diff --git a/groff-1.18.1.1-debian-538330.patch b/groff-1.18.1.1-debian-538330.patch deleted file mode 100644 index 23a08eb..0000000 --- a/groff-1.18.1.1-debian-538330.patch +++ /dev/null @@ -1,125 +0,0 @@ -Index: groff-1.18.1.1/contrib/eqn2graph/eqn2graph.sh -=================================================================== ---- groff-1.18.1.1.orig/contrib/eqn2graph/eqn2graph.sh 2009-10-12 13:47:56.000000000 +0200 -+++ groff-1.18.1.1/contrib/eqn2graph/eqn2graph.sh 2009-10-12 15:35:07.489407486 +0200 -@@ -58,17 +58,36 @@ - shift - done - -+# create temporary directory -+tmp= -+for d in "$GROFF_TMPDIR" "$TMPDIR" "$TMP" "$TEMP" /tmp; do -+ test -z "$d" && continue -+ -+ tmp=`(umask 077 && mktemp -d -q "$d/eqn2graph-XXXXXX") 2> /dev/null` \ -+ && test -n "$tmp" && test -d "$tmp" \ -+ && break -+ -+ tmp=$d/eqn2graph$$-$RANDOM -+ (umask 077 && mkdir $tmp) 2> /dev/null && break -+ -+ tmp= -+done; -+if test -z "$tmp"; then -+ echo "$0: cannot create temporary directory" >&2 -+ { (exit 1); exit 1; } -+fi -+ -+trap 'exit_status=$?; rm -rf $tmp && exit $exit_status' 0 2 15 -+ - # Here goes: - # 1. Add .EQ/.EN. - # 2. Process through eqn(1) to emit troff markup. - # 3. Process through groff(1) to emit Postscript. - # 4. Use convert(1) to crop the Postscript and turn it into a bitmap. --tmp=/tmp/eqn2graph-$$ --trap "rm ${tmp}.*" 0 2 15 - read equation - (echo ".EQ"; echo 'delim $$'; echo ".EN"; echo '$'"${equation}"'$') | \ -- groff -e $groff_opts -Tps >${tmp}.ps \ -- && convert -crop 0x0 $convert_opts ${tmp}.ps ${tmp}.${format} \ -- && cat ${tmp}.${format} -+ groff -e $groff_opts -Tps >${tmp}/eng2graph.ps \ -+ && convert -crop 0x0 $convert_opts ${tmp}/eng2graph.ps ${tmp}/eng2graph.${format} \ -+ && cat ${tmp}/eng2graph.${format} - - # End -Index: groff-1.18.1.1/contrib/groffer/groffer.sh -=================================================================== ---- groff-1.18.1.1.orig/contrib/groffer/groffer.sh 2009-10-12 13:47:57.000000000 +0200 -+++ groff-1.18.1.1/contrib/groffer/groffer.sh 2009-10-12 16:11:39.887806243 +0200 -@@ -2910,11 +2910,7 @@ - tmp_create() - { - func_check tmp_create '<=' 1 "$@"; -- local _tmp; -- # the output file does not have `,' as first character -- _tmp="${_TMP_DIR}/,$1"; -- echo -n >"${_tmp}"; -- echo -n "${_tmp}"; # output file name -+ mktemp "${_TMP_DIR}/,$1.XXXXXX" - eval "${return_ok}"; - } - -Index: groff-1.18.1.1/contrib/pic2graph/pic2graph.sh -=================================================================== ---- groff-1.18.1.1.orig/contrib/pic2graph/pic2graph.sh 2009-10-12 13:47:56.000000000 +0200 -+++ groff-1.18.1.1/contrib/pic2graph/pic2graph.sh 2009-10-12 16:24:13.815806026 +0200 -@@ -68,16 +68,35 @@ - eqndelim="delim $eqndelim" - fi - -+# create temporary directory -+tmp= -+for d in "$GROFF_TMPDIR" "$TMPDIR" "$TMP" "$TEMP" /tmp; do -+ test -z "$d" && continue -+ -+ tmp=`(umask 077 && mktemp -d -q "$d/pic2graph-XXXXXX") 2> /dev/null` \ -+ && test -n "$tmp" && test -d "$tmp" \ -+ && break -+ -+ tmp=$d/pic2graph$$-$RANDOM -+ (umask 077 && mkdir $tmp) 2> /dev/null && break -+ -+ tmp= -+done; -+if test -z "$tmp"; then -+ echo "$0: cannot create temporary directory" >&2 -+ { (exit 1); exit 1; } -+fi -+ -+trap 'exit_status=$?; rm -rf $tmp && exit $exit_status' 0 2 15 -+ - # Here goes: - # 1. Wrap the input in dummy .PS/PE macros (and add possibly null .EQ/.EN) - # 2. Process through eqn and pic to emit troff markup. - # 3. Process through groff to emit Postscript. - # 4. Use convert(1) to crop the PostScript and turn it into a bitmap. --tmp=/tmp/pic2graph-$$ --trap "rm ${tmp}.*" 0 2 15 - (echo ".EQ"; echo $eqndelim; echo ".EN"; echo ".PS"; cat; echo ".PE") | \ -- groff -e -p $groffpic_opts -Tps >${tmp}.ps \ -- && convert -crop 0x0 $convert_opts ${tmp}.ps ${tmp}.${format} \ -- && cat ${tmp}.${format} -+ groff -e -p $groffpic_opts -Tps >${tmp}/pic2graph.ps \ -+ && convert -crop 0x0 $convert_opts ${tmp}/pic2graph.ps ${tmp}/pic2graph.${format} \ -+ && cat ${tmp}/pic2graph.${format} - - # End -Index: groff-1.18.1.1/doc/groff.texinfo -=================================================================== ---- groff-1.18.1.1.orig/doc/groff.texinfo 2002-10-02 18:45:19.000000000 +0200 -+++ groff-1.18.1.1/doc/groff.texinfo 2009-10-12 16:29:27.300306251 +0200 -@@ -11605,9 +11605,9 @@ - @pindex perl - @Example - .sy perl -e 'printf ".nr H %d\\n.nr M %d\\n.nr S %d\\n",\ -- (localtime(time))[2,1,0]' > /tmp/x\n[$$] --.so /tmp/x\n[$$] --.sy rm /tmp/x\n[$$] -+ (localtime(time))[2,1,0]' > timefile\n[$$] -+.so timefile\n[$$] -+.sy rm timefile\n[$$] - \nH:\nM:\nS - @endExample - diff --git a/groff.changes b/groff.changes index 977b48e..17ae3e3 100644 --- a/groff.changes +++ b/groff.changes @@ -1,8 +1,3 @@ -------------------------------------------------------------------- -Wed Oct 14 13:48:20 UTC 2009 - mvyskocil@suse.cz - -- fixed bnc#529557 - groff: insecure file handling - ------------------------------------------------------------------- Mon Sep 21 11:11:05 CEST 2009 - tiwai@suse.de diff --git a/groff.spec b/groff.spec index 1c867c9..5877457 100644 --- a/groff.spec +++ b/groff.spec @@ -55,7 +55,6 @@ Patch13: fgets-overflow.patch Patch14: groff-1.18.1.1-destbufferoverflow.patch Patch446710: bnc446710.patch Patch540600: nroff-empty-LANGUAGE-fix.diff -Patch15: groff-1.18.1.1-debian-538330.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -93,7 +92,6 @@ Authors: %patch14 %patch446710 -p1 %patch540600 -p1 -%patch15 -p1 -b .debian-538330 %build # remove empty backups