From 16282a9996f72abb9115361b80df441d3c8945c4 Mon Sep 17 00:00:00 2001 From: Timo Gurr Date: Fri, 7 Nov 2008 16:43:25 +0000 Subject: Revision bump fixing security issues, see bug #243228. Also fixes bug #202348 and includes some more QA fixes. (Portage version: 2.2_rc13/cvs/Linux 2.6.27-gentoo-r1 x86_64) --- app-text/enscript/ChangeLog | 10 ++- app-text/enscript/enscript-1.6.4-r4.ebuild | 55 +++++++++++++ ...nscript-1.6.4-CVE-2008-3863-CVE-2008-4306.patch | 91 +++++++++++++++++++++ .../enscript/files/enscript-1.6.4-config.patch | 95 ++++++++++++++++++++++ 4 files changed, 250 insertions(+), 1 deletion(-) create mode 100644 app-text/enscript/enscript-1.6.4-r4.ebuild create mode 100644 app-text/enscript/files/enscript-1.6.4-CVE-2008-3863-CVE-2008-4306.patch create mode 100644 app-text/enscript/files/enscript-1.6.4-config.patch (limited to 'app-text') diff --git a/app-text/enscript/ChangeLog b/app-text/enscript/ChangeLog index ae9c7c4db0b8..da6cdd4dfe2f 100644 --- a/app-text/enscript/ChangeLog +++ b/app-text/enscript/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for app-text/enscript # Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-text/enscript/ChangeLog,v 1.49 2008/03/04 03:07:51 jer Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-text/enscript/ChangeLog,v 1.50 2008/11/07 16:43:25 tgurr Exp $ + +*enscript-1.6.4-r4 (07 Nov 2008) + + 07 Nov 2008; Timo Gurr + +files/enscript-1.6.4-CVE-2008-3863-CVE-2008-4306.patch, + +files/enscript-1.6.4-config.patch, +enscript-1.6.4-r4.ebuild: + Revision bump fixing security issues, see bug #243228. Also fixes bug + #202348 and includes some more QA fixes. 04 Mar 2008; Jeroen Roovers enscript-1.6.4-r2.ebuild, enscript-1.6.4-r3.ebuild: diff --git a/app-text/enscript/enscript-1.6.4-r4.ebuild b/app-text/enscript/enscript-1.6.4-r4.ebuild new file mode 100644 index 000000000000..bf9bf6ce1102 --- /dev/null +++ b/app-text/enscript/enscript-1.6.4-r4.ebuild @@ -0,0 +1,55 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-text/enscript/enscript-1.6.4-r4.ebuild,v 1.1 2008/11/07 16:43:25 tgurr Exp $ + +inherit eutils + +DESCRIPTION="powerful text-to-postscript converter" +SRC_URI="http://www.iki.fi/mtr/genscript/${P}.tar.gz" +HOMEPAGE="http://www.gnu.org/software/enscript/enscript.html" + +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" +SLOT="0" +LICENSE="GPL-2" +IUSE="nls ruby" + +DEPEND="sys-devel/flex + sys-devel/bison + nls? ( sys-devel/gettext )" +RDEPEND="nls? ( virtual/libintl )" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/enscript-1.6.3-security.patch + epatch "${FILESDIR}"/enscript-1.6.3-language.patch + epatch "${FILESDIR}"/enscript-catmur.patch + epatch "${FILESDIR}"/enscript-1.6.4-ebuild.st.patch + epatch "${FILESDIR}"/enscript-1.6.4-config.patch + epatch "${FILESDIR}"/enscript-1.6.4-CVE-2008-3863-CVE-2008-4306.patch + use ruby && epatch "${FILESDIR}"/enscript-1.6.2-ruby.patch +} + +src_compile() { + unset CC + econf $(use_enable nls) + emake || die "emake failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "install failed" + + dodoc AUTHORS ChangeLog NEWS README* THANKS TODO || die "dodoc failed" + + insinto /usr/share/enscript/hl + doins "${FILESDIR}"/ebuild.st || die "doins ebuild.st failed" + + if use ruby ; then + insinto /usr/share/enscript/hl + doins "${FILESDIR}"/ruby.st || die "doins ruby.st failed" + fi +} + +pkg_postinst() { + elog "Now, customize /etc/enscript.cfg." +} diff --git a/app-text/enscript/files/enscript-1.6.4-CVE-2008-3863-CVE-2008-4306.patch b/app-text/enscript/files/enscript-1.6.4-CVE-2008-3863-CVE-2008-4306.patch new file mode 100644 index 000000000000..2ee926b107af --- /dev/null +++ b/app-text/enscript/files/enscript-1.6.4-CVE-2008-3863-CVE-2008-4306.patch @@ -0,0 +1,91 @@ +--- src/psgen.c ++++ src/psgen.c 2008-10-29 10:43:08.512598143 +0100 +@@ -24,6 +24,7 @@ + * Boston, MA 02111-1307, USA. + */ + ++#include + #include "gsint.h" + + /* +@@ -124,7 +125,7 @@ struct gs_token_st + double xscale; + double yscale; + int llx, lly, urx, ury; /* Bounding box. */ +- char filename[512]; ++ char filename[PATH_MAX]; + char *skipbuf; + unsigned int skipbuf_len; + unsigned int skipbuf_pos; +@@ -135,11 +136,11 @@ struct gs_token_st + Color bgcolor; + struct + { +- char name[512]; ++ char name[PATH_MAX]; + FontPoint size; + InputEncoding encoding; + } font; +- char filename[512]; ++ char filename[PATH_MAX]; + } u; + }; + +@@ -248,7 +249,7 @@ static int do_print = 1; + static int user_fontp = 0; + + /* The user ^@font{}-defined font. */ +-static char user_font_name[256]; ++static char user_font_name[PATH_MAX]; + static FontPoint user_font_pt; + static InputEncoding user_font_encoding; + +@@ -978,7 +979,8 @@ large for page\n"), + FATAL ((stderr, + _("user font encoding can be only the system's default or `ps'"))); + +- strcpy (user_font_name, token.u.font.name); ++ memset (user_font_name, 0, sizeof(user_font_name)); ++ strncpy (user_font_name, token.u.font.name, sizeof(user_font_name) - 1); + user_font_pt.w = token.u.font.size.w; + user_font_pt.h = token.u.font.size.h; + user_font_encoding = token.u.font.encoding; +@@ -1444,7 +1446,7 @@ read_special_escape (InputStream *is, To + buf[i] = ch; + if (i + 1 >= sizeof (buf)) + FATAL ((stderr, _("too long argument for %s escape:\n%.*s"), +- escapes[i].name, i, buf)); ++ escapes[e].name, i, buf)); + } + buf[i] = '\0'; + +@@ -1452,7 +1454,8 @@ read_special_escape (InputStream *is, To + switch (escapes[e].escape) + { + case ESC_FONT: +- strcpy (token->u.font.name, buf); ++ memset (token->u.font.name, 0, sizeof(token->u.font.name)); ++ strncpy (token->u.font.name, buf, sizeof(token->u.font.name) - 1); + + /* Check for the default font. */ + if (strcmp (token->u.font.name, "default") == 0) +@@ -1465,7 +1468,8 @@ read_special_escape (InputStream *is, To + FATAL ((stderr, _("malformed font spec for ^@font escape: %s"), + token->u.font.name)); + +- strcpy (token->u.font.name, cp); ++ memset (token->u.font.name, 0, sizeof(token->u.font.name)); ++ strncpy (token->u.font.name, cp, sizeof(token->u.font.name) - 1); + xfree (cp); + } + token->type = tFONT; +@@ -1544,7 +1548,8 @@ read_special_escape (InputStream *is, To + break; + + case ESC_SETFILENAME: +- strcpy (token->u.filename, buf); ++ memset (token->u.filename, 0, sizeof(token->u.font.name)); ++ strncpy (token->u.filename, buf, sizeof(token->u.filename) - 1); + token->type = tSETFILENAME; + break; + diff --git a/app-text/enscript/files/enscript-1.6.4-config.patch b/app-text/enscript/files/enscript-1.6.4-config.patch new file mode 100644 index 000000000000..5823a9db5e96 --- /dev/null +++ b/app-text/enscript/files/enscript-1.6.4-config.patch @@ -0,0 +1,95 @@ +--- enscript-1.6.4/afm/Makefile.am.config 2003-03-05 07:26:16.000000000 +0000 ++++ enscript-1.6.4/afm/Makefile.am 2005-12-23 09:56:52.000000000 +0000 +@@ -36,11 +36,11 @@ + EXTRA_DIST = font.map $(default_afm) $(public_fonts) + + install-data-local: +- $(top_srcdir)/mkinstalldirs $(datadir)/enscript +- $(top_srcdir)/mkinstalldirs $(datadir)/enscript/afm ++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript ++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript/afm + for f in $(EXTRA_DIST); do \ +- $(INSTALL_DATA) $(srcdir)/$$f $(datadir)/enscript/afm/$$f; \ ++ $(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)/$(datadir)/enscript/afm/$$f; \ + done + + uninstall-local: +- rm -rf $(datadir)/enscript/afm ++ rm -rf $(DESTDIR)/$(datadir)/enscript/afm +--- enscript-1.6.4/afm/Makefile.in.config 2003-03-05 07:40:06.000000000 +0000 ++++ enscript-1.6.4/afm/Makefile.in 2005-12-23 09:56:52.000000000 +0000 +@@ -319,14 +319,14 @@ + + + install-data-local: +- $(top_srcdir)/mkinstalldirs $(datadir)/enscript +- $(top_srcdir)/mkinstalldirs $(datadir)/enscript/afm ++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript ++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript/afm + for f in $(EXTRA_DIST); do \ +- $(INSTALL_DATA) $(srcdir)/$$f $(datadir)/enscript/afm/$$f; \ ++ $(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)/$(datadir)/enscript/afm/$$f; \ + done + + uninstall-local: +- rm -rf $(datadir)/enscript/afm ++ rm -rf $(DESTDIR)/$(datadir)/enscript/afm + # Tell versions [3.59,3.63) of GNU make to not export all variables. + # Otherwise a system limit (for SysV at least) may be exceeded. + .NOEXPORT: +--- enscript-1.6.4/lib/Makefile.in.config 2003-03-05 07:40:07.000000000 +0000 ++++ enscript-1.6.4/lib/Makefile.in 2005-12-23 09:56:52.000000000 +0000 +@@ -345,15 +345,16 @@ + all-local: enscript.cfg + + install-data-local: enscript.cfg +- $(top_srcdir)/mkinstalldirs $(sysconfdir) +- if test -r $(sysconfdir)/enscript.cfg; then \ +- cp $(sysconfdir)/enscript.cfg $(sysconfdir)/enscript.cfg.old; \ ++ $(top_srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir) ++ if test -r $(DESTDIR)$(sysconfdir)/enscript.cfg; then \ ++ cp $(DESTDIR)$(sysconfdir)/enscript.cfg \ ++ $(DESTDIR)$(sysconfdir)/enscript.cfg.old; \ + else :; \ + fi +- $(INSTALL_DATA) enscript.cfg $(sysconfdir)/enscript.cfg ++ $(INSTALL_DATA) enscript.cfg $(DESTDIR)$(sysconfdir)/enscript.cfg + + uninstall-local: +- rm -f $(sysconfdir)/enscript.cfg ++ rm -f $(DESTDIR)$(sysconfdir)/enscript.cfg + + enscript.cfg: $(srcdir)/enscript.cfg.in Makefile + sed 's%@DATADIR@%$(datadir)%g; s%@media@%@MEDIA@%g; s%@BINDIR@%$(bindir)%g; s%@spooler@%@SPOOLER@%g; s%@pslevel@%@PSLEVEL@%g' \ +--- enscript-1.6.4/states/hl/Makefile.am.config 2005-12-23 09:59:55.000000000 +0000 ++++ enscript-1.6.4/states/hl/Makefile.am 2005-12-23 10:00:09.000000000 +0000 +@@ -45,10 +45,10 @@ + EXTRA_DIST = $(states) + + install-data-local: +- $(top_srcdir)/mkinstalldirs $(datadir)/enscript +- $(top_srcdir)/mkinstalldirs $(datadir)/enscript/hl ++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript ++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript/hl + for f in $(states); do \ +- $(INSTALL_DATA) $(srcdir)/$$f $(datadir)/enscript/hl/$$f; \ ++ $(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)/$(datadir)/enscript/hl/$$f; \ + done + + uninstall-local: +--- enscript-1.6.4/states/hl/Makefile.in.config 2005-12-23 10:00:13.000000000 +0000 ++++ enscript-1.6.4/states/hl/Makefile.in 2005-12-23 10:00:34.000000000 +0000 +@@ -330,10 +330,10 @@ + + + install-data-local: +- $(top_srcdir)/mkinstalldirs $(datadir)/enscript +- $(top_srcdir)/mkinstalldirs $(datadir)/enscript/hl ++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript ++ $(top_srcdir)/mkinstalldirs $(DESTDIR)/$(datadir)/enscript/hl + for f in $(states); do \ +- $(INSTALL_DATA) $(srcdir)/$$f $(datadir)/enscript/hl/$$f; \ ++ $(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)/$(datadir)/enscript/hl/$$f; \ + done + + uninstall-local: -- cgit v1.2.3-65-gdbad