Commit af12c405 authored by Allan McRae's avatar Allan McRae
Browse files

fix FTBFS, grab a couple of CVE fixes from git

parent 4868433f
From 5ea5ff8bc0094ca1eda0dd0e011d860e994c0a88 Mon Sep 17 00:00:00 2001
From: David Seifert <soap@gentoo.org>
Date: Sun, 17 Sep 2017 23:26:32 +0200
Subject: Add fix for CVE-2014-0466
---
contrib/fixps.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/contrib/fixps.in b/contrib/fixps.in
index 45eeafc..bd6244e 100644
--- a/contrib/fixps.in
+++ b/contrib/fixps.in
@@ -393,7 +393,7 @@ if test $task != check; then
eval "$command" ;;
gs)
$verbose "$program: making a full rewrite of the file ($gs)." >&2
- $gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
+ $gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
esac
)
fi
--
cgit v1.2.1
From 90b876cb480ca9e092490c825663f23909c6173c Mon Sep 17 00:00:00 2001
From: David Seifert <soap@gentoo.org>
Date: Sun, 17 Sep 2017 23:31:56 +0200
Subject: Add fix for CVE-2015-8107
---
lib/output.c | 2 +-
lib/parseppd.y | 2 +-
lib/psgen.c | 2 +-
src/parsessh.y | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/lib/output.c b/lib/output.c
index b0011e1..449df0c 100644
--- a/lib/output.c
+++ b/lib/output.c
@@ -518,7 +518,7 @@ output_file (struct output * out, a2ps_job * job,
expand_user_string (job, FIRST_FILE (job),
(const uchar *) "Expand: requirement",
(const uchar *) token));
- output (dest, expansion);
+ output (dest, "%s", expansion);
continue;
}
diff --git a/lib/parseppd.y b/lib/parseppd.y
index cb393e2..6e50ecb 100644
--- a/lib/parseppd.y
+++ b/lib/parseppd.y
@@ -156,7 +156,7 @@ font_clause :
void
yyerror (const char *msg)
{
- error_at_line (1, 0, ppdfilename, ppdlineno, msg);
+ error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
}
/*
diff --git a/lib/psgen.c b/lib/psgen.c
index 8738512..1cc3513 100644
--- a/lib/psgen.c
+++ b/lib/psgen.c
@@ -221,7 +221,7 @@ output_marker (a2ps_job * job, const char * kind, unsigned char * marker)
default:
*buf = '\0';
ps_escape_char (job, cp[i], buf);
- output (jdiv, (char *) buf);
+ output (jdiv, "%s", (char *) buf);
break;
}
}
diff --git a/src/parsessh.y b/src/parsessh.y
index 78d2039..b301d87 100644
--- a/src/parsessh.y
+++ b/src/parsessh.y
@@ -742,7 +742,7 @@ exception_def_opt:
void
yyerror (const char *msg)
{
- error_at_line (1, 0, sshfilename, sshlineno, msg);
+ error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
}
/*
--
cgit v1.2.1
......@@ -2,7 +2,7 @@
pkgname=a2ps
pkgver=4.14
pkgrel=8
pkgrel=9
pkgdesc="An Any to PostScript filter"
arch=('x86_64')
url="https://www.gnu.org/software/a2ps/"
......@@ -14,7 +14,10 @@ source=(https://ftp.gnu.org/gnu/a2ps/${pkgname}-${pkgver}.tar.gz{,.sig}
a2ps-4.13c-fnmatch-replacement.patch a2ps-4.13c-emacs.patch
a2ps-4.13-manpage-chmod.patch a2ps-4.14-check-mempcpy.patch
a2ps-4.14-fix-stpcpy-proto.patch a2ps-texinfo5.patch
a2ps-4.13-security.patch)
a2ps-4.13-security.patch
CVE-2014-0466.patch
CVE-2015-8107.patch
a2ps-texinfo67.patch)
sha1sums=('365abbbe4b7128bf70dad16d06e23c5701874852'
'SKIP'
'8783952d3410d8d59ed953e1db45e2ef1a0b8f65'
......@@ -23,7 +26,10 @@ sha1sums=('365abbbe4b7128bf70dad16d06e23c5701874852'
'6aed29c1399e79f3914b408059610f9e7c0fc38e'
'58fa90134f1027e3f05aeb08212cbcc10f420738'
'81269db9dd29685b0ece2539070ced3f7a8472df'
'93a4db17edfaa99e3498c7d952c560dab49dbe42')
'93a4db17edfaa99e3498c7d952c560dab49dbe42'
'0a04f4c145d3aef8f3c7537eb00cb4040c7209c9'
'08c51a9361eaefe76af61b70392fa5ac1c4356c7'
'f54b6b319a5c134e0ee9be8dc9c8f80a65dc98d6')
validpgpkeys=('6EB39358D8328FE3CDC903A8CB6FA340E7075A54')
prepare() {
......@@ -39,6 +45,9 @@ prepare() {
patch -p0 -i "${srcdir}/a2ps-4.14-fix-stpcpy-proto.patch"
patch -p1 -i "${srcdir}/a2ps-texinfo5.patch"
patch -p1 -i "${srcdir}/a2ps-4.13-security.patch"
patch -p1 -i "${srcdir}/CVE-2014-0466.patch"
patch -p1 -i "${srcdir}/CVE-2015-8107.patch"
patch -p1 -i "${srcdir}/a2ps-texinfo67.patch"
}
build() {
......
The patchs fixes build failure against texinfo-6.7+:
```
Malformed UTF-8 character: \xcb\xeb (unexpected non-continuation byte 0xeb, immediately after start byte 0xcb;
need 2 bytes, got 1) in pattern match (m//) at /usr/share/texinfo/Texinfo/ParserNonXS.pm line 3364.
Malformed UTF-8 character (fatal) at /usr/share/texinfo/Texinfo/ParserNonXS.pm line 3364.
make[2]: *** [Makefile:472: a2ps.info] Error 25
```
Fixed-by: Neil Bothwick
--- a/doc/a2ps.texi 2019-11-24 18:51:07.000000000 +0000
+++ a/doc/a2ps.texi 2019-11-24 18:56:30.390438433 +0000
@@ -1,5 +1,6 @@
\input texinfo @c -*- texinfo -*-
@c %**start of header
+@documentencoding ISO-8859-1
@setfilename a2ps.info
@settitle General Purpose PostScript Generating Utility
@c @setchapternewpage odd
--- a/doc/regex.texi 2002-03-04 18:46:24.000000000 +0000
+++ a/doc/regex.texi 2019-11-24 18:56:42.861052598 +0000
@@ -1,5 +1,6 @@
\input texinfo
@c %**start of header
+@documentencoding ISO-8859-1
@setfilename regex.info
@settitle Regex
@c %**end of header
--- a/ogonkify/doc/ogonkify.texi 2007-12-29 02:09:38.000000000 +0000
+++ a/ogonkify/doc/ogonkify.texi 2019-11-24 18:57:03.173424149 +0000
@@ -1,5 +1,6 @@
\input texinfo @c -*-texinfo-*-
@c %**start of header
+@documentencoding ISO-8859-1
@setfilename ogonkify.info
@settitle Ogonkify
@setchapternewpage off
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment