[gentoo-commits] repo/gentoo:master commit in: dev-libs/kpathsea/, dev-libs/kpathsea/files/

Thu, 01 Dec 2016 09:42:24 -0800 

commit:     9649e2aae8ded6f8f43aa6e85bc53e048a77c9c4
Author:     Alexis Ballier <aballier <AT> gentoo <DOT> org>
AuthorDate: Thu Dec  1 17:36:31 2016 +0000
Commit:     Alexis Ballier <aballier <AT> gentoo <DOT> org>
CommitDate: Thu Dec  1 17:36:37 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9649e2aa

dev-libs/kpathsea: fix insecure use of /tmp, bug #536454

Package-Manager: portage-2.3.2

 dev-libs/kpathsea/files/insecure_tmp_mktexlsr.patch     | 17 +++++++++++++++++
 ...521-r1.ebuild => kpathsea-6.2.1_p20150521-r2.ebuild} |  1 +
 2 files changed, 18 insertions(+)

diff --git a/dev-libs/kpathsea/files/insecure_tmp_mktexlsr.patch 
b/dev-libs/kpathsea/files/insecure_tmp_mktexlsr.patch
new file mode 100644
index 00000000..36d2094
--- /dev/null
+++ b/dev-libs/kpathsea/files/insecure_tmp_mktexlsr.patch
@@ -0,0 +1,17 @@
+https://bugzilla.redhat.com/show_bug.cgi?id=1181167
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775139
+https://bugs.gentoo.org/show_bug.cgi?id=536454
+
+Index: kpathsea/mktexlsr
+===================================================================
+--- kpathsea.orig/mktexlsr
++++ kpathsea/mktexlsr
+@@ -73,7 +73,7 @@ if tty -s; then verbose=true; else verbo
+ dry_run=false
+ trees=
+ 
+-treefile="${TMPDIR-/tmp}/mktexlsrtrees$$.tmp"
++treefile=`mktemp --tmpdir mktexlsrtrees.XXXXXXXXXX` || exit 1
+ trap 'cd /; rm -f $treefile; test -z "$db_dir_tmp" || rm -rf "$db_dir_tmp"; 
+       exit' 0 1 2 3 7 13 15
+ 

diff --git a/dev-libs/kpathsea/kpathsea-6.2.1_p20150521-r1.ebuild 
b/dev-libs/kpathsea/kpathsea-6.2.1_p20150521-r2.ebuild
similarity index 98%
rename from dev-libs/kpathsea/kpathsea-6.2.1_p20150521-r1.ebuild
rename to dev-libs/kpathsea/kpathsea-6.2.1_p20150521-r2.ebuild
index 7829ed5..a678e17 100644
--- a/dev-libs/kpathsea/kpathsea-6.2.1_p20150521-r1.ebuild
+++ b/dev-libs/kpathsea/kpathsea-6.2.1_p20150521-r2.ebuild
@@ -41,6 +41,7 @@ SRC_URI="${SRC_URI} ) "
 TEXMF_PATH=/usr/share/texmf-dist
 
 src_prepare() {
+       epatch "${FILESDIR}/insecure_tmp_mktexlsr.patch"
        cd "${WORKDIR}/texlive-${PV#*_p}-source"
        S="${WORKDIR}/texlive-${PV#*_p}-source" elibtoolize #sane .so 
versionning on gfbsd
        cp "${FILESDIR}/texmf-update-r2" "${S}"/texmf-update

Reply via email to