Hello community, here is the log from the commit of package transfig for openSUSE:Factory checked in at 2017-12-19 10:49:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/transfig (Old) and /work/SRC/openSUSE:Factory/.transfig.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "transfig" Tue Dec 19 10:49:59 2017 rev:36 rq:544416 version:3.2.6a Changes: -------- --- /work/SRC/openSUSE:Factory/transfig/transfig.changes 2017-02-07 12:06:30.903752405 +0100 +++ /work/SRC/openSUSE:Factory/.transfig.new/transfig.changes 2017-12-19 10:50:02.429816665 +0100 @@ -1,0 +2,11 @@ +Wed Nov 22 12:25:21 UTC 2017 - wer...@suse.de + +- Added patches + * fig2dev-3.2.6a-RGBFILE.patch to let rgb.txt be located via + environment variable FIG2DEV_RGBFILE + * fig2dev-3.2.6a-man-typo.patch to fix simple typo in manual page + * fig2dev-3.2.6a-input-sanitizing.patch to do some input + sanitizing when reading FIG files (bsc#1069257, CVE-2017-16899) + * fig2dev-3.2.6a-style-overflow.patch + +------------------------------------------------------------------- New: ---- fig2dev-3.2.6a-RGBFILE.patch fig2dev-3.2.6a-input-sanitizing.patch fig2dev-3.2.6a-man-typo.patch fig2dev-3.2.6a-style-overflow.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ transfig.spec ++++++ --- /var/tmp/diff_new_pack.izhg4e/_old 2017-12-19 10:50:03.493765304 +0100 +++ /var/tmp/diff_new_pack.izhg4e/_new 2017-12-19 10:50:03.493765304 +0100 @@ -54,9 +54,9 @@ Version: 3.2.6a Release: 0 Summary: Graphic Converter +#Source: http://sourceforge.net/projects/mcj/files/fig2dev-%{version}.tar.xz/download#/fig2dev-%{version}.tar.xz License: MIT Group: Productivity/Graphics/Convertors -#Source: http://sourceforge.net/projects/mcj/files/fig2dev-%{version}.tar.xz/download#/fig2dev-%{version}.tar.xz Source: fig2dev-%{version}.tar.xz Patch0: transfig-3.2.6.dif Patch2: transfig.3.2.5-binderman.dif @@ -65,6 +65,10 @@ Patch42: fig2dev-3.2.6-genps_oldpatterns.patch Patch43: fig2dev-3.2.6-fig2mpdf.patch Patch44: fig2dev-3.2.6-fig2mpdf-doc.patch +Patch45: fig2dev-3.2.6a-RGBFILE.patch +Patch46: fig2dev-3.2.6a-man-typo.patch +Patch47: fig2dev-3.2.6a-input-sanitizing.patch +Patch48: fig2dev-3.2.6a-style-overflow.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %{expand: %%global _exec_prefix %(type -p pkg-config &>/dev/null && pkg-config --variable prefix x11 || echo /usr/X11R6)} %if "%_exec_prefix" == "/usr/X11R6" @@ -108,6 +112,10 @@ %patch42 -p2 -b .oldp %patch43 -p2 -b .mpdf %patch44 -p1 -b .mpdfdoc +%patch45 -p1 -b .p45 +%patch46 -p1 -b .p46 +%patch47 -p1 -b .p47 +%patch48 -p1 -b .p48 %build CC=gcc ++++++ fig2dev-3.2.6a-RGBFILE.patch ++++++ From: Roland Rosenfeld <rol...@debian.org> Subject: rgb.txt can not be located via FIG2DEV_RGBFILE environment variable. This allows to run the test suite without the package being installed before. --- a/fig2dev/colors.c +++ b/fig2dev/colors.c @@ -27,6 +27,7 @@ #include "pi.h" #include "fig2dev.h" +#include <stdlib.h> struct color_db { char *name; @@ -108,10 +109,15 @@ read_colordb(void) char s[100], s1[100], *c1, *c2; unsigned short r,g,b; struct color_db *col; + char *rgbfile; - fp = fopen(RGB_FILE, "r"); + rgbfile = getenv("FIG2DEV_RGBFILE"); + if (rgbfile == NULL) { + rgbfile = RGB_FILE; + } + fp = fopen(rgbfile, "r"); if (fp == NULL) { - fprintf(stderr,"Couldn't open the RGB database file '%s'\n", RGB_FILE); + fprintf(stderr,"Couldn't open the RGB database file '%s'\n", rgbfile); return -1; } if ((Xcolors = (struct color_db*) malloc(maxcolors*sizeof(struct color_db))) ++++++ fig2dev-3.2.6a-input-sanitizing.patch ++++++ Description: Some input sanitizing when reading FIG files. Bug-Debian: https://bugs.debian.org/881143 Bug-Debian: https://bugs.debian.org/881144 Author: Thomas Loimer <thomas.loi...@tuwien.ac.at> --- a/fig2dev/read.c +++ b/fig2dev/read.c @@ -1329,8 +1329,14 @@ read_textobject(FILE *fp) | PSFONT_TEXT; /* keep the font number reasonable */ - if (t->font > MAXFONT(t)) + if (t->font > MAXFONT(t)) { t->font = MAXFONT(t); + } else if (t->font < 0 ) { + if (psfont_text(t) && t->font < -1) + t->font = -1; + else + t->font = 0; + } fix_and_note_color(&t->color); t->comments = attach_comments(); /* attach any comments */ return t; --- a/fig2dev/read1_3.c +++ b/fig2dev/read1_3.c @@ -470,6 +470,15 @@ read_textobject(FILE *fp) free((char*) t); return(NULL); } + /* keep the font number within valid range */ + if (t->font > MAXFONT(t)) { + t->font = MAXFONT(t); + } else if (t->font < 0 ) { + if (psfont_text(t) && t->font < -1) + t->font = -1; + else + t->font = 0; + } (void)strcpy(t->cstring, buf); if (t->size == 0) t->size = 18; return(t); ++++++ fig2dev-3.2.6a-man-typo.patch ++++++ From: Roland Rosenfeld <rol...@debian.org> Subject: Fix typo in man page fig2ps2tex. --- a/man/fig2ps2tex.1 +++ b/man/fig2ps2tex.1 @@ -22,7 +22,7 @@ for those systems with csh and dc. Note that the .I psfig macro package provides a more sophisticated approach to including -Postscript files in LaTeX docuements. +Postscript files in LaTeX documents. .I Fig2ps2tex works with plain TeX however. ++++++ fig2dev-3.2.6a-style-overflow.patch ++++++ Description: Sanitize input of fill patterns. Bug-Debian: https://bugs.debian.org/881396 Author: Thomas Loimer <thomas.loi...@tuwien.ac.at> --- a/fig2dev/read.c +++ b/fig2dev/read.c @@ -71,6 +71,8 @@ static int save_comment(void); #define FILL_CONVERT(f) ((v2_flag || (f) < WHITE_FILL) \ ? (v30_flag? f: (f-1)) : 20 - ((f)-1)*5) +#define FILL_SANITIZE(f) ((f) < UNFILLED || (f) >= \ + NUMSHADES + NUMTINTS + NUMPATTERNS) ? UNFILLED : f /* input buffer size */ #define BUF_SIZE 1024 @@ -547,6 +549,7 @@ read_arcobject(FILE *fp) } a->thickness *= round(THICK_SCALE); a->fill_style = FILL_CONVERT(a->fill_style); + a->fill_style = FILL_SANITIZE(a->fill_style); NOTE_FILL(a); fix_and_note_color(&a->pen_color); if (fa) { @@ -730,6 +733,7 @@ read_ellipseobject(void) fix_and_note_color(&e->pen_color); e->thickness *= round(THICK_SCALE); e->fill_style = FILL_CONVERT(e->fill_style); + e->fill_style = FILL_SANITIZE(e->fill_style); NOTE_FILL(e); e->comments = attach_comments(); /* attach any comments */ return e; @@ -895,6 +899,7 @@ read_lineobject(FILE *fp) l->radius *= round(THICK_SCALE); l->thickness *= round(THICK_SCALE); l->fill_style = FILL_CONVERT(l->fill_style); + l->fill_style = FILL_SANITIZE(l->fill_style); NOTE_FILL(l); fix_and_note_color(&l->pen_color); if (fa) { @@ -1051,6 +1056,7 @@ read_splineobject(FILE *fp) } s->thickness *= round(THICK_SCALE); s->fill_style = FILL_CONVERT(s->fill_style); + s->fill_style = FILL_SANITIZE(s->fill_style); NOTE_FILL(s); fix_and_note_color(&s->pen_color); if (fa) {