diff --git a/man-db-2.4.3-3.diff.bz2 b/man-db-2.4.3-3.diff.bz2 deleted file mode 100644 index 9f2158a..0000000 --- a/man-db-2.4.3-3.diff.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b937020bb5eb0bcbe712dd877469e618509a120800e9145f9ed8d126c2310a2c -size 2027 diff --git a/man-db-2.4.3-6.diff.bz2 b/man-db-2.4.3-6.diff.bz2 new file mode 100644 index 0000000..a4413d8 --- /dev/null +++ b/man-db-2.4.3-6.diff.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:28ef32cd88dcd486f76855a805c8028174eba816606160ae5a349d06dee6c0dc +size 22793 diff --git a/man-db-2.4.3-CVE-2006-4250.dif b/man-db-2.4.3-CVE-2006-4250.dif deleted file mode 100644 index 22c90a1..0000000 --- a/man-db-2.4.3-CVE-2006-4250.dif +++ /dev/null @@ -1,57 +0,0 @@ ---- src/man.c -+++ src/man.c 2007-04-16 17:24:18.424390534 +0200 -@@ -1795,32 +1795,35 @@ static pipeline *make_browser (const cha - { - pipeline *p; - char *browser; -- int command_len = strlen (command) * 2 + strlen (file) + 1; - int found_percent_s = 0; - char *percent; - char *esc_file; - -- browser = xmalloc (command_len + 1); -+ browser = xmalloc (1); - *browser = '\0'; - - percent = strchr (command, '%'); - while (percent) { -+ size_t len = strlen (browser); -+ browser = xrealloc (browser, len + 1 + (percent - command)); - strncat (browser, command, percent - command); - switch (*(percent + 1)) { - case '\0': - case '%': -- strcat (browser, "%"); -+ browser = strappend (browser, "%", NULL); - break; - case 'c': -- strcat (browser, ":"); -+ browser = strappend (browser, ":", NULL); - break; - case 's': - esc_file = escape_shell (file); -- strcat (browser, esc_file); -+ browser = strappend (browser, esc_file, NULL); - free (esc_file); - found_percent_s = 1; - break; - default: -+ len = strlen (browser); /* cannot be NULL */ -+ browser = xrealloc (browser, len + 3); - strncat (browser, percent, 2); - break; - } -@@ -1830,11 +1833,10 @@ static pipeline *make_browser (const cha - command = percent + 1; - percent = strchr (command, '%'); - } -- strcat (browser, command); -+ browser = strappend (browser, command, NULL); - if (!found_percent_s) { -- strcat (browser, " "); - esc_file = escape_shell (file); -- strcat (browser, esc_file); -+ browser = strappend (browser, " ", esc_file, NULL); - free (esc_file); - } - diff --git a/man-db-2.4.3-firefox.dif b/man-db-2.4.3-firefox.dif new file mode 100644 index 0000000..dc4cf0e --- /dev/null +++ b/man-db-2.4.3-firefox.dif @@ -0,0 +1,30 @@ +--- src/man.c ++++ src/man.c 2007-07-18 14:45:24.091833039 +0200 +@@ -2280,21 +2280,23 @@ static void format_display (pipeline *fo + if (!status) + break; + } +- if (!candidate) +- error (CHILD_FAIL, 0, +- "couldn't execute any browser from %s", +- html_pager); + free (browser_list); + if (chdir (old_cwd) == -1) { + error (0, errno, _("can't change to directory %s"), + old_cwd); + chdir ("/"); + } ++ if (!status) ++ sleep(5); /* firefox runs into background to fast */ + if (remove_directory (htmldir) == -1) + error (0, errno, _("can't remove directory %s"), + htmldir); + free (htmlfile); + free (htmldir); ++ if (!candidate) ++ error (CHILD_FAIL, 0, ++ "couldn't execute any browser from %s", ++ html_pager); + } else + #endif /* TROFF_IS_GROFF */ + if (format_cmd) { diff --git a/man-db-2.4.3.dif b/man-db-2.4.3.dif index 1a14902..032cf1c 100644 --- a/man-db-2.4.3.dif +++ b/man-db-2.4.3.dif @@ -1,13 +1,13 @@ --- .pkgextract +++ .pkgextract 2007-02-15 00:00:00.000000000 +0100 @@ -0,0 +1,7 @@ -+bzcat ../man-db-2.4.3-3.diff.bz2 | patch -p1 -s --suffix=.debian ++bzcat ../man-db-2.4.3-6.diff.bz2 | patch -p1 -s --suffix=.debian +patch -p0 -s --suffix=.groff < ../man-db-2.3.19deb4.0-groff.dif +patch -p0 -s --suffix=.err < ../man-db-2.4.1-error.dif +patch -p0 -s --suffix=.sect < ../man-db-2.4.3-section.dif +patch -p0 -s --suffix=.secu2 < ../man-db-2.4.1-security2.dif +patch -p0 -s --suffix=.secu4 < ../man-db-2.4.1-security4.dif -+patch -p0 -s --suffix=.064250 < ../man-db-2.4.3-CVE-2006-4250.dif ++patch -p0 -s --suffix=.firefox< ../man-db-2.4.3-firefox.dif --- GNUmakefile.in +++ GNUmakefile.in 2007-02-15 00:00:00.000000000 +0100 @@ -35,7 +35,7 @@ @@ -140,7 +140,7 @@ #undef HAVE___ARGZ_COUNT --- configure.in -+++ configure.in 2007-02-15 00:00:00.000000000 +0100 ++++ configure.in 2007-07-18 15:38:24.919840000 +0200 @@ -10,6 +10,18 @@ AC_CONFIG_HEADER(config.h) AC_CANONICAL_HOST AC_ARG_PROGRAM @@ -179,16 +179,12 @@ dnl dnl Finish the argument parsing dnl -@@ -115,10 +139,10 @@ fi - AC_PROG_INSTALL - AC_PROG_RANLIB - AC_PATH_PROG(cat, cat) --AC_PATH_PROG(lynx, lynx) -+AC_PATH_PROG(lynx, lynx, /usr/bin/lynx) +@@ -118,7 +142,7 @@ AC_PATH_PROG(cat, cat) + AC_PATH_PROG(lynx, lynx, /usr/bin/lynx) AC_PATH_PROG(tr, tr) AC_PATH_PROG(grep, grep) --AC_PATH_PROGS(pager, pager less more) -+AC_PATH_PROGS(pager, less more) +-AC_PATH_PROG(pager, pager, /usr/bin/pager) ++AC_PATH_PROG(pager, less, /usr/bin/less) test -n "$pager" && pager="$pager -s" dnl dnl define below (in list of preference) *roff macros to check for. @@ -210,7 +206,7 @@ @@ -242,10 +274,16 @@ then decompressor="$gunzip" fi - AC_PATH_PROG(compress, compress) + AC_PATH_PROG(compress, compress, /usr/bin/compress) -if test -n "$compress" +if test -n "$compress" || test -n "$gzip" then @@ -337,16 +333,16 @@ #endif /* HAVE_COMPRESS */ --- include/manconfig.h.in -+++ include/manconfig.h.in 2007-02-15 00:00:00.000000000 +0100 -@@ -68,7 +68,7 @@ - MAN_DB_UPDATES - to allow man to update databases - MAN_CATS - to allow man to create/update cat files */ ++++ include/manconfig.h.in 2007-07-18 15:42:54.412670497 +0200 +@@ -114,7 +114,7 @@ + #endif --#define MAN_DB_CREATES -+/* #define MAN_DB_CREATES */ - #define MAN_DB_UPDATES - #define MAN_CATS + #ifndef WEB_BROWSER +-# define WEB_BROWSER "exec /usr/bin/www-browser" ++# define WEB_BROWSER "exec @lynx@" + #endif + #ifndef TR @@ -134,6 +134,8 @@ #ifndef NROFF_MISSING # ifndef NROFF @@ -1550,7 +1546,7 @@ } else { /* Reading from stdin: use cat to pick up the part we * read in to figure out the format pipeline. -@@ -1887,6 +1933,18 @@ static void setenv_less (const char *tit +@@ -1889,6 +1935,18 @@ static void setenv_less (const char *tit free (less_opts); } @@ -1569,7 +1565,7 @@ /* Return pipeline to display file. NULL means stdin. * * TODO: htmlout case is pretty weird now. I'd like the intelligence to be -@@ -1899,6 +1957,9 @@ static pipeline *make_display_command (c +@@ -1901,6 +1959,9 @@ static pipeline *make_display_command (c setenv_less (title); @@ -1579,7 +1575,7 @@ if (file) { if (ascii) { p = pipeline_new (); -@@ -2360,16 +2421,24 @@ static int display (const char *dir, con +@@ -2364,16 +2425,24 @@ static int display (const char *dir, con if (debug) fprintf (stderr, "chdir %s\n", dir); @@ -1605,7 +1601,7 @@ if (man_file) { source_file = get_ztemp (); if (!source_file) -@@ -2377,11 +2446,10 @@ static int display (const char *dir, con +@@ -2381,11 +2450,10 @@ static int display (const char *dir, con } #else source_file = man_file; @@ -1619,7 +1615,7 @@ else format_cmd = NULL; } -@@ -2585,8 +2653,12 @@ static int display (const char *dir, con +@@ -2589,8 +2657,12 @@ static int display (const char *dir, con } } @@ -1634,7 +1630,7 @@ if (!pause) pause = found; -@@ -2925,13 +2997,13 @@ static int display_filesystem (struct ca +@@ -2929,13 +3001,13 @@ static int display_filesystem (struct ca if (cat_file) free (cat_file); free (title); @@ -1651,7 +1647,7 @@ return found; } -@@ -3018,11 +3090,11 @@ static int display_database (struct cand +@@ -3022,11 +3094,11 @@ static int display_database (struct cand title, in->filter); if (cat_file) free (cat_file); @@ -1665,7 +1661,7 @@ } /* else {drop through to the bottom and return 0 anyway} */ } else -@@ -3099,8 +3171,8 @@ static int display_database_check (struc +@@ -3103,8 +3175,8 @@ static int display_database_check (struc #ifdef MAN_DB_UPDATES if (!exists && !skip) { if (debug) diff --git a/man.changes b/man.changes index 7860e5a..8e97c38 100644 --- a/man.changes +++ b/man.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Wed Jul 18 15:11:37 CEST 2007 - werner@suse.de + +- Add workaround for html browsers which do their job in + background: do not remove the temporary files to fast (#280613) +- Update to debain patch level 6 which + * includes bug fix for CVE-2006-4250 (bug #262747) + * includes french manual pages + ------------------------------------------------------------------- Tue Apr 17 10:44:44 CEST 2007 - werner@suse.de diff --git a/man.spec b/man.spec index b9ddc39..415d3a0 100644 --- a/man.spec +++ b/man.spec @@ -13,9 +13,9 @@ Name: man BuildRequires: flex gdbm-devel groff less libbz2-devel libzio-devel zlib-devel Version: 2.4.3 -Release: 48 +Release: 66 Summary: A Program for Displaying man Pages -License: GNU General Public License (GPL) +License: GPL v2 or later Group: System/Base PreReq: fileutils fillup Provides: man_db @@ -26,13 +26,13 @@ Source1: sysconfig.cron-man Source2: cron.daily.do_mandb Source3: cron.daily.clean_catman Patch0: man-db-%{version}.dif -Patch1: man-db-%{version}-3.diff.bz2 +Patch1: man-db-%{version}-6.diff.bz2 Patch2: man-db-2.3.19deb4.0-groff.dif Patch3: man-db-2.4.1-error.dif Patch4: man-db-%{version}-section.dif Patch5: man-db-2.4.1-security2.dif Patch6: man-db-2.4.1-security4.dif -Patch7: man-db-2.4.3-CVE-2006-4250.dif +Patch7: man-db-2.4.3-firefox.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -53,7 +53,7 @@ Authors: %patch4 -p0 -b .sect %patch5 -p0 -b .secu2 %patch6 -p0 -b .secu4 -%patch7 -p0 -b .064250 +%patch7 -p0 -b .firefox %patch -p0 %build @@ -127,6 +127,13 @@ test -d var/catman/ && rm -rf var/catman/ || true %doc %{_mandir}/es/man5/*.5.gz %dir %{_mandir}/es/man8 %doc %{_mandir}/es/man8/*.8.gz +%dir %{_mandir}/fr +%dir %{_mandir}/fr/man1 +%doc %{_mandir}/fr/man1/*.1.gz +%dir %{_mandir}/fr/man5 +%doc %{_mandir}/fr/man5/*.5.gz +%dir %{_mandir}/fr/man8 +%doc %{_mandir}/fr/man8/*.8.gz %dir %{_mandir}/it %dir %{_mandir}/it/man1 %doc %{_mandir}/it/man1/*.1.gz @@ -149,6 +156,12 @@ test -d var/catman/ && rm -rf var/catman/ || true /var/adm/fillup-templates/sysconfig.cron-man %changelog +* Wed Jul 18 2007 - werner@suse.de +- Add workaround for html browsers which do their job in + background: do not remove the temporary files to fast (#280613) +- Update to debain patch level 6 which + * includes bug fix for CVE-2006-4250 (bug #262747) + * includes french manual pages * Tue Apr 17 2007 - werner@suse.de - Fix heap buffer overflow (CVE-2006-4250, bug #262747) * Mon Mar 26 2007 - rguenther@suse.de