diff options
| author | tez <tez> | 2011-07-27 16:33:25 +0000 |
|---|---|---|
| committer | tez <tez> | 2011-07-27 16:33:25 +0000 |
| commit | c577fcef6747a77664cad94647ed9d2789a73f19 (patch) | |
| tree | 3d71ce50a6257dad15221009c483b631f1a52d52 /textproc | |
| parent | 0879d0934b40d02301a1e08b3197845c128b0a91 (diff) | |
| download | pkgsrc-c577fcef6747a77664cad94647ed9d2789a73f19.tar.gz | |
Adjust pdfroff security patch to not use '-p' option to mktemp which is
missing on some platforms. fixes PR#45181
Diffstat (limited to 'textproc')
| -rw-r--r-- | textproc/groff/Makefile | 4 | ||||
| -rw-r--r-- | textproc/groff/distinfo | 4 | ||||
| -rw-r--r-- | textproc/groff/patches/patch-contrib_pdfmark_pdfroff.sh | 5 |
3 files changed, 7 insertions, 6 deletions
diff --git a/textproc/groff/Makefile b/textproc/groff/Makefile index a7c8b650ee7..ece5843a803 100644 --- a/textproc/groff/Makefile +++ b/textproc/groff/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.58 2011/07/19 21:09:38 tez Exp $ +# $NetBSD: Makefile,v 1.59 2011/07/27 16:33:25 tez Exp $ # DISTNAME= groff-1.20.1 -PKGREVISION= 4 +PKGREVISION= 5 CATEGORIES= textproc MASTER_SITES= ${MASTER_SITE_GNU:=groff/} diff --git a/textproc/groff/distinfo b/textproc/groff/distinfo index 86f29d54f22..e8814a52980 100644 --- a/textproc/groff/distinfo +++ b/textproc/groff/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.15 2011/07/19 21:09:38 tez Exp $ +$NetBSD: distinfo,v 1.16 2011/07/27 16:33:25 tez Exp $ SHA1 (groff-1.20.1.tar.gz) = 3066587d73df73c2bda235034f4515cf52d22549 RMD160 (groff-1.20.1.tar.gz) = ec311727206d183fb04f1b4bd01c1284142fdb52 @@ -15,7 +15,7 @@ SHA1 (patch-contrib_grap2graph_grap2graph.sh) = 5b5a5ac958edc8d4f5e828b57198178b SHA1 (patch-contrib_groffer_perl_groffer.pl) = 2583145fe594a11619cf237ca38a20bbbfee17f1 SHA1 (patch-contrib_groffer_perl_roff2.pl) = 8ee9d4bba3c25a391b406e4dfac6352d414f7263 SHA1 (patch-contrib_pdfmark_pdfroff.man) = c2a48a9f16650044a493d23192d9c00c2dabbc67 -SHA1 (patch-contrib_pdfmark_pdfroff.sh) = 0f23f02561913aaf9fabd2f41236de62b79bdf71 +SHA1 (patch-contrib_pdfmark_pdfroff.sh) = 8ff3360392c214940854a1b93a5f262c37e3cd2e SHA1 (patch-contrib_pic2graph_pic2graph.sh) = 447e25325f3c26be1e5fa8b6cd0bc05d9f99474e SHA1 (patch-doc_fixinfo.sh) = 7ad376be722b712b129f736804b9c8c30789da2d SHA1 (patch-doc_groff.info-2) = a5e366af0bc9ee018664d2ba9192b136980af6ce diff --git a/textproc/groff/patches/patch-contrib_pdfmark_pdfroff.sh b/textproc/groff/patches/patch-contrib_pdfmark_pdfroff.sh index 0b8a53a2fc5..22b381f4a8a 100644 --- a/textproc/groff/patches/patch-contrib_pdfmark_pdfroff.sh +++ b/textproc/groff/patches/patch-contrib_pdfmark_pdfroff.sh @@ -1,4 +1,4 @@ -$NetBSD: patch-contrib_pdfmark_pdfroff.sh,v 1.1 2011/07/19 21:09:39 tez Exp $ +$NetBSD: patch-contrib_pdfmark_pdfroff.sh,v 1.2 2011/07/27 16:33:25 tez Exp $ Fix many temporary file handling issues, including in pdfroff (resolves CVE-2009-5044 / SA44999) @@ -6,6 +6,7 @@ Patches copied from: http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff?rev=1.2 Modified for pkgsrc and excluded a documentaion change to doc/groff.texinfo that changes a `makeinfo' is too old warning into a fatal error. +Modified to not use '-p' option to mktemp which is missing on some platforms. Added patch to make pdfroff.sh use -dSAFER See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538338 for why. @@ -18,7 +19,7 @@ See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538338 for why. # - WRKFILE=${GROFF_TMPDIR=${TMPDIR-${TMP-${TEMP-"."}}}}/pdf$$.tmp + MYTMPDIR=${GROFF_TMPDIR-${TMPDIR-${TMP-${TEMP-"/tmp"}}}} -+ WRKDIR="`unset TMPDIR && mktemp -dp "$MYTMPDIR" groff-pdfroff.XXXXXXXXXX`" || exit ++ WRKDIR="`TMPDIR=$MYTMPDIR mktemp -d -t groff-pdfroff.XXXXXXXXXX`" || exit + + trap 'rm -rf -- "$WRKDIR"' EXIT + trap 'trap - EXIT; rm -rf -- "$WRKDIR"; exit 1' HUP INT QUIT PIPE TERM |