Update of /cvsroot/fink/dists/10.4/stable/main/finkinfo/text In directory sc8-pr-cvs17.sourceforge.net:/tmp/cvs-serv24272/10.4/stable/main/finkinfo/text
Modified Files: libkpathsea4.info tetex.info Log Message: Sync with unstable, which should address the security problem. Index: libkpathsea4.info =================================================================== RCS file: /cvsroot/fink/dists/10.4/stable/main/finkinfo/text/libkpathsea4.info,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- libkpathsea4.info 12 May 2007 14:56:33 -0000 1.6 +++ libkpathsea4.info 26 Nov 2007 12:52:39 -0000 1.7 @@ -1,35 +1,29 @@ Package: libkpathsea4 -Version: 3.0 -Revision: 1007 -Description: Complete distribution of the TeX typesetting system -BuildDepends: << - t1lib5, libpng3 (>= 1:1.2.8-1), libwww, libncurses5 (>= 5.4-20041023-1006), tetex-texmf (>= 3.0-1) -<< +Version: 3.5.6 +Revision: 1 +Description: Path search library for TeX +BuildDepends: tetex-texmf (>= 3.0-1), fink (>= 0.24.12) BuildDependsOnly: true Depends: %N-shlibs (= %v-%r) Conflicts: tetex-dev, ptex-dev Replaces: tetex-dev, tetex-base (<= 2.0.2-46), tetex-nox (<= 2.0.2-24), ptex-base (<< 3.1.8) -Source: ftp://cam.ctan.org/tex-archive/systems/unix/teTeX/%v/distrib/tetex-src-%v.tar.gz +Source: mirror:ctan:systems/unix/teTeX/3.0/distrib/tetex-src-3.0.tar.gz Source-MD5: 944a4641e79e61043fdaf8f38ecbb4b3 -Source2: http://fink.sodan.ecc.u-tokyo.ac.jp/pkgdists/tetex-%v-magstep-20060511.patch -Source2-MD5: c88f4c99f3e984c0d3ff540373f2e359 -Source3: http://sarovar.org/tracker/download.php/106/493/378/119/xputenv.c -Source3-MD5: 9b271c52c4a591c23cacb81a2230c042 +Source2: http://fink.sodan.ecc.u-tokyo.ac.jp/pkgdists/kpathsea-3.5.6-tetex-3.0.patch.gz +Source2-MD5: 8c855399616a49e26e411e6ed5db5092 +PatchFile: tetex.patch +PatchFile-MD5: b5bc9d386f66b9542970d63adcf8270d PatchScript: << - sed 's|@PREFIX@|%p|g' < %a/tetex.patch | sed 's|@PACKAGE@|%n-%v-%r|g' | patch -p1 + sed 's|@PREFIX@|%p|g' < %{PatchFile} | sed 's|@PACKAGE@|%n-%v-%r|g' | patch -p1 perl -pi -e "s|hardcode_direct=yes|hardcode_direct=no|" texk/configure texk/kpathsea/configure utils/texinfo/configure perl -pi -e 's,-flat_namespace -undefined suppress,-twolevel_namespace -undefined error,g' texk/configure texk/kpathsea/configure utils/texinfo/configure perl -pi -e 's,\*\.obj\),*.obj | *.dSYM),' texk/configure texk/kpathsea/configure utils/texinfo/configure - patch -p1 < ../tetex-%v-magstep-20060511.patch - cp ../xputenv.c texk/kpathsea/ + gzip -dc ../kpathsea-3.5.6-tetex-3.0.patch.gz | patch -p1 << ConfigureParams: << --without-texi2html --without-texinfo --enable-shared \ --datadir='${prefix}/share' --infodir='${prefix}/share/info' \ - --mandir='${prefix}/share/man' --disable-multiplatform --with-system-ncurses \ - --with-system-pnglib --with-system-t1lib --with-system-wwwlib \ - --with-system-zlib \ - --with-system-gd \ + --mandir='${prefix}/share/man' --disable-multiplatform \ --without-x << CompileScript: << @@ -46,11 +40,11 @@ InfoDocs: kpathsea.info SplitOff: << Package: %N-shlibs - Description: Shared libraries for a teTeX installation + Description: Shared libraries of path search library for TeX Files: lib/libkpathsea.*.dylib Shlibs: %p/lib/libkpathsea.4.dylib 5.0.0 %n (>= 3.0-1) DocFiles: LICENSE.src README README.fink << -License: OSI-Approved +License: LGPL Maintainer: Dave Morrison <[EMAIL PROTECTED]> -Homepage: http://www.tug.org/teTeX +Homepage: http://www.tug.org/kpathsea/ Index: tetex.info =================================================================== RCS file: /cvsroot/fink/dists/10.4/stable/main/finkinfo/text/tetex.info,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- tetex.info 12 May 2007 14:56:33 -0000 1.5 +++ tetex.info 26 Nov 2007 12:52:40 -0000 1.6 @@ -2,13 +2,14 @@ Package: tetex%type_pkg[-nox] Type: -nox (boolean) Version: 3.0 -Revision: 1002 +Revision: 1005 GCC: 4.0 Description: Complete distribution of the TeX typesetting system Depends: %N-base (= %v-%r), texinfo, debianutils, texi2html BuildDepends: << - libkpathsea4, t1lib5, libpng3 (>= 1:1.2.8-1), libwww, libncurses5 (>= 5.4-20041023-1006), + libkpathsea4 (>= 3.5.6-1), t1lib5-nox, libpng3 (>= 1:1.2.8-1), libwww, libncurses5 (>= 5.4-20041023-1006), fink (>= 0.24.12), libjpeg, libiconv-dev, + (%type_raw[-nox] = .) t1lib5-x11, (%type_raw[-nox] = .) gd2 (>= 2.0.33-1), (%type_raw[-nox] = .) x11, (%type_raw[-nox] = .) openmotif3 @@ -28,11 +29,40 @@ Suggests: foiltex Source: ftp://cam.ctan.org/tex-archive/systems/unix/teTeX/3.0/distrib/tetex-src-%v.tar.gz Source-MD5: 944a4641e79e61043fdaf8f38ecbb4b3 +Source2: http://fink.sodan.ecc.u-tokyo.ac.jp/pkgdists/kpathsea-3.5.6-tetex-3.0.patch.gz +Source2-MD5: 8c855399616a49e26e411e6ed5db5092 +Source3: http://fink.sodan.ecc.u-tokyo.ac.jp/pkgdists/tetex-3.0-security-200709.tar.bz2 +Source3-MD5: 461b069855d8c2852c647ebe44f7e1af +Tar3FilesRename: tetex-3.0-security-200709:tetex-3.0-security +PatchFile: tetex.patch +PatchFile-MD5: b5bc9d386f66b9542970d63adcf8270d PatchScript: << - sed 's|@PREFIX@|%p|g' < %a/tetex.patch | sed 's|@PACKAGE@|%n-%v-%r|g' | patch -p1 + sed 's|@PREFIX@|%p|g' < %{PatchFile} | sed 's|@PACKAGE@|%n-%v-%r|g' | patch -p1 perl -pi -e "s|hardcode_direct=yes|hardcode_direct=no|" texk/configure texk/kpathsea/configure utils/texinfo/configure perl -pi -e 's,-flat_namespace -undefined suppress,-twolevel_namespace -undefined error,g' texk/configure texk/kpathsea/configure utils/texinfo/configure perl -pi -e 's,\*\.obj\),*.obj | *.dSYM),' texk/configure texk/kpathsea/configure utils/texinfo/configure + gzip -dc ../kpathsea-3.5.6-tetex-3.0.patch.gz | patch -p1 + + # Fix dvipdfm buffer overflow (imported from tetex-3.0-20.FC5) + patch -p1 < ../tetex-3.0-security/tetex-3.0-dvipdfm.patch + + # Don't use tmpnam() in dvipdfm. (impoted from tetex-3.0-4.FC4) + patch -p1 < ../tetex-3.0-security/tetex-2.0.2-dvipdfm-security.patch + + # Fix xpdf overflows CVE-2005-3193 (impoted from tetex-3.0-20.fc5) + patch -p1 < ../tetex-3.0-security/tetex-3.0-CVE-2005-3193.patch + + # Fix xpdf integer overflow CVE-2007-3387 (imported from tetex-3.0-40.1.fc7) + patch -p1 < ../tetex-3.0-security/tetex-3.0-CVE-2007-3387.patch + + # http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104 + patch -d libs -p1 < ../tetex-3.0-security/post-3.5.5-kdegraphics-CVE-2007-0104.diff + + # Don't use PID for temporary file names in scripts. (impoted from FC4) + patch -p1 < ../tetex-3.0-security/tetex-3.0-badscript.patch + + # Fix overflows in makeindex CVE-2007-0650 (impoted from tetex-3.0-34.fc6) + patch -p1 < ../tetex-3.0-security/tetex-3.0-CVE-2007-0650.patch << NoSetMAKEFLAGS: true SetMAKEFLAGS: -j1 @@ -93,9 +123,10 @@ Package: %N-base Description: Base programs for a teTeX installation Depends: << - t1lib5-shlibs, libpng3-shlibs (>= 1:1.2.8-1), + t1lib5-nox-shlibs, libpng3-shlibs (>= 1:1.2.8-1), libwww-bin, libncurses5-shlibs (>= 5.4-20041023-1006), ncurses (>= 5.4-20041023-1006), - fink (>= 0.12.0-1), libkpathsea4-shlibs (>= 3.0-1), tetex-texmf (>= 3.0-1), + fink (>= 0.12.0-1), libkpathsea4-shlibs (>= 3.5.6-1), tetex-texmf (>= 3.0-1), + (%type_raw[-nox] = .) t1lib5-x11-shlibs, (%type_raw[-nox] = -nox) ghostscript-nox, (%type_raw[-nox] = .) ghostscript, (%type_raw[-nox] = .) gd2-shlibs (>= 2.0.33-1), ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Fink-commits mailing list Fink-commits@lists.sourceforge.net http://news.gmane.org/gmane.os.apple.fink.cvs