
++ |
197 |
++/* |
198 |
++ * Securely generate a temp file, and make sure it gets |
199 |
++ * deleted upon exit. |
200 |
++ */ |
201 |
++static char ** tempfiles; |
202 |
++static unsigned ntempfiles; |
203 |
++ |
204 |
++static void |
205 |
++cleanup_tempfiles() |
206 |
++{ |
207 |
++ while (ntempfiles--) |
208 |
++ unlink(tempfiles[ntempfiles]); |
209 |
++} |
210 |
++ |
211 |
++char * |
212 |
++safe_tempnam(const char *pfx) |
213 |
++{ |
214 |
++ char *dirname, *filename; |
215 |
++ int fd; |
216 |
++ |
217 |
++ if (!(dirname = getenv("TMPDIR"))) |
218 |
++ dirname = "/tmp"; |
219 |
++ |
220 |
++ tempfiles = (char **) realloc(tempfiles, |
221 |
++ (ntempfiles+1) * sizeof(char *)); |
222 |
++ if (tempfiles == NULL) |
223 |
++ return NULL; |
224 |
++ |
225 |
++ filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX")); |
226 |
++ if (!filename) |
227 |
++ return NULL; |
228 |
++ |
229 |
++ sprintf(filename, "%s/%sXXXXXX", dirname, pfx); |
230 |
++ |
231 |
++ if ((fd = mkstemp(filename)) < 0) { |
232 |
++ free(filename); |
233 |
++ return NULL; |
234 |
++ } |
235 |
++ close(fd); |
236 |
++ |
237 |
++ if (ntempfiles == 0) |
238 |
++ atexit(cleanup_tempfiles); |
239 |
++ tempfiles[ntempfiles++] = filename; |
240 |
++ |
241 |
++ return filename; |
242 |
++} |
243 |
+--- a/lib/routines.h |
244 |
++++ b/lib/routines.h |
245 |
+@@ -255,7 +255,8 @@ |
246 |
+ /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */ |
247 |
+ #define tempname_ensure(Str) \ |
248 |
+ do { \ |
249 |
+- (Str) = (Str) ? (Str) : tempnam (NULL, "a2_"); \ |
250 |
++ (Str) = (Str) ? (Str) : safe_tempnam("a2_"); \ |
251 |
+ } while (0) |
252 |
++char * safe_tempnam(const char *); |
253 |
+ |
254 |
+ #endif |