Accepting request 73070 from M17N

- fix bnc#698290: insecure temporary file handling in pdfroff * groff-1.20.1-CVE-2009-5044.patch - fix bnc#683857: Unicode characters in use properly * change the soft hyphenation char to - in tty.tmac - fix #bnc#668254: xditview don't show tilde * gxditview Supplements the groff and X11 libs OBS-URL: https://build.opensuse.org/request/show/73070 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/groff?expand=0&rev=31
2011-06-09 10:25:06 +00:00 · 2011-06-09 10:25:06 +00:00 · b155ba6016
commit b155ba6016
parent cb3fd8279d faba5b43da
6 changed files with 82 additions and 16 deletions
--- a/groff-1.20.1-CVE-2009-5044.patch
+++ b/groff-1.20.1-CVE-2009-5044.patch
@ -0,0 +1,55 @@
+Index: groff-1.20.1/contrib/pdfmark/pdfroff.sh
+===================================================================
+--- groff-1.20.1.orig/contrib/pdfmark/pdfroff.sh	2011-06-09 10:41:29.000000000 +0200
+++ groff-1.20.1/contrib/pdfmark/pdfroff.sh	2011-06-09 10:54:58.208448083 +0200
+@@ -145,14 +145,16 @@
+ 
+   GROFF_TMPDIR=${WRKDIR}
+ 
+-  WRKFILE=${GROFF_TMPDIR}/pdf$$.tmp
+  WRKFILE=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.tmp`
+ #
+-  REFCOPY=${GROFF_TMPDIR}/pdf$$.cmp
+-  REFFILE=${GROFF_TMPDIR}/pdf$$.ref
+  REFCOPY=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.cmp`
+  REFFILE=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.ref`
+ #
+   CS_DATA=""
+-  TC_DATA=${GROFF_TMPDIR}/pdf$$.tc
+-  BD_DATA=${GROFF_TMPDIR}/pdf$$.ps
+  TC_DATA=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.tc`
+  BD_DATA=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.ps`
+
+  STREAMFILE=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.in`
+ #
+ # Initialise 'groff' format control settings,
+ # to discriminate table of contents and document body formatting passes.
+@@ -305,7 +307,7 @@
+                ;;
+ 
+              --stylesheet)
+-               STYLESHEET="$OPTARG" CS_DATA=${GROFF_TMPDIR}/pdf$$.cs
+               STYLESHEET="$OPTARG" CS_DATA=`mktemp --tmpdir="${GROFF_TMPDIR}" pdfXXXXXXXXXX.cs`
+                ;;
+ 
+ 	     --no-toc-relocation)
+@@ -338,7 +340,7 @@
+ #     so set up a mechanism to achieve this, for ALL 'groff' passes.
+ #
+       - | -i*)
+-	   STREAM="$CAT ${GROFF_TMPDIR}/pdf$$.in |"
+	   STREAM="$CAT ${STREAMFILE} |"
+ 	   test "$1" = "-" && INPUT_FILES="$INPUT_FILES $1" \
+ 	     || GROFF_STYLE="$GROFF_STYLE $1" 
+ 	   ;;
+@@ -410,8 +412,8 @@
+ # or if no input files are specified, then we need to capture STDIN,
+ # so we can replay it into each 'groff' processing pass.
+ #
+-  test -z "$INPUT_FILES" && STREAM="$CAT ${GROFF_TMPDIR}/pdf$$.in |"
+-  test -n "$STREAM" && $CAT > ${GROFF_TMPDIR}/pdf$$.in
+  test -z "$INPUT_FILES" && STREAM="$CAT ${STREAMFILE} |"
+  test -n "$STREAM" && $CAT > ${STREAMFILE}
+ #
+ # Unless reference resolution is explicitly suppressed,
+ # we initiate it by touching the cross reference dictionary file,
--- a/groff-1.20.1-deunicode.patch
+++ b/groff-1.20.1-deunicode.patch
@ -1,24 +1,17 @@
 Index: groff-1.20.1/tmac/tty.tmac
 ===================================================================
 --- groff-1.20.1.orig/tmac/tty.tmac	2009-01-09 15:25:52.000000000 +0100
-+++ groff-1.20.1/tmac/tty.tmac	2011-06-06 12:03:56.471652140 +0200
-@@ -66,7 +66,7 @@
+++ groff-1.20.1/tmac/tty.tmac	2011-06-08 11:06:28.611516653 +0200
+@@ -65,8 +65,11 @@
+ .fchar \[.i] i
 .fchar \[bq] ,
 .
- .if '\*[.T]'utf8' \
-.  mso unicode.tmac
-+.  mso deunicode.tmac
+-.if '\*[.T]'utf8' \
+.if '\*[.T]'utf8' \{\
+ .  mso unicode.tmac
+.\" use ascii hyphenation characters - bnc#68385
+.  shc -
+.\}
 .
 .\" color definitions
 .defcolor black rgb #000000
-Index: groff-1.20.1/tmac/deunicode.tmac
-===================================================================
--- /dev/null	1970-01-01 00:00:00.000000000 +0000
-+++ groff-1.20.1/tmac/deunicode.tmac	2011-06-06 12:05:47.272652051 +0200
-@@ -0,0 +1,6 @@
-+.\" deunicode.tmac
-+.\"
-+.char \[hy] -
-+.char \[oq] `
-+.char \[cq] '
-+.\" EOF
--- a/groff.changes
+++ b/groff.changes
@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Wed Jun  8 09:06:44 UTC 2011 - mvyskocil@suse.cz
+
+- fix bnc#698290: insecure temporary file handling in pdfroff
+  * groff-1.20.1-CVE-2009-5044.patch
+- fix bnc#683857: Unicode characters in use properly
+  * change the soft hyphenation char to - in tty.tmac
+
 -------------------------------------------------------------------
 Mon Jun  6 10:10:08 UTC 2011 - mvyskocil@suse.cz

--- a/groff.spec
+++ b/groff.spec
@ -38,6 +38,7 @@ Patch1:         groff-1.20.1-destbufferoverflow.patch
 Patch2:         groff-1.20.1-nroff-empty-LANGUAGE.patch
 Patch3:         groff-1.20.1-groffer-libexecdir.patch
 Patch4:         groff-1.20.1-deunicode.patch
+Patch5:         groff-1.20.1-CVE-2009-5044.patch

 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  gcc-c++
@ -86,6 +87,7 @@ programs store their man pages in either /usr/share/man/ or
 %patch2 -p1 -b .bnc540600
 %patch3 -p1 -b .groffer-libexecdir
 %patch4 -p1 -b .deunicode
+%patch5 -p1 -b .CVE-2009-5044

 %build
 PATH=$PWD/src/roff/troff:$PWD/src/preproc/pic:$PWD/src/preproc/eqn:$PWD/src/preproc/tbl:$PWDsrc/preproc/refer:$PWD/src/preproc/soelim:$PATH
--- a/gxditview.changes
+++ b/gxditview.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed Jun  8 09:52:07 UTC 2011 - mvyskocil@suse.cz
+
+- fix #bnc#668254: xditview don't show tilde
+  * gxditview Supplements the groff and X11 libs
+
 -------------------------------------------------------------------
 Thu Apr 28 12:04:23 UTC 2011 - mvyskocil@suse.cz

--- a/gxditview.spec
+++ b/gxditview.spec
@ -36,6 +36,8 @@ BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  gcc-c++
 BuildRequires:  xorg-x11-devel
 Requires:       groff
+# bnc#668254
+Supplements:    packageand(groff:xorg-x11-libX11)
 Conflicts:      jgxdview
 Provides:       gxdview = %{version}-%{release}
 Obsoletes:      gxdview < %{version}