From 80e028fd80fe1e54ec3eb0834cc54f3913153d30232aacd31b5e2c523d79a649 Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Mon, 6 Jun 2011 14:44:59 +0000 Subject: [PATCH 1/4] Updating link to change in openSUSE:Factory/groff revision 30.0 OBS-URL: https://build.opensuse.org/package/show/M17N/groff?expand=0&rev=5a05d1386e3475f2c6a53ec15645fbe1 --- groff.spec | 2 +- gxditview.spec | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/groff.spec b/groff.spec index 911f950..d7096c8 100644 --- a/groff.spec +++ b/groff.spec @@ -22,7 +22,7 @@ Name: groff License: BSD3c(or similar) ; GPLv2+ Group: Productivity/Publishing/Troff Version: 1.20.1 -Release: 5 +Release: 6 Summary: GNU troff Document Formatting System Url: http://www.gnu.org/software/groff/groff.html Source0: ftp://ftp.gnu.org/gnu/groff/groff-%{version}.tar.bz2 diff --git a/gxditview.spec b/gxditview.spec index 60ed4cc..766d9c4 100644 --- a/gxditview.spec +++ b/gxditview.spec @@ -22,7 +22,7 @@ License: MIT Group: Productivity/Publishing/Troff AutoReqProv: on Version: 1.20.1 -Release: 2 +Release: 3 Summary: Ditroff Output Displayer for Groff Url: http://www.gnu.org/software/groff/groff.html Source0: ftp://ftp.gnu.org/gnu/groff/groff-%{version}.tar.bz2 @@ -78,7 +78,6 @@ export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" CXXFLAGS="$RPM_OPT_FLAGS -fn %install - make DESTDIR=%{?buildroot:%{buildroot}} do=do_install font/devX* #remove unwanted stuff @@ -88,7 +87,7 @@ rm -rf %{buildroot}/%{_mandir} %{__install} -d -m 0755 %{buildroot}%{_bindir} %{__install} -d -m 0755 %{buildroot}%{_datadir}/X11/app-defaults %{__install} -d -m 0755 %{buildroot}%{_mandir}/man1/ - + pushd src/devices/xditview/ %{__install} -m 0755 %{name} %{buildroot}%{_bindir} %{__install} -m 0644 GXditview.ad %{buildroot}%{_datadir}/X11/app-defaults/GXditview From 3a5cd3dbaffd472e0d2fe77b0278ebda0c0d0ae08587763d1e137b2496a745ae Mon Sep 17 00:00:00 2001 From: Michal Vyskocil Date: Wed, 8 Jun 2011 09:28:25 +0000 Subject: [PATCH 2/4] - fix bnc#683857: Unicode characters in use properly * change the soft hyphenation char to - in tty.tmac OBS-URL: https://build.opensuse.org/package/show/M17N/groff?expand=0&rev=15 --- groff-1.20.1-deunicode.patch | 25 +++++++++---------------- groff.changes | 6 ++++++ 2 files changed, 15 insertions(+), 16 deletions(-) diff --git a/groff-1.20.1-deunicode.patch b/groff-1.20.1-deunicode.patch index 76bf582..dc62bc5 100644 --- a/groff-1.20.1-deunicode.patch +++ b/groff-1.20.1-deunicode.patch @@ -1,24 +1,17 @@ Index: groff-1.20.1/tmac/tty.tmac =================================================================== --- groff-1.20.1.orig/tmac/tty.tmac 2009-01-09 15:25:52.000000000 +0100 -+++ groff-1.20.1/tmac/tty.tmac 2011-06-06 12:03:56.471652140 +0200 -@@ -66,7 +66,7 @@ ++++ groff-1.20.1/tmac/tty.tmac 2011-06-08 11:06:28.611516653 +0200 +@@ -65,8 +65,11 @@ + .fchar \[.i] i .fchar \[bq] , . - .if '\*[.T]'utf8' \ --. mso unicode.tmac -+. mso deunicode.tmac +-.if '\*[.T]'utf8' \ ++.if '\*[.T]'utf8' \{\ + . mso unicode.tmac ++.\" use ascii hyphenation characters - bnc#68385 ++. shc - ++.\} . .\" color definitions .defcolor black rgb #000000 -Index: groff-1.20.1/tmac/deunicode.tmac -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ groff-1.20.1/tmac/deunicode.tmac 2011-06-06 12:05:47.272652051 +0200 -@@ -0,0 +1,6 @@ -+.\" deunicode.tmac -+.\" -+.char \[hy] - -+.char \[oq] ` -+.char \[cq] ' -+.\" EOF diff --git a/groff.changes b/groff.changes index db115c0..16fe9c9 100644 --- a/groff.changes +++ b/groff.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Jun 8 09:06:44 UTC 2011 - mvyskocil@suse.cz + +- fix bnc#683857: Unicode characters in use properly + * change the soft hyphenation char to - in tty.tmac + ------------------------------------------------------------------- Mon Jun 6 10:10:08 UTC 2011 - mvyskocil@suse.cz From 9151684b978a9513cbc52c4cfb0a96fc2eb007bc47c1c684373d48646844d789 Mon Sep 17 00:00:00 2001 From: Michal Vyskocil Date: Wed, 8 Jun 2011 09:54:10 +0000 Subject: [PATCH 3/4] - fix #bnc#668254: xditview don't show tilde * gxditview Supplements the groof and X11 libs OBS-URL: https://build.opensuse.org/package/show/M17N/groff?expand=0&rev=16 --- gxditview.changes | 6 ++++++ gxditview.spec | 2 ++ 2 files changed, 8 insertions(+) diff --git a/gxditview.changes b/gxditview.changes index 4b358c9..46585e7 100644 --- a/gxditview.changes +++ b/gxditview.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Jun 8 09:52:07 UTC 2011 - mvyskocil@suse.cz + +- fix #bnc#668254: xditview don't show tilde + * gxditview Supplements the groof and X11 libs + ------------------------------------------------------------------- Thu Apr 28 12:04:23 UTC 2011 - mvyskocil@suse.cz diff --git a/gxditview.spec b/gxditview.spec index 766d9c4..b8bbdce 100644 --- a/gxditview.spec +++ b/gxditview.spec @@ -36,6 +36,8 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: gcc-c++ BuildRequires: xorg-x11-devel Requires: groff +# bnc#668254 +Supplements: packageand(groff:xorg-x11-libX11) Conflicts: jgxdview Provides: gxdview = %{version}-%{release} Obsoletes: gxdview < %{version} From faba5b43dab622d88c3d1eb2b8f354cdbef0556eff87f21a2134fc6401d689f5 Mon Sep 17 00:00:00 2001 From: Michal Vyskocil Date: Thu, 9 Jun 2011 09:45:17 +0000 Subject: [PATCH 4/4] - fix bnc#698290: insecure temporary file handling in pdfroff * groff-1.20.1-CVE-2009-5044.patch * gxditview Supplements the groff and X11 libs OBS-URL: https://build.opensuse.org/package/show/M17N/groff?expand=0&rev=17 --- groff-1.20.1-CVE-2009-5044.patch | 55 ++++++++++++++++++++++++++++++++ groff.changes | 2 ++ groff.spec | 2 ++ gxditview.changes | 2 +- 4 files changed, 60 insertions(+), 1 deletion(-) create mode 100644 groff-1.20.1-CVE-2009-5044.patch diff --git a/groff-1.20.1-CVE-2009-5044.patch b/groff-1.20.1-CVE-2009-5044.patch new file mode 100644 index 0000000..46886fa --- /dev/null +++ b/groff-1.20.1-CVE-2009-5044.patch @@ -0,0 +1,55 @@ +Index: groff-1.20.1/contrib/pdfmark/pdfroff.sh +=================================================================== +--- groff-1.20.1.orig/contrib/pdfmark/pdfroff.sh 2011-06-09 10:41:29.000000000 +0200 ++++ groff-1.20.1/contrib/pdfmark/pdfroff.sh 2011-06-09 10:54:58.208448083 +0200 +@@ -145,14 +145,16 @@ + + GROFF_TMPDIR=${WRKDIR} + +- WRKFILE=${GROFF_TMPDIR}/pdf$$.tmp ++ WRKFILE=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.tmp` + # +- REFCOPY=${GROFF_TMPDIR}/pdf$$.cmp +- REFFILE=${GROFF_TMPDIR}/pdf$$.ref ++ REFCOPY=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.cmp` ++ REFFILE=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.ref` + # + CS_DATA="" +- TC_DATA=${GROFF_TMPDIR}/pdf$$.tc +- BD_DATA=${GROFF_TMPDIR}/pdf$$.ps ++ TC_DATA=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.tc` ++ BD_DATA=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.ps` ++ ++ STREAMFILE=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.in` + # + # Initialise 'groff' format control settings, + # to discriminate table of contents and document body formatting passes. +@@ -305,7 +307,7 @@ + ;; + + --stylesheet) +- STYLESHEET="$OPTARG" CS_DATA=${GROFF_TMPDIR}/pdf$$.cs ++ STYLESHEET="$OPTARG" CS_DATA=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.cs` + ;; + + --no-toc-relocation) +@@ -338,7 +340,7 @@ + # so set up a mechanism to achieve this, for ALL 'groff' passes. + # + - | -i*) +- STREAM="$CAT ${GROFF_TMPDIR}/pdf$$.in |" ++ STREAM="$CAT ${STREAMFILE} |" + test "$1" = "-" && INPUT_FILES="$INPUT_FILES $1" \ + || GROFF_STYLE="$GROFF_STYLE $1" + ;; +@@ -410,8 +412,8 @@ + # or if no input files are specified, then we need to capture STDIN, + # so we can replay it into each 'groff' processing pass. + # +- test -z "$INPUT_FILES" && STREAM="$CAT ${GROFF_TMPDIR}/pdf$$.in |" +- test -n "$STREAM" && $CAT > ${GROFF_TMPDIR}/pdf$$.in ++ test -z "$INPUT_FILES" && STREAM="$CAT ${STREAMFILE} |" ++ test -n "$STREAM" && $CAT > ${STREAMFILE} + # + # Unless reference resolution is explicitly suppressed, + # we initiate it by touching the cross reference dictionary file, diff --git a/groff.changes b/groff.changes index 16fe9c9..d6d8451 100644 --- a/groff.changes +++ b/groff.changes @@ -1,6 +1,8 @@ ------------------------------------------------------------------- Wed Jun 8 09:06:44 UTC 2011 - mvyskocil@suse.cz +- fix bnc#698290: insecure temporary file handling in pdfroff + * groff-1.20.1-CVE-2009-5044.patch - fix bnc#683857: Unicode characters in use properly * change the soft hyphenation char to - in tty.tmac diff --git a/groff.spec b/groff.spec index d7096c8..0d8445b 100644 --- a/groff.spec +++ b/groff.spec @@ -38,6 +38,7 @@ Patch1: groff-1.20.1-destbufferoverflow.patch Patch2: groff-1.20.1-nroff-empty-LANGUAGE.patch Patch3: groff-1.20.1-groffer-libexecdir.patch Patch4: groff-1.20.1-deunicode.patch +Patch5: groff-1.20.1-CVE-2009-5044.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: gcc-c++ @@ -86,6 +87,7 @@ programs store their man pages in either /usr/share/man/ or %patch2 -p1 -b .bnc540600 %patch3 -p1 -b .groffer-libexecdir %patch4 -p1 -b .deunicode +%patch5 -p1 -b .CVE-2009-5044 %build PATH=$PWD/src/roff/troff:$PWD/src/preproc/pic:$PWD/src/preproc/eqn:$PWD/src/preproc/tbl:$PWDsrc/preproc/refer:$PWD/src/preproc/soelim:$PATH diff --git a/gxditview.changes b/gxditview.changes index 46585e7..b12c1c9 100644 --- a/gxditview.changes +++ b/gxditview.changes @@ -2,7 +2,7 @@ Wed Jun 8 09:52:07 UTC 2011 - mvyskocil@suse.cz - fix #bnc#668254: xditview don't show tilde - * gxditview Supplements the groof and X11 libs + * gxditview Supplements the groff and X11 libs ------------------------------------------------------------------- Thu Apr 28 12:04:23 UTC 2011 - mvyskocil@suse.cz