summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app-text/enscript/ChangeLog9
-rw-r--r--app-text/enscript/Manifest7
-rw-r--r--app-text/enscript/enscript-1.6.3-r2.ebuild39
-rw-r--r--app-text/enscript/files/digest-enscript-1.6.3-r21
-rw-r--r--app-text/enscript/files/enscript-1.6.3-security.patch189
5 files changed, 242 insertions, 3 deletions
diff --git a/app-text/enscript/ChangeLog b/app-text/enscript/ChangeLog
index 7a8907d77fc1..db0b5b0f0e64 100644
--- a/app-text/enscript/ChangeLog
+++ b/app-text/enscript/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for app-text/enscript
# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-text/enscript/ChangeLog,v 1.21 2005/01/02 22:00:50 ciaranm Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-text/enscript/ChangeLog,v 1.22 2005/01/21 14:31:27 solar Exp $
+
+*enscript-1.6.3-r2 (21 Jan 2005)
+
+ 21 Jan 2005; <solar@gentoo.org> +files/enscript-1.6.3-security.patch,
+ +enscript-1.6.3-r2.ebuild:
+ - security bump for bug #77408 fixes CAN-2004-1184, CAN-2004-1185,
+ CAN-2004-1186
02 Jan 2005; Ciaran McCreesh <ciaranm@gentoo.org> :
Change encoding to UTF-8 for GLEP 31 compliance
diff --git a/app-text/enscript/Manifest b/app-text/enscript/Manifest
index d594ccd62c3d..2b511364d0ac 100644
--- a/app-text/enscript/Manifest
+++ b/app-text/enscript/Manifest
@@ -1,5 +1,8 @@
-MD5 7c7a50d3b77ef67bdb026af3ba573c7f ChangeLog 2283
+MD5 36dec16c09d6f5a1740db37deca1bd0b enscript-1.6.3-r2.ebuild 925
MD5 b2e93a545ae790fb6fb3f5109e60923a enscript-1.6.3.ebuild 696
MD5 0db790ea45572b922465082d97fe6488 enscript-1.6.3-r1.ebuild 813
-MD5 528d3e39a7e18ff200cccfd037ee0422 files/digest-enscript-1.6.3 66
+MD5 7c7a50d3b77ef67bdb026af3ba573c7f ChangeLog 2283
MD5 528d3e39a7e18ff200cccfd037ee0422 files/digest-enscript-1.6.3-r1 66
+MD5 528d3e39a7e18ff200cccfd037ee0422 files/digest-enscript-1.6.3-r2 66
+MD5 528d3e39a7e18ff200cccfd037ee0422 files/digest-enscript-1.6.3 66
+MD5 90c2dfb225dc7d363155d6315aa2ca0d files/enscript-1.6.3-security.patch 6043
diff --git a/app-text/enscript/enscript-1.6.3-r2.ebuild b/app-text/enscript/enscript-1.6.3-r2.ebuild
new file mode 100644
index 000000000000..a9a4e589e4e0
--- /dev/null
+++ b/app-text/enscript/enscript-1.6.3-r2.ebuild
@@ -0,0 +1,39 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-text/enscript/enscript-1.6.3-r2.ebuild,v 1.1 2005/01/21 14:31:27 solar Exp $
+
+inherit eutils
+
+DESCRIPTION="powerful text-to-postscript converter"
+SRC_URI="http://www.iki.fi/mtr/genscript/${P}.tar.gz"
+HOMEPAGE="http://www.gnu.org/software/enscript/enscript.html"
+
+KEYWORDS="~x86 ~ppc ~sparc ~amd64 ~alpha ~mips ~ppc64"
+SLOT="0"
+LICENSE="GPL-2"
+IUSE="nls"
+
+DEPEND="sys-devel/flex
+ sys-devel/bison
+ nls? ( sys-devel/gettext )"
+RDEPEND="nls? ( sys-devel/gettext )"
+
+src_unpack() {
+ unpack ${A}
+ cd ${S}
+ epatch ${FILESDIR}/enscript-1.6.3-security.patch
+}
+
+src_compile() {
+ econf `use_enable nls` || die
+ emake || die
+}
+
+src_install() {
+ einstall || die
+ dodoc AUTHORS ChangeLog FAQ.html NEWS README* THANKS TODO
+}
+
+pkg_postinst() {
+ einfo "Now, customize /etc/enscript.cfg."
+}
diff --git a/app-text/enscript/files/digest-enscript-1.6.3-r2 b/app-text/enscript/files/digest-enscript-1.6.3-r2
new file mode 100644
index 000000000000..57b3e69cc3f8
--- /dev/null
+++ b/app-text/enscript/files/digest-enscript-1.6.3-r2
@@ -0,0 +1 @@
+MD5 ec717f8b0de7db00a21a21f70d354610 enscript-1.6.3.tar.gz 814308
diff --git a/app-text/enscript/files/enscript-1.6.3-security.patch b/app-text/enscript/files/enscript-1.6.3-security.patch
new file mode 100644
index 000000000000..52f66188dbba
--- /dev/null
+++ b/app-text/enscript/files/enscript-1.6.3-security.patch
@@ -0,0 +1,189 @@
+diff -u -p -Nr --exclude CVS orig/enscript-1.6.3/src/gsint.h enscript-1.6.3.CAN-2004-1184/src/gsint.h
+--- orig/enscript-1.6.3/src/gsint.h 2000-07-11 17:28:06.000000000 +0200
++++ enscript-1.6.3.CAN-2004-1184/src/gsint.h 2005-01-04 20:45:24.000000000 +0100
+@@ -701,4 +701,9 @@ FILE *printer_open ___P ((char *cmd, cha
+ */
+ void printer_close ___P ((void *context));
+
++/*
++ * Escape filenames for shell usage
++ */
++char *shell_escape ___P ((const char *fn));
++
+ #endif /* not GSINT_H */
+diff -u -p -Nr --exclude CVS orig/enscript-1.6.3/src/main.c enscript-1.6.3.CAN-2004-1184/src/main.c
+--- orig/enscript-1.6.3/src/main.c 2005-01-04 20:52:31.000000000 +0100
++++ enscript-1.6.3.CAN-2004-1184/src/main.c 2005-01-05 10:57:44.000000000 +0100
+@@ -1555,9 +1555,13 @@ name width\theight\tllx\tlly
+ buffer_append (&cmd, intbuf);
+ buffer_append (&cmd, " ");
+
+- buffer_append (&cmd, "-Ddocument_title=\"");
+- buffer_append (&cmd, title);
+- buffer_append (&cmd, "\" ");
++ buffer_append (&cmd, "-Ddocument_title=\'");
++ if ((cp = shell_escape (title)) != NULL)
++ {
++ buffer_append (&cmd, cp);
++ free (cp);
++ }
++ buffer_append (&cmd, "\' ");
+
+ buffer_append (&cmd, "-Dtoc=");
+ buffer_append (&cmd, toc ? "1" : "0");
+@@ -1574,8 +1578,14 @@ name width\theight\tllx\tlly
+ /* Append input files. */
+ for (i = optind; i < argc; i++)
+ {
+- buffer_append (&cmd, " ");
+- buffer_append (&cmd, argv[i]);
++ char *cp;
++ if ((cp = shell_escape (argv[i])) != NULL)
++ {
++ buffer_append (&cmd, " \'");
++ buffer_append (&cmd, cp);
++ buffer_append (&cmd, "\'");
++ free (cp);
++ }
+ }
+
+ /* And do the job. */
+@@ -1636,7 +1645,7 @@ name width\theight\tllx\tlly
+ buffer_ptr (opts), buffer_len (opts));
+ }
+
+- buffer_append (&buffer, " \"%s\"");
++ buffer_append (&buffer, " \'%s\'");
+
+ input_filter = buffer_copy (&buffer);
+ input_filter_stdin = "-";
+diff -u -p -Nr --exclude CVS orig/enscript-1.6.3/src/util.c enscript-1.6.3.CAN-2004-1184/src/util.c
+--- orig/enscript-1.6.3/src/util.c 1999-09-17 17:26:51.000000000 +0200
++++ enscript-1.6.3.CAN-2004-1184/src/util.c 2005-01-05 10:43:23.000000000 +0100
+@@ -1239,6 +1239,8 @@ escape_string (char *string)
+
+ /* Create result. */
+ cp = xmalloc (len + 1);
++ if (cp == NULL)
++ return NULL;
+ for (i = 0, j = 0; string[i]; i++)
+ switch (string[i])
+ {
+@@ -1879,6 +1881,7 @@ is_open (InputStream *is, FILE *fp, char
+ char *cmd = NULL;
+ int cmdlen;
+ int i, pos;
++ char *cp;
+
+ is->is_pipe = 1;
+
+@@ -1902,12 +1905,16 @@ is_open (InputStream *is, FILE *fp, char
+ {
+ case 's':
+ /* Expand cmd-buffer. */
+- cmdlen += strlen (fname);
+- cmd = xrealloc (cmd, cmdlen);
++ if ((cp = shell_escape (fname)) != NULL)
++ {
++ cmdlen += strlen (cp);
++ cmd = xrealloc (cmd, cmdlen);
+
+- /* Paste filename. */
+- strcpy (cmd + pos, fname);
+- pos += strlen (fname);
++ /* Paste filename. */
++ strcpy (cmd + pos, cp);
++ pos += strlen (cp);
++ free (cp);
++ }
+
+ i++;
+ break;
+@@ -2116,3 +2123,36 @@ buffer_len (Buffer *buffer)
+ {
+ return buffer->len;
+ }
++
++/*
++ * Escapes the name of a file so that the shell groks it in 'single'
++ * quotation marks. The resulting pointer has to be free()ed when not
++ * longer used.
++*/
++char *
++shell_escape(const char *fn)
++{
++ size_t len = 0;
++ const char *inp;
++ char *retval, *outp;
++
++ for(inp = fn; *inp; ++inp)
++ switch(*inp)
++ {
++ case '\'': len += 4; break;
++ default: len += 1; break;
++ }
++
++ outp = retval = malloc(len + 1);
++ if(!outp)
++ return NULL; /* perhaps one should do better error handling here */
++ for(inp = fn; *inp; ++inp)
++ switch(*inp)
++ {
++ case '\'': *outp++ = '\''; *outp++ = '\\'; *outp++ = '\'', *outp++ = '\''; break;
++ default: *outp++ = *inp; break;
++ }
++ *outp = 0;
++
++ return retval;
++}
+diff -u -p -Nr --exclude CVS enscript-1.6.3.CAN-2004-1184/src/psgen.c enscript-1.6.3.CAN-2004-1185/src/psgen.c
+--- enscript-1.6.3.CAN-2004-1184/src/psgen.c 2005-01-04 20:59:56.000000000 +0100
++++ enscript-1.6.3.CAN-2004-1185/src/psgen.c 2005-01-05 15:22:40.000000000 +0100
+@@ -2385,9 +2385,10 @@ recognize_eps_file (Token *token)
+ MESSAGE (2, (stderr, "^@epsf=\"%s\"\n", token->u.epsf.filename));
+
+ i = strlen (token->u.epsf.filename);
++ /*
+ if (i > 0 && token->u.epsf.filename[i - 1] == '|')
+ {
+- /* Read EPS data from pipe. */
++ / * Read EPS data from pipe. * /
+ token->u.epsf.pipe = 1;
+ token->u.epsf.filename[i - 1] = '\0';
+ token->u.epsf.fp = popen (token->u.epsf.filename, "r");
+@@ -2400,6 +2401,7 @@ recognize_eps_file (Token *token)
+ }
+ }
+ else
++ */
+ {
+ char *filename;
+
+diff -u -p -Nr --exclude CVS enscript-1.6.3.CAN-2004-1185/src/psgen.c enscript-1.6.3.CAN-2004-1186/src/psgen.c
+--- enscript-1.6.3.CAN-2004-1185/src/psgen.c 2005-01-05 15:22:40.000000000 +0100
++++ enscript-1.6.3.CAN-2004-1186/src/psgen.c 2005-01-05 15:22:44.000000000 +0100
+@@ -2034,8 +2034,9 @@ dump_ps_page_header (char *fname, int em
+ else
+ {
+ ftail++;
+- strncpy (buf, fname, ftail - fname);
+- buf[ftail - fname] = '\0';
++ i = ftail - fname >= sizeof (buf)-1 ? sizeof (buf)-1 : ftail - fname;
++ strncpy (buf, fname, i);
++ buf[i] = '\0';
+ }
+
+ if (nup > 1)
+diff -u -p -Nr --exclude CVS enscript-1.6.3.CAN-2004-1185/src/util.c enscript-1.6.3.CAN-2004-1186/src/util.c
+--- enscript-1.6.3.CAN-2004-1185/src/util.c 2005-01-05 10:43:23.000000000 +0100
++++ enscript-1.6.3.CAN-2004-1186/src/util.c 2005-01-05 15:22:23.000000000 +0100
+@@ -2003,7 +2003,8 @@ is_getc (InputStream *is)
+ return EOF;
+
+ /* Read more data. */
+- is->data_in_buf = fread (is->buf, 1, sizeof (is->buf), is->fp);
++ memset (is->buf, 0, sizeof (is->buf));
++ is->data_in_buf = fread (is->buf, 1, sizeof (is->buf)-1, is->fp);
+ is->bufpos = 0;
+ is->nreads++;
+