Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-text
diff options
context:
space:
mode:
authorTimo Gurr <tgurr@gentoo.org>2008-11-07 16:43:25 +0000
committerTimo Gurr <tgurr@gentoo.org>2008-11-07 16:43:25 +0000
commit16282a9996f72abb9115361b80df441d3c8945c4 (patch)
treebf8284c6ef70f65a6f5b537b79c2100dd6000c56 /app-text
parentInitial import for LXDE meta package (diff)
downloadgentoo-2-16282a9996f72abb9115361b80df441d3c8945c4.tar.gz
gentoo-2-16282a9996f72abb9115361b80df441d3c8945c4.tar.bz2
gentoo-2-16282a9996f72abb9115361b80df441d3c8945c4.zip
Revision bump fixing security issues, see bug #243228. Also fixes bug #202348 and includes some more QA fixes.
(Portage version: 2.2_rc13/cvs/Linux 2.6.27-gentoo-r1 x86_64)
Diffstat (limited to 'app-text')
-rw-r--r--app-text/enscript/ChangeLog10
-rw-r--r--app-text/enscript/enscript-1.6.4-r4.ebuild55
-rw-r--r--app-text/enscript/files/enscript-1.6.4-CVE-2008-3863-CVE-2008-4306.patch91
-rw-r--r--app-text/enscript/files/enscript-1.6.4-config.patch95
4 files changed, 250 insertions, 1 deletions
diff --git a/app-text/enscript/ChangeLog b/app-text/enscript/ChangeLog
index ae9c7c4db0b8..da6cdd4dfe2f 100644
--- a/app-text/enscript/ChangeLog
+++ b/app-text/enscript/ChangeLog
@@ -1,6 +1,14 @@
# ChangeLog for app-text/enscript
# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-text/enscript/ChangeLog,v 1.49 2008/03/04 03:07:51 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-text/enscript/ChangeLog,v 1.50 2008/11/07 16:43:25 tgurr Exp $
+
+*enscript-1.6.4-r4 (07 Nov 2008)
+
+ 07 Nov 2008; Timo Gurr <tgurr@gentoo.org>
+ +files/enscript-1.6.4-CVE-2008-3863-CVE-2008-4306.patch,
+ +files/enscript-1.6.4-config.patch, +enscript-1.6.4-r4.ebuild:
+ Revision bump fixing security issues, see bug #243228. Also fixes bug
+ #202348 and includes some more QA fixes.
04 Mar 2008; Jeroen Roovers <jer@gentoo.org> enscript-1.6.4-r2.ebuild,
enscript-1.6.4-r3.ebuild:
diff --git a/app-text/enscript/enscript-1.6.4-r4.ebuild b/app-text/enscript/enscript-1.6.4-r4.ebuild
new file mode 100644
index 000000000000..bf9bf6ce1102
--- /dev/null
+++ b/app-text/enscript/enscript-1.6.4-r4.ebuild
@@ -0,0 +1,55 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-text/enscript/enscript-1.6.4-r4.ebuild,v 1.1 2008/11/07 16:43:25 tgurr Exp $
+
+inherit eutils
+
+DESCRIPTION="powerful text-to-postscript converter"
+SRC_URI="http://www.iki.fi/mtr/genscript/${P}.tar.gz"
+HOMEPAGE="http://www.gnu.org/software/enscript/enscript.html"
+
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+SLOT="0"
+LICENSE="GPL-2"
+IUSE="nls ruby"
+
+DEPEND="sys-devel/flex
+ sys-devel/bison
+ nls? ( sys-devel/gettext )"
+RDEPEND="nls? ( virtual/libintl )"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+ epatch "${FILESDIR}"/enscript-1.6.3-security.patch
+ epatch "${FILESDIR}"/enscript-1.6.3-language.patch
+ epatch "${FILESDIR}"/enscript-catmur.patch
+ epatch "${FILESDIR}"/enscript-1.6.4-ebuild.st.patch
+ epatch "${FILESDIR}"/enscript-1.6.4-config.patch
+ epatch "${FILESDIR}"/enscript-1.6.4-CVE-2008-3863-CVE-2008-4306.patch
+ use ruby && epatch "${FILESDIR}"/enscript-1.6.2-ruby.patch
+}
+
+src_compile() {
+ unset CC
+ econf $(use_enable nls)
+ emake || die "emake failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "install failed"
+
+ dodoc AUTHORS ChangeLog NEWS README* THANKS TODO || die "dodoc failed"
+
+ insinto /usr/share/enscript/hl
+ doins "${FILESDIR}"/ebuild.st || die "doins ebuild.st failed"
+
+ if use ruby ; then
+ insinto /usr/share/enscript/hl
+ doins "${FILESDIR}"/ruby.st || die "doins ruby.st failed"
+ fi
+}
+
+pkg_postinst() {
+ elog "Now, customize /etc/enscript.cfg."
+}
diff --git a/app-text/enscript/files/enscript-1.6.4-CVE-2008-3863-CVE-2008-4306.patch b/app-text/enscript/files/enscript-1.6.4-CVE-2008-3863-CVE-2008-4306.patch
new file mode 100644
index 000000000000..2ee926b107af
--- /dev/null
+++ b/app-text/enscript/files/enscript-1.6.4-CVE-2008-3863-CVE-2008-4306.patch
@@ -0,0 +1,91 @@
+--- src/psgen.c
++++ src/psgen.c 2008-10-29 10:43:08.512598143 +0100
+@@ -24,6 +24,7 @@
+ * Boston, MA 02111-1307, USA.
+ */
+
++#include <limits.h>
+ #include "gsint.h"
+
+ /*
+@@ -124,7 +125,7 @@ struct gs_token_st
+ double xscale;
+ double yscale;
+ int llx, lly, urx, ury; /* Bounding box. */
+- char filename[512];
++ char filename[PATH_MAX];
+ char *skipbuf;
+ unsigned int skipbuf_len;
+ unsigned int skipbuf_pos;
+@@ -135,11 +136,11 @@ struct gs_token_st
+ Color bgcolor;
+ struct
+ {
+- char name[512];
++ char name[PATH_MAX];
+ FontPoint size;
+ InputEncoding encoding;
+ } font;
+- char filename[512];
++ char filename[PATH_MAX];
+ } u;
+ };
+
+@@ -248,7 +249,7 @@ static int do_print = 1;
+ static int user_fontp = 0;
+
+ /* The user ^@font{}-defined font. */
+-static char user_font_name[256];
++static char user_font_name[PATH_MAX];
+ static FontPoint user_font_pt;
+ static InputEncoding user_font_encoding;
+
+@@ -978,7 +979,8 @@ large for page\n"),
+ FATAL ((stderr,
+ _("user font encoding can be only the system's default or `ps'")));
+
+- strcpy (user_font_name, token.u.font.name);
++ memset (user_font_name, 0, sizeof(user_font_name));
++ strncpy (user_font_name, token.u.font.name, sizeof(user_font_name) - 1);
+ user_font_pt.w = token.u.font.size.w;
+ user_font_pt.h = token.u.font.size.h;
+ user_font_encoding = token.u.font.encoding;
+@@ -1444,7 +1446,7 @@ read_special_escape (InputStream *is, To
+ buf[i] = ch;
+ if (i + 1 >= sizeof (buf))
+ FATAL ((stderr, _("too long argument for %s escape:\n%.*s"),
+- escapes[i].name, i, buf));
++ escapes[e].name, i, buf));
+ }
+ buf[i] = '\0';
+
+@@ -1452,7 +1454,8 @@ read_special_escape (InputStream *is, To
+ switch (escapes[e].escape)
+ {
+ case ESC_FONT:
+- strcpy (token->u.font.name, buf);
++ memset (token->u.font.name, 0, sizeof(token->u.font.name));
++ strncpy (token->u.font.name, buf, sizeof(token->u.font.name) - 1);
+
+ /* Check for the default font. */
+ if (strcmp (token->u.font.name, "default") == 0)
+@@ -1465,7 +1468,8 @@ read_special_escape (InputStream *is, To
+ FATAL ((stderr, _("malformed font spec for ^@font escape: %s"),
+ token->u.font.name));
+
+- strcpy (token->u.font.name, cp);
++ memset (token->u.font.name, 0, sizeof(token->u.font.name));
++ strncpy (token->u.font.name, cp, sizeof(token->u.font.name) - 1);
+ xfree (cp);
+ }
+ token->type = tFONT;
+@@ -1544,7 +1548,8 @@ read_special_escape (InputStream *is, To
+ break;
+
+ case ESC_SETFILENAME:
+- strcpy (token->u.filename, buf);
++ memset (token->u.filename, 0, sizeof(token->u.font.name));
++ strncpy (token->u.filename, buf, sizeof(token->u.filename) - 1);
+ token->type = tSETFILENAME;
+ break;
+
diff --git a/app-text/enscript/files/enscript-1.6.4-config.patch b/app-text/enscript/files/enscript-1.6.4-config.patch
new file mode 100644
index 000000000000..5823a9db5e96
--- /dev/null
+++ b/app-text/enscript/files/enscript-1.6.4-config.patch
@@ -0,0 +1,95 @@
+--- enscript-1.6.4/afm/Makefile.am.config 2003-03-05 07:26:16.000000000 +0000
++++ enscript-1.6.4/afm/Makefile.am 2005-12-23 09:56:52.000000000 +0000
+@@ -36,11 +36,11 @@
+ EXTRA_DIST = font.map $(default_afm) $(public_fonts)
+
+ install-data-local:
+- $(top_srcdir)/mkinstalldirs $(datadir)/enscript
+- $(top_srcdir)/mkinstalldirs $(datadir)/enscript/afm
++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript
++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript/afm
+ for f in $(EXTRA_DIST); do \
+- $(INSTALL_DATA) $(srcdir)/$$f $(datadir)/enscript/afm/$$f; \
++ $(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)/$(datadir)/enscript/afm/$$f; \
+ done
+
+ uninstall-local:
+- rm -rf $(datadir)/enscript/afm
++ rm -rf $(DESTDIR)/$(datadir)/enscript/afm
+--- enscript-1.6.4/afm/Makefile.in.config 2003-03-05 07:40:06.000000000 +0000
++++ enscript-1.6.4/afm/Makefile.in 2005-12-23 09:56:52.000000000 +0000
+@@ -319,14 +319,14 @@
+
+
+ install-data-local:
+- $(top_srcdir)/mkinstalldirs $(datadir)/enscript
+- $(top_srcdir)/mkinstalldirs $(datadir)/enscript/afm
++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript
++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript/afm
+ for f in $(EXTRA_DIST); do \
+- $(INSTALL_DATA) $(srcdir)/$$f $(datadir)/enscript/afm/$$f; \
++ $(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)/$(datadir)/enscript/afm/$$f; \
+ done
+
+ uninstall-local:
+- rm -rf $(datadir)/enscript/afm
++ rm -rf $(DESTDIR)/$(datadir)/enscript/afm
+ # Tell versions [3.59,3.63) of GNU make to not export all variables.
+ # Otherwise a system limit (for SysV at least) may be exceeded.
+ .NOEXPORT:
+--- enscript-1.6.4/lib/Makefile.in.config 2003-03-05 07:40:07.000000000 +0000
++++ enscript-1.6.4/lib/Makefile.in 2005-12-23 09:56:52.000000000 +0000
+@@ -345,15 +345,16 @@
+ all-local: enscript.cfg
+
+ install-data-local: enscript.cfg
+- $(top_srcdir)/mkinstalldirs $(sysconfdir)
+- if test -r $(sysconfdir)/enscript.cfg; then \
+- cp $(sysconfdir)/enscript.cfg $(sysconfdir)/enscript.cfg.old; \
++ $(top_srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir)
++ if test -r $(DESTDIR)$(sysconfdir)/enscript.cfg; then \
++ cp $(DESTDIR)$(sysconfdir)/enscript.cfg \
++ $(DESTDIR)$(sysconfdir)/enscript.cfg.old; \
+ else :; \
+ fi
+- $(INSTALL_DATA) enscript.cfg $(sysconfdir)/enscript.cfg
++ $(INSTALL_DATA) enscript.cfg $(DESTDIR)$(sysconfdir)/enscript.cfg
+
+ uninstall-local:
+- rm -f $(sysconfdir)/enscript.cfg
++ rm -f $(DESTDIR)$(sysconfdir)/enscript.cfg
+
+ enscript.cfg: $(srcdir)/enscript.cfg.in Makefile
+ sed 's%@DATADIR@%$(datadir)%g; s%@media@%@MEDIA@%g; s%@BINDIR@%$(bindir)%g; s%@spooler@%@SPOOLER@%g; s%@pslevel@%@PSLEVEL@%g' \
+--- enscript-1.6.4/states/hl/Makefile.am.config 2005-12-23 09:59:55.000000000 +0000
++++ enscript-1.6.4/states/hl/Makefile.am 2005-12-23 10:00:09.000000000 +0000
+@@ -45,10 +45,10 @@
+ EXTRA_DIST = $(states)
+
+ install-data-local:
+- $(top_srcdir)/mkinstalldirs $(datadir)/enscript
+- $(top_srcdir)/mkinstalldirs $(datadir)/enscript/hl
++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript
++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript/hl
+ for f in $(states); do \
+- $(INSTALL_DATA) $(srcdir)/$$f $(datadir)/enscript/hl/$$f; \
++ $(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)/$(datadir)/enscript/hl/$$f; \
+ done
+
+ uninstall-local:
+--- enscript-1.6.4/states/hl/Makefile.in.config 2005-12-23 10:00:13.000000000 +0000
++++ enscript-1.6.4/states/hl/Makefile.in 2005-12-23 10:00:34.000000000 +0000
+@@ -330,10 +330,10 @@
+
+
+ install-data-local:
+- $(top_srcdir)/mkinstalldirs $(datadir)/enscript
+- $(top_srcdir)/mkinstalldirs $(datadir)/enscript/hl
++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript
++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript/hl
+ for f in $(states); do \
+- $(INSTALL_DATA) $(srcdir)/$$f $(datadir)/enscript/hl/$$f; \
++ $(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)/$(datadir)/enscript/hl/$$f; \
+ done
+
+ uninstall-local: