Re: [BLFS Trac] #1799: Enscript security fixes

Tue, 11 Apr 2006 17:52:23 -0700 

#1799: Enscript security fixes
--------------------------------------------+-------------------------------
 Reporter:  [EMAIL PROTECTED]  |        Owner:  [EMAIL PROTECTED]
     Type:  defect                          |       Status:  closed             
       
 Priority:  highest                         |    Milestone:  6.2                
       
Component:  BOOK                            |      Version:  SVN                
       
 Severity:  blocker                         |   Resolution:  invalid            
       
 Keywords:  Enscript                        |  
--------------------------------------------+-------------------------------
Changes (by [EMAIL PROTECTED]):

  * resolution:  => invalid
  * status:  assigned => closed

Comment:

 I went in good faith to fix this bug. I figured after looking at
 the patch it would be a deal where I would apply it, rediff it,
 and then build and update. 10 minutes at the most.

 But instead I get this:

 [EMAIL PROTECTED]: ~/build > cd enscript-1.6.4
 [EMAIL PROTECTED]: ~/build/enscript-1.6.4 > patch -Np1 -i ../enscript.patch
 patching file src/gsint.h
 patching file src/main.c
 Hunk #1 succeeded at 1546 (offset -10 lines).
 Hunk #2 FAILED at 1569.
 Hunk #3 FAILED at 1637.
 2 out of 3 hunks FAILED -- saving rejects to file src/main.c.rej
 patching file src/util.c
 Hunk #3 FAILED at 1905.
 1 out of 4 hunks FAILED -- saving rejects to file src/util.c.rej
 patching file src/psgen.c
 Hunk #2 succeeded at 2401 with fuzz 1.
 patching file src/psgen.c


 Why bother sending in a patch that doesn't apply? What, is some
 editor supposed to stop and spend an hour or two to "fix" the
 patch so that it really works?

 It seems as though if someone was concerned enough to send in
 a patch (and put a bug in the system no less) to fix something,
 you would think the patch would actually apply. You'd think that
 they would have actually tested it.

 Enscript works fine enough for me (actually I don't use it, but
 it builds clean). If it has security vulnerabilities, then it
 must be a different version than we are using in the book, else
 the patch would apply.

 I can only think this patch is for some other version of Enscript
 and not applicable to BLFS.

 Closing the bug as invalid.

-- 
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/1799>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
--
http://linuxfromscratch.org/mailman/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Reply via email to