Fixes security issues
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3863
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4306
Fix From FreeBSD
http://www.FreeBSD.org/cgi/query-pr.cgi?prp=128958-1-txt&n=/1.6.4_1-to-1.6.4_2-fix-CVE-2008-4306.diff
Ian McWilliam
Index: Makefile
===================================================================
RCS file: /cvs/ports/print/enscript/Makefile,v
retrieving revision 1.24
diff -u -a -r1.24 Makefile
--- Makefile 15 Sep 2007 21:36:44 -0000 1.24
+++ Makefile 17 Dec 2008 00:45:35 -0000
@@ -3,7 +3,7 @@
COMMENT= convert ASCII files to PostScript
DISTNAME= enscript-1.6.3
-PKGNAME= ${DISTNAME}p1
+PKGNAME= ${DISTNAME}p2
CATEGORIES= print
HOMEPAGE= http://www.codento.com/people/mtr/genscript/
Index: patches/patch-afm_Makefile_in
===================================================================
RCS file: /cvs/ports/print/enscript/patches/patch-afm_Makefile_in,v
retrieving revision 1.1
diff -u -a -r1.1 patch-afm_Makefile_in
--- patches/patch-afm_Makefile_in 11 Feb 2005 17:57:31 -0000 1.1
+++ patches/patch-afm_Makefile_in 17 Dec 2008 00:45:35 -0000
@@ -1,7 +1,7 @@
$OpenBSD: patch-afm_Makefile_in,v 1.1 2005/02/11 17:57:31 naddy Exp $
---- afm/Makefile.in.orig Thu Jan 24 08:39:24 2002
-+++ afm/Makefile.in Fri Feb 11 18:47:55 2005
-@@ -227,14 +227,14 @@ maintainer-clean-generic clean mostlycle
+--- afm/Makefile.in.orig Thu Jan 24 18:39:24 2002
++++ afm/Makefile.in Wed Dec 17 10:53:54 2008
+@@ -227,14 +227,14 @@ maintainer-clean-generic clean mostlyclean distclean m
install-data-local:
Index: patches/patch-src_gsint_h
===================================================================
RCS file: /cvs/ports/print/enscript/patches/patch-src_gsint_h,v
retrieving revision 1.1
diff -u -a -r1.1 patch-src_gsint_h
--- patches/patch-src_gsint_h 11 Feb 2005 19:12:42 -0000 1.1
+++ patches/patch-src_gsint_h 17 Dec 2008 00:45:35 -0000
@@ -1,7 +1,7 @@
$OpenBSD: patch-src_gsint_h,v 1.1 2005/02/11 19:12:42 naddy Exp $
---- src/gsint.h.orig Fri Feb 11 20:01:12 2005
-+++ src/gsint.h Fri Feb 11 20:01:25 2005
-@@ -701,4 +701,9 @@ FILE *printer_open ___P ((char *cmd, cha
+--- src/gsint.h.orig Wed Jul 12 01:28:06 2000
++++ src/gsint.h Wed Dec 17 10:53:54 2008
+@@ -701,4 +701,9 @@ FILE *printer_open ___P ((char *cmd, char *options, ch
*/
void printer_close ___P ((void *context));
Index: patches/patch-src_main_c
===================================================================
RCS file: /cvs/ports/print/enscript/patches/patch-src_main_c,v
retrieving revision 1.1
diff -u -a -r1.1 patch-src_main_c
--- patches/patch-src_main_c 11 Feb 2005 19:12:42 -0000 1.1
+++ patches/patch-src_main_c 17 Dec 2008 00:45:35 -0000
@@ -1,7 +1,7 @@
$OpenBSD: patch-src_main_c,v 1.1 2005/02/11 19:12:42 naddy Exp $
---- src/main.c.orig Fri Feb 11 20:01:12 2005
-+++ src/main.c Fri Feb 11 20:01:25 2005
-@@ -1546,9 +1546,13 @@ name width\theight\tllx\tlly
+--- src/main.c.orig Thu Jan 24 18:35:45 2002
++++ src/main.c Wed Dec 17 10:53:54 2008
+@@ -1546,9 +1546,13 @@ name width\theight\tllx\tlly\turx\tury\n\
buffer_append (&cmd, intbuf);
buffer_append (&cmd, " ");
@@ -18,7 +18,7 @@
buffer_append (&cmd, "-Dtoc=");
buffer_append (&cmd, toc ? "1" : "0");
-@@ -1565,8 +1569,14 @@ name width\theight\tllx\tlly
+@@ -1565,8 +1569,14 @@ name width\theight\tllx\tlly\turx\tury\n\
/* Append input files. */
for (i = optind; i < argc; i++)
{
@@ -35,7 +35,7 @@
}
/* And do the job. */
-@@ -1627,7 +1637,7 @@ name width\theight\tllx\tlly
+@@ -1627,7 +1637,7 @@ name width\theight\tllx\tlly\turx\tury\n\
buffer_ptr (opts), buffer_len (opts));
}
Index: patches/patch-src_psgen_c
===================================================================
RCS file: /cvs/ports/print/enscript/patches/patch-src_psgen_c,v
retrieving revision 1.1
diff -u -a -r1.1 patch-src_psgen_c
--- patches/patch-src_psgen_c 11 Feb 2005 19:12:42 -0000 1.1
+++ patches/patch-src_psgen_c 17 Dec 2008 00:45:35 -0000
@@ -1,7 +1,96 @@
$OpenBSD: patch-src_psgen_c,v 1.1 2005/02/11 19:12:42 naddy Exp $
---- src/psgen.c.orig Fri Feb 11 20:01:12 2005
-+++ src/psgen.c Fri Feb 11 20:01:25 2005
-@@ -2034,8 +2034,9 @@ dump_ps_page_header (char *fname, int em
+--- src/psgen.c.orig Thu Jan 24 18:38:58 2002
++++ src/psgen.c Wed Dec 17 11:39:56 2008
+@@ -24,6 +24,7 @@
+ * Boston, MA 02111-1307, USA.
+ */
+
++#include <limits.h>
+ #include "gsint.h"
+
+ /*
+@@ -124,7 +125,7 @@ struct gs_token_st
+ double xscale;
+ double yscale;
+ int llx, lly, urx, ury; /* Bounding box. */
+- char filename[512];
++ char filename[PATH_MAX];
+ char *skipbuf;
+ unsigned int skipbuf_len;
+ unsigned int skipbuf_pos;
+@@ -135,11 +136,11 @@ struct gs_token_st
+ Color bgcolor;
+ struct
+ {
+- char name[512];
++ char name[PATH_MAX];
+ FontPoint size;
+ InputEncoding encoding;
+ } font;
+- char filename[512];
++ char filename[PATH_MAX];
+ } u;
+ };
+
+@@ -248,7 +249,7 @@ static int do_print = 1;
+ static int user_fontp = 0;
+
+ /* The user ^...@font{}-defined font. */
+-static char user_font_name[256];
++static char user_font_name[PATH_MAX];
+ static FontPoint user_font_pt;
+ static InputEncoding user_font_encoding;
+
+@@ -978,7 +979,8 @@ large for page\n"),
+ FATAL ((stderr,
+ _("user font encoding can be only the system's
default or `ps'")));
+
+- strcpy (user_font_name, token.u.font.name);
++ memset (user_font_name, 0, sizeof(user_font_name));
++ strncpy (user_font_name, token.u.font.name,
sizeof(user_font_name) - 1);
+ user_font_pt.w = token.u.font.size.w;
+ user_font_pt.h = token.u.font.size.h;
+ user_font_encoding = token.u.font.encoding;
+@@ -1444,7 +1446,7 @@ read_special_escape (InputStream *is, Token *token)
+ buf[i] = ch;
+ if (i + 1 >= sizeof (buf))
+ FATAL ((stderr, _("too long argument for %s escape:\n%.*s"),
+- escapes[i].name, i, buf));
++ escapes[e].name, i, buf));
+ }
+ buf[i] = '\0';
+
+@@ -1452,7 +1454,8 @@ read_special_escape (InputStream *is, Token *token)
+ switch (escapes[e].escape)
+ {
+ case ESC_FONT:
+- strcpy (token->u.font.name, buf);
++ memset (token->u.font.name, 0, sizeof(token->u.font.name));
++ strncpy (token->u.font.name, buf, sizeof(token->u.font.name) - 1);
+
+ /* Check for the default font. */
+ if (strcmp (token->u.font.name, "default") == 0)
+@@ -1465,7 +1468,8 @@ read_special_escape (InputStream *is, Token *token)
+ FATAL ((stderr, _("malformed font spec for ^...@font escape:
%s"),
+ token->u.font.name));
+
+- strcpy (token->u.font.name, cp);
++ memset (token->u.font.name, 0, sizeof(token->u.font.name));
++ strncpy (token->u.font.name, cp, sizeof(token->u.font.name) - 1);
+ xfree (cp);
+ }
+ token->type = tFONT;
+@@ -1544,7 +1548,8 @@ read_special_escape (InputStream *is, Token *token)
+ break;
+
+ case ESC_SETFILENAME:
+- strcpy (token->u.filename, buf);
++ memset (token->u.filename, 0, sizeof(token->u.font.name));
++ strncpy (token->u.filename, buf, sizeof(token->u.filename) - 1);
+ token->type = tSETFILENAME;
+ break;
+
+@@ -2034,8 +2039,9 @@ dump_ps_page_header (char *fname, int empty)
else
{
ftail++;
@@ -13,7 +102,7 @@
}
if (nup > 1)
-@@ -2385,9 +2386,10 @@ recognize_eps_file (Token *token)
+@@ -2385,9 +2391,10 @@ recognize_eps_file (Token *token)
MESSAGE (2, (stderr, "^...@epsf=\"%s\"\n", token->u.epsf.filename));
i = strlen (token->u.epsf.filename);
@@ -25,7 +114,7 @@
token->u.epsf.pipe = 1;
token->u.epsf.filename[i - 1] = '\0';
token->u.epsf.fp = popen (token->u.epsf.filename, "r");
-@@ -2400,6 +2402,7 @@ recognize_eps_file (Token *token)
+@@ -2400,6 +2407,7 @@ recognize_eps_file (Token *token)
}
}
else
Index: patches/patch-src_util_c
===================================================================
RCS file: /cvs/ports/print/enscript/patches/patch-src_util_c,v
retrieving revision 1.1
diff -u -a -r1.1 patch-src_util_c
--- patches/patch-src_util_c 11 Feb 2005 19:12:42 -0000 1.1
+++ patches/patch-src_util_c 17 Dec 2008 00:45:35 -0000
@@ -1,6 +1,6 @@
$OpenBSD: patch-src_util_c,v 1.1 2005/02/11 19:12:42 naddy Exp $
---- src/util.c.orig Fri Feb 11 20:01:12 2005
-+++ src/util.c Fri Feb 11 20:01:25 2005
+--- src/util.c.orig Sat Sep 18 01:26:51 1999
++++ src/util.c Wed Dec 17 10:53:54 2008
@@ -1239,6 +1239,8 @@ escape_string (char *string)
/* Create result. */
@@ -10,7 +10,7 @@
for (i = 0, j = 0; string[i]; i++)
switch (string[i])
{
-@@ -1879,6 +1881,7 @@ is_open (InputStream *is, FILE *fp, char
+@@ -1879,6 +1881,7 @@ is_open (InputStream *is, FILE *fp, char *fname, char
char *cmd = NULL;
int cmdlen;
int i, pos;
@@ -18,7 +18,7 @@
is->is_pipe = 1;
-@@ -1902,12 +1905,16 @@ is_open (InputStream *is, FILE *fp, char
+@@ -1902,12 +1905,16 @@ is_open (InputStream *is, FILE *fp, char *fname, char
{
case 's':
/* Expand cmd-buffer. */
Index: patches/patch-states_hl_Makefile_in
===================================================================
RCS file: /cvs/ports/print/enscript/patches/patch-states_hl_Makefile_in,v
retrieving revision 1.1
diff -u -a -r1.1 patch-states_hl_Makefile_in
--- patches/patch-states_hl_Makefile_in 11 Feb 2005 17:57:31 -0000 1.1
+++ patches/patch-states_hl_Makefile_in 17 Dec 2008 00:45:35 -0000
@@ -1,7 +1,7 @@
$OpenBSD: patch-states_hl_Makefile_in,v 1.1 2005/02/11 17:57:31 naddy Exp $
---- states/hl/Makefile.in.orig Thu Jan 24 08:39:40 2002
-+++ states/hl/Makefile.in Fri Feb 11 18:48:57 2005
-@@ -234,14 +234,14 @@ maintainer-clean-generic clean mostlycle
+--- states/hl/Makefile.in.orig Thu Jan 24 18:39:40 2002
++++ states/hl/Makefile.in Wed Dec 17 10:53:54 2008
+@@ -234,14 +234,14 @@ maintainer-clean-generic clean mostlyclean distclean m
install-data-local:
