Date: Wednesday, May 6, 2020 @ 14:39:48 Author: allan Revision: 382394
upgpkg: a2ps 4.14-9: fix FTBFS, grab a couple of CVE fixes from git Added: a2ps/trunk/CVE-2014-0466.patch a2ps/trunk/CVE-2015-8107.patch a2ps/trunk/a2ps-texinfo67.patch Modified: a2ps/trunk/PKGBUILD ----------------------+ CVE-2014-0466.patch | 25 ++++++++++++++++++ CVE-2015-8107.patch | 67 +++++++++++++++++++++++++++++++++++++++++++++++++ PKGBUILD | 15 ++++++++-- a2ps-texinfo67.patch | 38 +++++++++++++++++++++++++++ 4 files changed, 142 insertions(+), 3 deletions(-) Added: CVE-2014-0466.patch =================================================================== --- CVE-2014-0466.patch (rev 0) +++ CVE-2014-0466.patch 2020-05-06 14:39:48 UTC (rev 382394) @@ -0,0 +1,25 @@ +From 5ea5ff8bc0094ca1eda0dd0e011d860e994c0a88 Mon Sep 17 00:00:00 2001 +From: David Seifert <[email protected]> +Date: Sun, 17 Sep 2017 23:26:32 +0200 +Subject: Add fix for CVE-2014-0466 + +--- + contrib/fixps.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/contrib/fixps.in b/contrib/fixps.in +index 45eeafc..bd6244e 100644 +--- a/contrib/fixps.in ++++ b/contrib/fixps.in +@@ -393,7 +393,7 @@ if test $task != check; then + eval "$command" ;; + gs) + $verbose "$program: making a full rewrite of the file ($gs)." >&2 +- $gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;; ++ $gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;; + esac + ) + fi +-- +cgit v1.2.1 + Added: CVE-2015-8107.patch =================================================================== --- CVE-2015-8107.patch (rev 0) +++ CVE-2015-8107.patch 2020-05-06 14:39:48 UTC (rev 382394) @@ -0,0 +1,67 @@ +From 90b876cb480ca9e092490c825663f23909c6173c Mon Sep 17 00:00:00 2001 +From: David Seifert <[email protected]> +Date: Sun, 17 Sep 2017 23:31:56 +0200 +Subject: Add fix for CVE-2015-8107 + +--- + lib/output.c | 2 +- + lib/parseppd.y | 2 +- + lib/psgen.c | 2 +- + src/parsessh.y | 2 +- + 4 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/lib/output.c b/lib/output.c +index b0011e1..449df0c 100644 +--- a/lib/output.c ++++ b/lib/output.c +@@ -518,7 +518,7 @@ output_file (struct output * out, a2ps_job * job, + expand_user_string (job, FIRST_FILE (job), + (const uchar *) "Expand: requirement", + (const uchar *) token)); +- output (dest, expansion); ++ output (dest, "%s", expansion); + continue; + } + +diff --git a/lib/parseppd.y b/lib/parseppd.y +index cb393e2..6e50ecb 100644 +--- a/lib/parseppd.y ++++ b/lib/parseppd.y +@@ -156,7 +156,7 @@ font_clause : + void + yyerror (const char *msg) + { +- error_at_line (1, 0, ppdfilename, ppdlineno, msg); ++ error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg); + } + + /* +diff --git a/lib/psgen.c b/lib/psgen.c +index 8738512..1cc3513 100644 +--- a/lib/psgen.c ++++ b/lib/psgen.c +@@ -221,7 +221,7 @@ output_marker (a2ps_job * job, const char * kind, unsigned char * marker) + default: + *buf = '\0'; + ps_escape_char (job, cp[i], buf); +- output (jdiv, (char *) buf); ++ output (jdiv, "%s", (char *) buf); + break; + } + } +diff --git a/src/parsessh.y b/src/parsessh.y +index 78d2039..b301d87 100644 +--- a/src/parsessh.y ++++ b/src/parsessh.y +@@ -742,7 +742,7 @@ exception_def_opt: + void + yyerror (const char *msg) + { +- error_at_line (1, 0, sshfilename, sshlineno, msg); ++ error_at_line (1, 0, sshfilename, sshlineno, "%s", msg); + } + + /* +-- +cgit v1.2.1 + Modified: PKGBUILD =================================================================== --- PKGBUILD 2020-05-06 14:26:13 UTC (rev 382393) +++ PKGBUILD 2020-05-06 14:39:48 UTC (rev 382394) @@ -2,7 +2,7 @@ pkgname=a2ps pkgver=4.14 -pkgrel=8 +pkgrel=9 pkgdesc="An Any to PostScript filter" arch=('x86_64') url="https://www.gnu.org/software/a2ps/"; @@ -14,7 +14,10 @@ a2ps-4.13c-fnmatch-replacement.patch a2ps-4.13c-emacs.patch a2ps-4.13-manpage-chmod.patch a2ps-4.14-check-mempcpy.patch a2ps-4.14-fix-stpcpy-proto.patch a2ps-texinfo5.patch - a2ps-4.13-security.patch) + a2ps-4.13-security.patch + CVE-2014-0466.patch + CVE-2015-8107.patch + a2ps-texinfo67.patch) sha1sums=('365abbbe4b7128bf70dad16d06e23c5701874852' 'SKIP' '8783952d3410d8d59ed953e1db45e2ef1a0b8f65' @@ -23,7 +26,10 @@ '6aed29c1399e79f3914b408059610f9e7c0fc38e' '58fa90134f1027e3f05aeb08212cbcc10f420738' '81269db9dd29685b0ece2539070ced3f7a8472df' - '93a4db17edfaa99e3498c7d952c560dab49dbe42') + '93a4db17edfaa99e3498c7d952c560dab49dbe42' + '0a04f4c145d3aef8f3c7537eb00cb4040c7209c9' + '08c51a9361eaefe76af61b70392fa5ac1c4356c7' + 'f54b6b319a5c134e0ee9be8dc9c8f80a65dc98d6') validpgpkeys=('6EB39358D8328FE3CDC903A8CB6FA340E7075A54') prepare() { @@ -39,6 +45,9 @@ patch -p0 -i "${srcdir}/a2ps-4.14-fix-stpcpy-proto.patch" patch -p1 -i "${srcdir}/a2ps-texinfo5.patch" patch -p1 -i "${srcdir}/a2ps-4.13-security.patch" + patch -p1 -i "${srcdir}/CVE-2014-0466.patch" + patch -p1 -i "${srcdir}/CVE-2015-8107.patch" + patch -p1 -i "${srcdir}/a2ps-texinfo67.patch" } build() { Added: a2ps-texinfo67.patch =================================================================== --- a2ps-texinfo67.patch (rev 0) +++ a2ps-texinfo67.patch 2020-05-06 14:39:48 UTC (rev 382394) @@ -0,0 +1,38 @@ +The patchs fixes build failure against texinfo-6.7+: +``` +Malformed UTF-8 character: \xcb\xeb (unexpected non-continuation byte 0xeb, immediately after start byte 0xcb; +need 2 bytes, got 1) in pattern match (m//) at /usr/share/texinfo/Texinfo/ParserNonXS.pm line 3364. +Malformed UTF-8 character (fatal) at /usr/share/texinfo/Texinfo/ParserNonXS.pm line 3364. +make[2]: *** [Makefile:472: a2ps.info] Error 25 +``` + +Fixed-by: Neil Bothwick +--- a/doc/a2ps.texi 2019-11-24 18:51:07.000000000 +0000 ++++ a/doc/a2ps.texi 2019-11-24 18:56:30.390438433 +0000 +@@ -1,5 +1,6 @@ + \input texinfo @c -*- texinfo -*- + @c %**start of header ++@documentencoding ISO-8859-1 + @setfilename a2ps.info + @settitle General Purpose PostScript Generating Utility + @c @setchapternewpage odd + +--- a/doc/regex.texi 2002-03-04 18:46:24.000000000 +0000 ++++ a/doc/regex.texi 2019-11-24 18:56:42.861052598 +0000 +@@ -1,5 +1,6 @@ + \input texinfo + @c %**start of header ++@documentencoding ISO-8859-1 + @setfilename regex.info + @settitle Regex + @c %**end of header + +--- a/ogonkify/doc/ogonkify.texi 2007-12-29 02:09:38.000000000 +0000 ++++ a/ogonkify/doc/ogonkify.texi 2019-11-24 18:57:03.173424149 +0000 +@@ -1,5 +1,6 @@ + \input texinfo @c -*-texinfo-*- + @c %**start of header ++@documentencoding ISO-8859-1 + @setfilename ogonkify.info + @settitle Ogonkify + @setchapternewpage off
