Accepting request 1283664 from Publishing

OBS-URL: https://build.opensuse.org/request/show/1283664 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/htmldoc?expand=0&rev=37
htmldoc 1.9.20
2025-06-10 06:59:33 +00:00 · 2025-06-06 13:04:53 +00:00 · 2024-11-05 14:39:41 +00:00 · 2024-11-05 07:58:46 +00:00
7 changed files with 100 additions and 32 deletions
--- a/htmldoc-1.9.18-source.tar.gz
+++ b/htmldoc-1.9.18-source.tar.gz
@@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:36492b39754ccd00c1183f8237850f09a3a807bb55cfaa9822090343c5012f09
 size 3289754
--- a/htmldoc-1.9.20-source.tar.gz
+++ b/htmldoc-1.9.20-source.tar.gz
@@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:f458f3476acf73b791e3c0c71497c42d094b5d6bf96a4572d755b8c9e180609a
 size 3291106
--- a/htmldoc-1.9.20-source.tar.gz.sig
+++ b/htmldoc-1.9.20-source.tar.gz.sig
--- a/htmldoc-CVE-2024-45508.patch
+++ b/htmldoc-CVE-2024-45508.patch
@@ -1,13 +0,0 @@
 Index: htmldoc-1.9.18/htmldoc/ps-pdf.cxx
 ===================================================================
 --- htmldoc-1.9.18.orig/htmldoc/ps-pdf.cxx
 +++ htmldoc-1.9.18/htmldoc/ps-pdf.cxx
@@ -5234,7 +5234,7 @@ parse_paragraph(tree_t *t,	/* I - Tree t
       if (temp->markup != MARKUP_A)
         break;
 -    if (temp != NULL && temp->markup == MARKUP_NONE && temp->data[0] == ' ')
 +    if (temp != NULL && temp->markup == MARKUP_NONE && temp->data[0] == ' ' && temp->data[1])
     {
       // Drop leading space...
       for (dataptr = temp->data; *dataptr; dataptr ++)
--- a/htmldoc.changes
+++ b/htmldoc.changes
@@ -1,3 +1,31 @@
 -------------------------------------------------------------------
 Sat May 24 07:35:46 UTC 2025 - Andreas Stieger <andreas.stieger@gmx.de>
 - update to 1.9.20:
  * Fix a regression that caused spaces to disappear between some
     words
  * Fix resolution of relative links within a document
 - includes changes from 1.9.19:
  * Add support for ‘file’ method in links
  * Update markdown support code to mmd
  * Fix hyperlinks to subfolders
  * Fix export of UTF-8 HTML
  * Fix handling of whitespace-only nodes
  * Fix case sensitivity of link targets
 - drop security patches now included:
  * htmldoc-CVE-2024-46478.patch
  * htmldoc-CVE-2024-45508.patch
 - add upstream signing key and validate source signature
 - clean up spec file, drop some unneeded or deprecated constructs
 -------------------------------------------------------------------
 Tue Nov  5 07:31:53 UTC 2024 - pgajdos@suse.com
 - security update
 - added patches
  fix CVE-2024-46478 [bsc#1232380], buffer overflow when handling tabs through the parse_pre function (ps-pdf.cxx)
  + htmldoc-CVE-2024-46478.patch
 -------------------------------------------------------------------
 Mon Sep  2 12:48:22 UTC 2024 - pgajdos@suse.com
--- a/htmldoc.keyring
+++ b/htmldoc.keyring
@@ -0,0 +1,52 @@
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 mQINBF+cjnMBEADB0sQniR+sWOFBHWURGGkUwVPUbApFs4RNiy8HEpH9wdWG2jtz
 7qqJeoa9GoZYEFVsHi3O0bvxNxb+PZNbk7VwsWImWYox8SR9QVNo5Ie0Sh9HzKqD
 ZA8FWf4KooIczKTYBqTsVvGsURcCAEMObh4WgvB2Yg1sGKPfMI2YUC/MnmN10Z4O
 JW3m2hymDoOsYWWherXRwGDFZKJXWnZ6YTamxRuhKe0s7N9LiOKX5fl4heEmdlNz
 W/d8rvQd3ANNKHk0ebtv+44h4wbrdk7M//X29AOvN3s7lRhQJBRJb6ymuQUnqhb/
 k0DbaVwuDmz/qBVhR16UKVqbvUfgTAhSJ10y5nG9bkZdc5DjW/qG/0aoWgOMo/VM
 FGHMeIYbGJtPHJUD/zhWqmHBnaYJpSCZZndiHz5atQyii/ckJ8GeGqbVVQ5zd5E2
 EjqC3iNB60VVrh3j+iCTfgavWG3jHq7Rmis1UT0C2CeAWVfQiLHPGrvB6/2UNz2b
 GXg+MRVjfHB515BYVP9z6slLt2kmMOH0Vd0WxmO6eSjN16JCtJPocYiy6LQgImrq
 EY+3lJ+I9sY+MASav91CXSFoJofUBtpGoii7YkLD3N/WlWuEGW1Ah9286W9n9Poz
 iaLZ8pagY+xO40VjiI9un13cdNWZSWX4Yr070Hcljqe32Y0UFwEUYpEgOQARAQAB
 tCNNaWNoYWVsIFIgU3dlZXQgPG1zd2VldEBtc3dlZXQub3JnPokCVAQTAQoAPhYh
 BJCGw83GbD9WPPj0Bb5nx17IHzJEBQJfnI5zAhsDBQkHhh+ABQsJCAcDBRUKCQgL
 BRYCAwEAAh4BAheAAAoJEL5nx17IHzJEInkP/0v4KK7I28MNMCtBUEqy5MR5/raM
 FMEUo4JqUP8I08inlZL0wu9dY/V6efDcdAx0JbzFYRYhiRYgW+8QmICWn7xF8qO4
 zfnHLKOeZ6ANP6oXM/Be2hsqcm9ESF7UM8fabA5ABzswMryVTb4h7dPrT2m+iwCb
 ZapHQQE3bFiR9TbK//RszilVwV0QgDbcSwLmbQFfZ+gJi7wU7Y7sRALWydBbIwqp
 aVVkLi8z14J6gb+Q3hS+1hPrNSSOlHJPMtMn7qgy0wLjIlzkt9tUObsfZa178UdC
 hNBD+yN/TnPFqNpPgJl4WdiqQtmby1hOT2iJdzfnNxbFY4KefbCTTVsQqqhn7OeP
 bhewZjyL7kQ3mwwr+3WdO1vV6JQ+bHEfDXi0toQ3/+7r4ho32w4SOVuInGd5w9RG
 AYpyr3RO/qjLOM89eSYUJw0N6DQbmjwSanQUlCownJ0XuHtHLGUIm7TllGw8LeZ/
 TOtNONKxt8RZh4Nqr0mDpUU6uLjkh88slDFX5lELnU9AFUwlPy2MqC69pnpa5TNG
 8VAzLS+b/ohofrgSVIBnz+75N2mb75hgmk/p/QQs1Wf+kHTuk6ZloxwbTSLrKYhm
 luaGnLb/c8z8BG6R4V1MbdTPwNyZZWTF/b3SYHbAQJ9h9DzWXqrGG46Dl8GBqfnR
 mK2vLIwVQxP977+FuQINBF+cjnMBEADFD6d0uo3pHXqzbM5rvf/43e7KuQ86msaN
 dVI0x7LNfecC7669qlUefW4SC96pGmFGiISXBn2JtuzRAtoSmb4Z6pZMYAQyKQw/
 l/OExeeupqDfqj+Gf2/zh4pV3pkltLvTejUUb8oxxS6Y6emlwgJUAjWMbUkjlrvL
 ehWSy43agheC14CG0ORyX33LLPc1nBa1+au+q2BY/87ffFXgFnw3CE5KRnlWhoZ1
 lbSUhi1IB11A8X6rGXwcMQfJppQxjWVMkEykLZLWkGaGz3mDtMMhX6OVXNlHKFQJ
 YkglwVHA3O3G0CqrfagtSSynElKDe2TPs5hfksipkI+P06A9bVNeBRSx0Jm0I3jI
 NAGL0unLb9v4X5nlYJnNkBFwv0dlNPdo4765lTkVpX2knswnAVTCVLozq24eau1u
 Q2aQUyjKDf4L+/334cw2XkTeLIsoZKnetPsPJs00d8FCtc6/silxNOhYhKsXzJNX
 bBAdNlRHlPoO3Q3pLDGCHPIDgFCEL+GcRCFjHesGKQhI7s8ULts6eF5LShGWdLbv
 tduEYzm3mnhnzeWKz5o4eECEHIuhysCk2Kd8lu8cUEdZYVxMqAbfpJywFY6WGcRh
 9+nwHXQP7OQsYe7IkB4bVRzaVrTZf6rtxcUgmc6bJz7BR0I0yRVZjGBSpqdkL7Uc
 kmjzEm/oKwARAQABiQI8BBgBCgAmFiEEkIbDzcZsP1Y8+PQFvmfHXsgfMkQFAl+c
 jnMCGwwFCQeGH4AACgkQvmfHXsgfMkT6dRAArDSXqil5VZrA2903+E1RNsEulQs4
 DyJT/cO35eArYmd2tkCMkXRf7pEcKujqhB0VAJ1XuaSiqWFSArJK7Hsfna3XC0ne
 cCvoBfmK+B80INH3nmDI6uFlcTsiyyjM/i0icHNXgERV05Ar0+aPwNxnSWsQTb1E
 OpezzyUxk9bNkSG7kbpKV0Cdw8nasY+RM4SUam4/W+0mRY+8p9B5Xr3GlKn9mU2y
 heNFqJz5liTAAsh4qZ8YR0M0umyhN5L23bk+bBT6iCbV4SvCsdC7sfvFd5Md1sbY
 NuU0g4pKmA0pMcCbhhL+MCgYWU4s9zh1WPytIY7ashnwr3R124/H6Hci8nToWVCi
 ypJ1uzJIeRH2XKfM22mKsBEzdGla6gSrGvoFlqdVVIUhyshdFZ9AqIk6xhsa7YTt
 8k0b/8JDqx5T7Iw0I2F7DfVIO8a5LfyEE7zi7sJjkX6dRff52CDjAELV6c47KnkH
 0RRbUAm5u4YbySwyuHYIshsPNNd3qHK7Mli4OsAjiYdD1Zg3axW3+ssjvYFHAoIF
 CqVcYZ5RFGDHTSi9Vsm75ItbuQXCBR0WoVZ1xoEiVTjZGZKsKNrpy486TppkHdLU
 8qSm3l2abPVAlf7QIFh5qv8OAW3InLaproUsWlcQ3lkDbf6ZgoTbyJsQ1VBMc8UD
 TmrmetlmpxSMcMU=
 =No6h
 -----END PGP PUBLIC KEY BLOCK-----
--- a/htmldoc.spec
+++ b/htmldoc.spec
@@ -2,6 +2,7 @@
 # spec file for package htmldoc
 #
 # Copyright (c) 2024 SUSE LLC
 # Copyright (c) 2025 Andreas Stieger <Andreas.Stieger@gmx.de>
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,26 +18,29 @@
 Name:           htmldoc
-Version:        1.9.18
+Version:        1.9.20
 Release:        0
 Summary:        HTML Processor that Generates HTML, PostScript, and PDF Files
 License:        LGPL-2.1-or-later
 Group:          Productivity/Publishing/HTML/Tools
 URL:            https://michaelrsweet.github.io/htmldoc/index.html
 Source:         https://github.com/michaelrsweet/htmldoc/releases/download/v%{version}/htmldoc-%{version}-source.tar.gz
-# CVE-2024-45508 [bsc#1230022], HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node.
+Source2:        https://github.com/michaelrsweet/htmldoc/releases/download/v%{version}/htmldoc-%{version}-source.tar.gz.sig
-Patch0:          htmldoc-CVE-2024-45508.patch
+# https://www.msweet.org/pgp.html
-BuildRequires:  cups-devel
+Source3:        %{name}.keyring
 BuildRequires:  c++_compiler
 BuildRequires:  fltk-devel
 BuildRequires:  gcc-c++
 BuildRequires:  hicolor-icon-theme
-BuildRequires:  libXpm-devel
+BuildRequires:  pkgconfig
-BuildRequires:  libgcrypt-devel
+BuildRequires:  pkgconfig(libjpeg)
-BuildRequires:  libgnutls-devel
+BuildRequires:  pkgconfig(libpng)
-BuildRequires:  libjpeg-devel
+BuildRequires:  pkgconfig(xpm)
-BuildRequires:  libpng-devel
+BuildRequires:  pkgconfig(zlib)
-BuildRequires:  update-desktop-files
+%if 0%{?sle_version} <= 150600 && 0%{?is_opensuse}
-BuildRequires:  zlib-devel
+BuildRequires:  cups-devel
 %else
 BuildRequires:  pkgconfig(cups)
 %endif
 %description
 HTMLDOC converts HTML source files into indexed HTML, PostScript, or
@@ -56,10 +60,7 @@ Portable Document Format (PDF) files that can be viewed online or printed.
 mv -f %{buildroot}%{buildroot}/* \
  %{buildroot}
 # Get rid of unvanted files
-rm -rf %{buildroot}/home %{buildroot}%{_datadir}/doc/%{name}
+rm -rf %{buildroot}%{_datadir}/doc/%{name}
 # Update desktop file
 %suse_update_desktop_file -r %{name} Development Documentation
 %suse_update_desktop_file %{name} -G%{name}
 %files
 %license COPYING
Author	SHA256	Message	Date
Ana Guerrero	31f6980af1	Accepting request 1283664 from Publishing OBS-URL: https://build.opensuse.org/request/show/1283664 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/htmldoc?expand=0&rev=37	2025-06-10 06:59:33 +00:00
Martin Pluskal	f60d549541	htmldoc 1.9.20 OBS-URL: https://build.opensuse.org/package/show/Publishing/htmldoc?expand=0&rev=46	2025-06-06 13:04:53 +00:00
Ana Guerrero	a08ad20d3a	Accepting request 1221331 from Publishing - security update - added patches fix CVE-2024-46478 [bsc#1232380], buffer overflow when handling tabs through the parse_pre function (ps-pdf.cxx) + htmldoc-CVE-2024-46478.patch (forwarded request 1221327 from pgajdos) OBS-URL: https://build.opensuse.org/request/show/1221331 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/htmldoc?expand=0&rev=36	2024-11-05 14:39:41 +00:00
Dr. Werner Fink	da2e06686b	- security update - added patches fix CVE-2024-46478 [bsc#1232380], buffer overflow when handling tabs through the parse_pre function (ps-pdf.cxx) + htmldoc-CVE-2024-46478.patch OBS-URL: https://build.opensuse.org/package/show/Publishing/htmldoc?expand=0&rev=44	2024-11-05 07:58:46 +00:00