diff options
author | Alexis Ballier <aballier@gentoo.org> | 2007-10-22 06:22:28 +0000 |
---|---|---|
committer | Alexis Ballier <aballier@gentoo.org> | 2007-10-22 06:22:28 +0000 |
commit | e760cb95c042b9781f182846cf5eeb69c3c1df9f (patch) | |
tree | 732d735a63041a471c7eac913ec156ce0831f6eb /app-text | |
parent | Stable for HPPA (bug #195700). (diff) | |
download | historical-e760cb95c042b9781f182846cf5eeb69c3c1df9f.tar.gz historical-e760cb95c042b9781f182846cf5eeb69c3c1df9f.tar.bz2 historical-e760cb95c042b9781f182846cf5eeb69c3c1df9f.zip |
Add a patch from upstream to prevent buffer overflow with too long hrefs using dvips -z
Package-Manager: portage-2.1.3.15
Diffstat (limited to 'app-text')
-rw-r--r-- | app-text/texlive-core/ChangeLog | 10 | ||||
-rw-r--r-- | app-text/texlive-core/Manifest | 32 | ||||
-rw-r--r-- | app-text/texlive-core/files/2007/texlive-core-2007-dvips_bufferoverflow.patch | 87 | ||||
-rw-r--r-- | app-text/texlive-core/files/digest-texlive-core-2007-r2 (renamed from app-text/texlive-core/files/digest-texlive-core-2007-r1) | 0 | ||||
-rw-r--r-- | app-text/texlive-core/texlive-core-2007-r2.ebuild (renamed from app-text/texlive-core/texlive-core-2007-r1.ebuild) | 5 |
5 files changed, 118 insertions, 16 deletions
diff --git a/app-text/texlive-core/ChangeLog b/app-text/texlive-core/ChangeLog index 44a782a15c08..716919fff442 100644 --- a/app-text/texlive-core/ChangeLog +++ b/app-text/texlive-core/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for app-text/texlive-core # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-text/texlive-core/ChangeLog,v 1.9 2007/10/21 11:32:02 aballier Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-text/texlive-core/ChangeLog,v 1.10 2007/10/22 06:22:27 aballier Exp $ + +*texlive-core-2007-r2 (22 Oct 2007) + + 22 Oct 2007; Alexis Ballier <aballier@gentoo.org> + +files/2007/texlive-core-2007-dvips_bufferoverflow.patch, + -texlive-core-2007-r1.ebuild, +texlive-core-2007-r2.ebuild: + Add a patch from upstream to prevent buffer overflow with too long hrefs + using dvips -z *texlive-core-2007-r1 (21 Oct 2007) diff --git a/app-text/texlive-core/Manifest b/app-text/texlive-core/Manifest index dce720ef0612..249a29766c00 100644 --- a/app-text/texlive-core/Manifest +++ b/app-text/texlive-core/Manifest @@ -9,6 +9,10 @@ AUX 2007/tetex-3.0_p1-xpdf-CVE-2007-3387.patch 516 RMD160 fcfa307061c6052cec241a MD5 ab265d1313af1348b7f431ab5accbcbe files/2007/tetex-3.0_p1-xpdf-CVE-2007-3387.patch 516 RMD160 fcfa307061c6052cec241adda6d7541105afa5bf files/2007/tetex-3.0_p1-xpdf-CVE-2007-3387.patch 516 SHA256 7cebc7643f54462de5504aeb6c331860beb9aae947bc80132d0ac8f9b0a2f109 files/2007/tetex-3.0_p1-xpdf-CVE-2007-3387.patch 516 +AUX 2007/texlive-core-2007-dvips_bufferoverflow.patch 3032 RMD160 d82c40767b8614180e1487a95c923b99e92161b5 SHA1 1616aff45e9412ad861d75019a2c88a5122e5b23 SHA256 d5942c40589199d19dd4407b9bcdfeb13a2559de59e70ca986c3c16040788f6b +MD5 65b84b563d53e426b5a78f1302c45863 files/2007/texlive-core-2007-dvips_bufferoverflow.patch 3032 +RMD160 d82c40767b8614180e1487a95c923b99e92161b5 files/2007/texlive-core-2007-dvips_bufferoverflow.patch 3032 +SHA256 d5942c40589199d19dd4407b9bcdfeb13a2559de59e70ca986c3c16040788f6b files/2007/texlive-core-2007-dvips_bufferoverflow.patch 3032 AUX 2007/texlive-core-2007-icu-xetex-execstacks.patch 550 RMD160 85ed534a2eb2b77fd8bafa1db405c904167712cb SHA1 fc9a44364ddebfb732be4d3d7e39ba3a547dbc2b SHA256 854b108962c6b42e74ae34658b3b18199618b80a86c677ed01a56fc43e6b6de4 MD5 a3cb6ff84b0bd80e82d7224ea5b39740 files/2007/texlive-core-2007-icu-xetex-execstacks.patch 550 RMD160 85ed534a2eb2b77fd8bafa1db405c904167712cb files/2007/texlive-core-2007-icu-xetex-execstacks.patch 550 @@ -95,25 +99,25 @@ DIST texlive-module-lib-regex-2007.zip 873 RMD160 1525034c3434b534a238b90730fe56 DIST texlive-module-lib-zlib-2007.zip 1221 RMD160 c2dc6572cd09ef2494a8b299334b902df6567f4c SHA1 2c2a4814b2eaba74da4ae35521b521f83f688ab8 SHA256 9f9ab01c861946667c218e0e2ebea7bbb74a65e94ce9cb699b99cfd51fbcfd5a DIST texlive-module-mft-2007.zip 9083 RMD160 a07d22432636f38a7639a5385ed3e96626041e45 SHA1 fc5585b86daf583779dacc9e25d0e615ba6519e4 SHA256 6d4a52492a03b41fdfc50532a9061ad94723c67ec5ded1d0ea549ee4978511a4 DIST texlive-module-mkind-english-2007.zip 2264 RMD160 c2d9e9164ed10f55bda56247e94d9bf63adf93e6 SHA1 6660cefd619df95f80f63146f0501cc8dc02e344 SHA256 333fb0b1b4b12764fb16a93ced43721a781202cf0fcb71c5eed4a4903dca5d5c -EBUILD texlive-core-2007-r1.ebuild 7279 RMD160 e5e90b4d4e22a51d628118d86a6794d6d64afc4e SHA1 3df58b2da03618b9a76bb734d578be5bc08d4606 SHA256 54cb0f0a3a3f9671344821f9ec8b942339307dfb1bac6c51d11bffd9821f80ea -MD5 0f61dbc5ce68e0410788741e74b77411 texlive-core-2007-r1.ebuild 7279 -RMD160 e5e90b4d4e22a51d628118d86a6794d6d64afc4e texlive-core-2007-r1.ebuild 7279 -SHA256 54cb0f0a3a3f9671344821f9ec8b942339307dfb1bac6c51d11bffd9821f80ea texlive-core-2007-r1.ebuild 7279 -MISC ChangeLog 2230 RMD160 51d7f8a25911a2a07a10f320f6378c750547f686 SHA1 702cb9626afdaa0e55ea913b33cd01481abe2009 SHA256 39f26ff7e00914f31fc4a9337c4dd3b26d5699d963b00e1128307018776a139c -MD5 a7c244def60623a6d3b4ddf4d88a0d15 ChangeLog 2230 -RMD160 51d7f8a25911a2a07a10f320f6378c750547f686 ChangeLog 2230 -SHA256 39f26ff7e00914f31fc4a9337c4dd3b26d5699d963b00e1128307018776a139c ChangeLog 2230 +EBUILD texlive-core-2007-r2.ebuild 7399 RMD160 c09b265d6a19978715eff795e5a96ef26facce7c SHA1 677611718182b5854af96b7b4dee706706b1d73c SHA256 a91398cf950a837d1da5072a8da04a56941fe590f0fc5c83be96bc17c4374c20 +MD5 6b2a46ff57cd750f08d388eca486c5e5 texlive-core-2007-r2.ebuild 7399 +RMD160 c09b265d6a19978715eff795e5a96ef26facce7c texlive-core-2007-r2.ebuild 7399 +SHA256 a91398cf950a837d1da5072a8da04a56941fe590f0fc5c83be96bc17c4374c20 texlive-core-2007-r2.ebuild 7399 +MISC ChangeLog 2535 RMD160 9a0a8e2b14834382e5514accc268fc2daf413244 SHA1 021168f9637af40c046ed69eafc714ea7915a098 SHA256 fb2c0dfe8155ae29aebf88029576f4ae25087b703f7ca7195c9988b731614e63 +MD5 917b1cc6f194dab8a27c5c20f613d745 ChangeLog 2535 +RMD160 9a0a8e2b14834382e5514accc268fc2daf413244 ChangeLog 2535 +SHA256 fb2c0dfe8155ae29aebf88029576f4ae25087b703f7ca7195c9988b731614e63 ChangeLog 2535 MISC metadata.xml 327 RMD160 10186cf048d44753bf4cec722eed45d2ade12316 SHA1 0254321c012da0e8f80aec6f29a0fb5b17675d4d SHA256 e520223493249c261b48f7f7460ed7c262d35383484e730cfefba51fde1195be MD5 10ddcc0c6d2a7a76dd92dffa01ca03ca metadata.xml 327 RMD160 10186cf048d44753bf4cec722eed45d2ade12316 metadata.xml 327 SHA256 e520223493249c261b48f7f7460ed7c262d35383484e730cfefba51fde1195be metadata.xml 327 -MD5 ce038c7eaf6971f7bb7aa8af4e1992eb files/digest-texlive-core-2007-r1 13910 -RMD160 a35861ced4172658b14517c8880d2a193f876372 files/digest-texlive-core-2007-r1 13910 -SHA256 b5566af1308a9159c3e2bf536780a99f874ed08617817776d3a0b89ec93494f2 files/digest-texlive-core-2007-r1 13910 +MD5 ce038c7eaf6971f7bb7aa8af4e1992eb files/digest-texlive-core-2007-r2 13910 +RMD160 a35861ced4172658b14517c8880d2a193f876372 files/digest-texlive-core-2007-r2 13910 +SHA256 b5566af1308a9159c3e2bf536780a99f874ed08617817776d3a0b89ec93494f2 files/digest-texlive-core-2007-r2 13910 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.7 (GNU/Linux) -iD8DBQFHGzjNvFcC4BYPU0oRAoC4AJ93t8Ys3/SmIFHb7cTlufwuEZJSWACgugDg -Ls05iWOA/2lc3bkFQBYosxg= -=FRXV +iD8DBQFHHEHGvFcC4BYPU0oRAstwAJ4nUhRb1ZSb/CXUQlSZ2ggZJC9RvgCcCDA9 +UoGLj6abWvunVleN3sQroBE= +=nxcp -----END PGP SIGNATURE----- diff --git a/app-text/texlive-core/files/2007/texlive-core-2007-dvips_bufferoverflow.patch b/app-text/texlive-core/files/2007/texlive-core-2007-dvips_bufferoverflow.patch new file mode 100644 index 000000000000..3f4732f1a249 --- /dev/null +++ b/app-text/texlive-core/files/2007/texlive-core-2007-dvips_bufferoverflow.patch @@ -0,0 +1,87 @@ +hps.c (stamp_external, stamp_hps): protext against long strings. + From Bastien Roucaries via Norbert, 21 Oct 2007 13:22:19, + Debian bug 447081. + +Index: texk/dvipsk/hps.c +=================================================================== +--- texk/dvipsk/hps.c (revision 5253) ++++ texk/dvipsk/hps.c (revision 5254) +@@ -441,20 +441,29 @@ + + void stamp_hps P1C(Hps_link *, pl) + { +- char tmpbuf[200] ; ++ char * tmpbuf; + if (pl == NULL) { +- error("Null pointer, oh no!") ; ++ error("stamp_hps: null pl pointer, oh no!") ; + return ; +- } else { +- /* print out the proper pdfm with local page info only +- * target info will be in the target dictionary */ +- (void)sprintf(tmpbuf, +- " (%s) [[%.0f %.0f %.0f %.0f] [%i %i %i [%i %i]] [%.0f %.0f %.0f]] pdfm ", pl->title, pl->rect.llx, pl->rect.lly, pl->rect.urx, pl->rect.ury, +- pl->border[0], pl->border[1], pl->border[2], pl->border[3],pl->border[4], +- pl->color[0], pl->color[1], pl->color[2]) ; +- cmdout(tmpbuf) ; +- } ++ } ++ if(pl->title == NULL) { ++ error("stamp_hps: null pl->title pointer, oh no!") ; ++ return ; ++ } ++ ++ tmpbuf = (char *) xmalloc(strlen(pl->title)+200); ++ ++ /* print out the proper pdfm with local page info only ++ * target info will be in the target dictionary */ ++ (void)sprintf(tmpbuf, ++ " (%s) [[%.0f %.0f %.0f %.0f] [%i %i %i [%i %i]] [%.0f %.0f %.0f]] pdfm ", ++ pl->title, pl->rect.llx, pl->rect.lly, pl->rect.urx, pl->rect.ury, ++ pl->border[0], pl->border[1], pl->border[2], pl->border[3],pl->border[4], ++ pl->color[0], pl->color[1], pl->color[2]) ; ++ cmdout(tmpbuf) ; ++ free(tmpbuf); + ++ + } + + /* For external URL's, we just pass them through as a string. The hyperps +@@ -462,18 +471,27 @@ + */ + void stamp_external P2C(char *, s, Hps_link *, pl) + { +- char tmpbuf[200]; ++ char *tmpbuf; + if (pl == NULL) { +- error("Null pointer, oh no!") ; ++ error("stamp_external: null pl pointer, oh no!") ; + return ; +- } else { +- /* print out the proper pdfm with local page info only +- * target info will be in the target dictionary */ +- (void)sprintf(tmpbuf," [[%.0f %.0f %.0f %.0f] [%i %i %i [%i %i]] [%.0f %.0f %.0f]] (%s) pdfm ", pl->rect.llx, pl->rect.lly, pl->rect.urx, pl->rect.ury, +- pl->border[0], pl->border[1], pl->border[2], pl->border[3],pl->border[4], +- pl->color[0], pl->color[1], pl->color[2], s) ; +- cmdout(tmpbuf) ; +- } ++ } ++ ++ if (s == NULL) { ++ error("stamp_external: null s pointer, oh no!") ; ++ return ; ++ } ++ ++ tmpbuf = (char *) xmalloc(strlen(s) + 200); ++ ++ /* print out the proper pdfm with local page info only ++ * target info will be in the target dictionary */ ++ (void)sprintf(tmpbuf," [[%.0f %.0f %.0f %.0f] [%i %i %i [%i %i]] [%.0f %.0f %.0f]] (%s) pdfm ", ++ pl->rect.llx, pl->rect.lly, pl->rect.urx, pl->rect.ury, ++ pl->border[0], pl->border[1], pl->border[2], pl->border[3],pl->border[4], ++ pl->color[0], pl->color[1], pl->color[2], s) ; ++ cmdout(tmpbuf) ; ++ free(tmpbuf); + } + + void finish_hps P1H(void) { diff --git a/app-text/texlive-core/files/digest-texlive-core-2007-r1 b/app-text/texlive-core/files/digest-texlive-core-2007-r2 index 4e987019c1ec..4e987019c1ec 100644 --- a/app-text/texlive-core/files/digest-texlive-core-2007-r1 +++ b/app-text/texlive-core/files/digest-texlive-core-2007-r2 diff --git a/app-text/texlive-core/texlive-core-2007-r1.ebuild b/app-text/texlive-core/texlive-core-2007-r2.ebuild index 4a10dc685c33..287378e5c223 100644 --- a/app-text/texlive-core/texlive-core-2007-r1.ebuild +++ b/app-text/texlive-core/texlive-core-2007-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2007 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-text/texlive-core/texlive-core-2007-r1.ebuild,v 1.1 2007/10/21 11:32:02 aballier Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-text/texlive-core/texlive-core-2007-r2.ebuild,v 1.1 2007/10/22 06:22:27 aballier Exp $ inherit eutils flag-o-matic toolchain-funcs libtool autotools texlive-common @@ -77,6 +77,9 @@ src_unpack() { # supported epatch "${FILESDIR}/${PV}/${P}-icu-xetex-execstacks.patch" +# See http://permalink.gmane.org/gmane.comp.tex.live/14939 + epatch "${FILESDIR}/${PV}/${P}-dvips_bufferoverflow.patch" + sed -i -e "/mktexlsr/,+3d" -e "s/\(updmap-sys\)/\1 --nohash/" \ Makefile.in || die "sed failed" |