Update of /cvsroot/fink/dists/10.4/stable/main/finkinfo/text
In directory
sc8-pr-cvs17.sourceforge.net:/tmp/cvs-serv24272/10.4/stable/main/finkinfo/text
Modified Files:
libkpathsea4.info tetex.info
Log Message:
Sync with unstable, which should address the security problem.
Index: libkpathsea4.info
===================================================================
RCS file: /cvsroot/fink/dists/10.4/stable/main/finkinfo/text/libkpathsea4.info,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- libkpathsea4.info 12 May 2007 14:56:33 -0000 1.6
+++ libkpathsea4.info 26 Nov 2007 12:52:39 -0000 1.7
@@ -1,35 +1,29 @@
Package: libkpathsea4
-Version: 3.0
-Revision: 1007
-Description: Complete distribution of the TeX typesetting system
-BuildDepends: <<
- t1lib5, libpng3 (>= 1:1.2.8-1), libwww, libncurses5 (>= 5.4-20041023-1006),
tetex-texmf (>= 3.0-1)
-<<
+Version: 3.5.6
+Revision: 1
+Description: Path search library for TeX
+BuildDepends: tetex-texmf (>= 3.0-1), fink (>= 0.24.12)
BuildDependsOnly: true
Depends: %N-shlibs (= %v-%r)
Conflicts: tetex-dev, ptex-dev
Replaces: tetex-dev, tetex-base (<= 2.0.2-46), tetex-nox (<= 2.0.2-24),
ptex-base (<< 3.1.8)
-Source:
ftp://cam.ctan.org/tex-archive/systems/unix/teTeX/%v/distrib/tetex-src-%v.tar.gz
+Source: mirror:ctan:systems/unix/teTeX/3.0/distrib/tetex-src-3.0.tar.gz
Source-MD5: 944a4641e79e61043fdaf8f38ecbb4b3
-Source2:
http://fink.sodan.ecc.u-tokyo.ac.jp/pkgdists/tetex-%v-magstep-20060511.patch
-Source2-MD5: c88f4c99f3e984c0d3ff540373f2e359
-Source3: http://sarovar.org/tracker/download.php/106/493/378/119/xputenv.c
-Source3-MD5: 9b271c52c4a591c23cacb81a2230c042
+Source2:
http://fink.sodan.ecc.u-tokyo.ac.jp/pkgdists/kpathsea-3.5.6-tetex-3.0.patch.gz
+Source2-MD5: 8c855399616a49e26e411e6ed5db5092
+PatchFile: tetex.patch
+PatchFile-MD5: b5bc9d386f66b9542970d63adcf8270d
PatchScript: <<
- sed 's|@PREFIX@|%p|g' < %a/tetex.patch | sed 's|@PACKAGE@|%n-%v-%r|g' | patch
-p1
+ sed 's|@PREFIX@|%p|g' < %{PatchFile} | sed 's|@PACKAGE@|%n-%v-%r|g' | patch
-p1
perl -pi -e "s|hardcode_direct=yes|hardcode_direct=no|" texk/configure
texk/kpathsea/configure utils/texinfo/configure
perl -pi -e 's,-flat_namespace -undefined suppress,-twolevel_namespace
-undefined error,g' texk/configure texk/kpathsea/configure
utils/texinfo/configure
perl -pi -e 's,\*\.obj\),*.obj | *.dSYM),' texk/configure
texk/kpathsea/configure utils/texinfo/configure
- patch -p1 < ../tetex-%v-magstep-20060511.patch
- cp ../xputenv.c texk/kpathsea/
+ gzip -dc ../kpathsea-3.5.6-tetex-3.0.patch.gz | patch -p1
<<
ConfigureParams: <<
--without-texi2html --without-texinfo --enable-shared \
--datadir='${prefix}/share' --infodir='${prefix}/share/info' \
- --mandir='${prefix}/share/man' --disable-multiplatform --with-system-ncurses \
- --with-system-pnglib --with-system-t1lib --with-system-wwwlib \
- --with-system-zlib \
- --with-system-gd \
+ --mandir='${prefix}/share/man' --disable-multiplatform \
--without-x
<<
CompileScript: <<
@@ -46,11 +40,11 @@
InfoDocs: kpathsea.info
SplitOff: <<
Package: %N-shlibs
- Description: Shared libraries for a teTeX installation
+ Description: Shared libraries of path search library for TeX
Files: lib/libkpathsea.*.dylib
Shlibs: %p/lib/libkpathsea.4.dylib 5.0.0 %n (>= 3.0-1)
DocFiles: LICENSE.src README README.fink
<<
-License: OSI-Approved
+License: LGPL
Maintainer: Dave Morrison <[EMAIL PROTECTED]>
-Homepage: http://www.tug.org/teTeX
+Homepage: http://www.tug.org/kpathsea/
Index: tetex.info
===================================================================
RCS file: /cvsroot/fink/dists/10.4/stable/main/finkinfo/text/tetex.info,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- tetex.info 12 May 2007 14:56:33 -0000 1.5
+++ tetex.info 26 Nov 2007 12:52:40 -0000 1.6
@@ -2,13 +2,14 @@
Package: tetex%type_pkg[-nox]
Type: -nox (boolean)
Version: 3.0
-Revision: 1002
+Revision: 1005
GCC: 4.0
Description: Complete distribution of the TeX typesetting system
Depends: %N-base (= %v-%r), texinfo, debianutils, texi2html
BuildDepends: <<
- libkpathsea4, t1lib5, libpng3 (>= 1:1.2.8-1), libwww, libncurses5 (>=
5.4-20041023-1006),
+ libkpathsea4 (>= 3.5.6-1), t1lib5-nox, libpng3 (>= 1:1.2.8-1), libwww,
libncurses5 (>= 5.4-20041023-1006), fink (>= 0.24.12),
libjpeg, libiconv-dev,
+ (%type_raw[-nox] = .) t1lib5-x11,
(%type_raw[-nox] = .) gd2 (>= 2.0.33-1),
(%type_raw[-nox] = .) x11,
(%type_raw[-nox] = .) openmotif3
@@ -28,11 +29,40 @@
Suggests: foiltex
Source:
ftp://cam.ctan.org/tex-archive/systems/unix/teTeX/3.0/distrib/tetex-src-%v.tar.gz
Source-MD5: 944a4641e79e61043fdaf8f38ecbb4b3
+Source2:
http://fink.sodan.ecc.u-tokyo.ac.jp/pkgdists/kpathsea-3.5.6-tetex-3.0.patch.gz
+Source2-MD5: 8c855399616a49e26e411e6ed5db5092
+Source3:
http://fink.sodan.ecc.u-tokyo.ac.jp/pkgdists/tetex-3.0-security-200709.tar.bz2
+Source3-MD5: 461b069855d8c2852c647ebe44f7e1af
+Tar3FilesRename: tetex-3.0-security-200709:tetex-3.0-security
+PatchFile: tetex.patch
+PatchFile-MD5: b5bc9d386f66b9542970d63adcf8270d
PatchScript: <<
- sed 's|@PREFIX@|%p|g' < %a/tetex.patch | sed 's|@PACKAGE@|%n-%v-%r|g' | patch
-p1
+ sed 's|@PREFIX@|%p|g' < %{PatchFile} | sed 's|@PACKAGE@|%n-%v-%r|g' | patch
-p1
perl -pi -e "s|hardcode_direct=yes|hardcode_direct=no|" texk/configure
texk/kpathsea/configure utils/texinfo/configure
perl -pi -e 's,-flat_namespace -undefined suppress,-twolevel_namespace
-undefined error,g' texk/configure texk/kpathsea/configure
utils/texinfo/configure
perl -pi -e 's,\*\.obj\),*.obj | *.dSYM),' texk/configure
texk/kpathsea/configure utils/texinfo/configure
+ gzip -dc ../kpathsea-3.5.6-tetex-3.0.patch.gz | patch -p1
+
+ # Fix dvipdfm buffer overflow (imported from tetex-3.0-20.FC5)
+ patch -p1 < ../tetex-3.0-security/tetex-3.0-dvipdfm.patch
+
+ # Don't use tmpnam() in dvipdfm. (impoted from tetex-3.0-4.FC4)
+ patch -p1 < ../tetex-3.0-security/tetex-2.0.2-dvipdfm-security.patch
+
+ # Fix xpdf overflows CVE-2005-3193 (impoted from tetex-3.0-20.fc5)
+ patch -p1 < ../tetex-3.0-security/tetex-3.0-CVE-2005-3193.patch
+
+ # Fix xpdf integer overflow CVE-2007-3387 (imported from tetex-3.0-40.1.fc7)
+ patch -p1 < ../tetex-3.0-security/tetex-3.0-CVE-2007-3387.patch
+
+ # http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104
+ patch -d libs -p1 <
../tetex-3.0-security/post-3.5.5-kdegraphics-CVE-2007-0104.diff
+
+ # Don't use PID for temporary file names in scripts. (impoted from FC4)
+ patch -p1 < ../tetex-3.0-security/tetex-3.0-badscript.patch
+
+ # Fix overflows in makeindex CVE-2007-0650 (impoted from tetex-3.0-34.fc6)
+ patch -p1 < ../tetex-3.0-security/tetex-3.0-CVE-2007-0650.patch
<<
NoSetMAKEFLAGS: true
SetMAKEFLAGS: -j1
@@ -93,9 +123,10 @@
Package: %N-base
Description: Base programs for a teTeX installation
Depends: <<
- t1lib5-shlibs, libpng3-shlibs (>= 1:1.2.8-1),
+ t1lib5-nox-shlibs, libpng3-shlibs (>= 1:1.2.8-1),
libwww-bin, libncurses5-shlibs (>= 5.4-20041023-1006), ncurses (>=
5.4-20041023-1006),
- fink (>= 0.12.0-1), libkpathsea4-shlibs (>= 3.0-1), tetex-texmf (>= 3.0-1),
+ fink (>= 0.12.0-1), libkpathsea4-shlibs (>= 3.5.6-1), tetex-texmf (>= 3.0-1),
+ (%type_raw[-nox] = .) t1lib5-x11-shlibs,
(%type_raw[-nox] = -nox) ghostscript-nox,
(%type_raw[-nox] = .) ghostscript,
(%type_raw[-nox] = .) gd2-shlibs (>= 2.0.33-1),
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Fink-commits mailing list
Fink-commits@lists.sourceforge.net
http://news.gmane.org/gmane.os.apple.fink.cvs
