From 9e0d35be9017977846a6cf16b9f99db49c6b31de Mon Sep 17 00:00:00 2001 From: hira Date: Sun, 13 Sep 2009 03:54:13 +0000 Subject: Update to 2.4.3. This is bug fix release. It fixes the following security vulnerabilities. * CVE-2009-0200/CVE-2009-0201: Manipulated Microsoft Word files can lead to heap overflows and arbitrary code execution * CVE-2009-2414/CVE-2009-2416: Manipulated XML documents can lead to arbitrary code execution Release notes: http://development.openoffice.org/releases/2.4.3.html - Fix getline() problem (patches from misc/openoffice3/patches). - Use internal neon (9 patches are required to use external neon). - Use internal openssl for internal neon. - Disable VBA extension (enabling this causes build error). --- misc/openoffice2/Makefile | 13 ++++--------- misc/openoffice2/distinfo | 29 ++++++++++++++++------------- misc/openoffice2/patches/patch-ga | 16 ++++++++++++++++ misc/openoffice2/patches/patch-gb | 16 ++++++++++++++++ misc/openoffice2/patches/patch-gc | 25 +++++++++++++++++++++++++ 5 files changed, 77 insertions(+), 22 deletions(-) create mode 100644 misc/openoffice2/patches/patch-ga create mode 100644 misc/openoffice2/patches/patch-gb create mode 100644 misc/openoffice2/patches/patch-gc (limited to 'misc') diff --git a/misc/openoffice2/Makefile b/misc/openoffice2/Makefile index 2b07e475241..0062f13d570 100644 --- a/misc/openoffice2/Makefile +++ b/misc/openoffice2/Makefile @@ -1,10 +1,9 @@ -# $NetBSD: Makefile,v 1.73 2009/09/10 00:27:08 tnn Exp $ +# $NetBSD: Makefile,v 1.74 2009/09/13 03:54:13 hira Exp $ # -OO_VER= 2.4.2 +OO_VER= 2.4.3 DISTNAME= openoffice-${OO_VER} PKGNAME= openoffice2-${OO_VER} -PKGREVISION= 12 CATEGORIES= misc MASTER_SITES= ${MASTER_SITE_OPENOFFICE:=stable/${OO_VER}/} DIST_SUBDIR= ${DISTNAME} @@ -30,7 +29,7 @@ DEPENDS+= libpaper-[0-9]*:../../print/libpaper .include "../../mk/bsd.prefs.mk" -WRKSRC= ${WRKDIR}/OOH680_m18 +WRKSRC= ${WRKDIR}/OOH680_m21 CONFIGURE_DIRS= config_office # Cannot compile with 3.3.x (GCC Bugzilla Bug 16879). @@ -89,12 +88,12 @@ CONFIGURE_ENV+= BLNK_PREFIX_nas=${BUILDLINK_PREFIX.nas} CONFIGURE_ENV+= ac_cv_path_SYSTEM_GENBRK=${PREFIX}/bin/genbrk CONFIGURE_ENV+= ac_cv_path_SYSTEM_GENCCODE=${PREFIX}/sbin/genccode CONFIGURE_ENV+= ac_cv_path_SYSTEM_GENCMN=${PREFIX}/sbin/gencmn -CONFIGURE_ENV+= USE_BUILTIN_openssl=${USE_BUILTIN.openssl} CONFIGURE_ARGS+= --with-use-shell=bash CONFIGURE_ARGS+= --enable-binfilter CONFIGURE_ARGS+= --enable-cairo CONFIGURE_ARGS+= --disable-ldap +CONFIGURE_ARGS+= --disable-vba CONFIGURE_ARGS+= --with-system-stdlibs CONFIGURE_ARGS+= --with-system-curl CONFIGURE_ARGS+= --with-system-db @@ -104,8 +103,6 @@ CONFIGURE_ARGS+= --with-system-icu CONFIGURE_ARGS+= --with-system-jpeg CONFIGURE_ARGS+= --with-system-libxml2 CONFIGURE_ARGS+= --with-system-libxslt -CONFIGURE_ARGS+= --with-system-neon -CONFIGURE_ARGS+= --with-system-openssl CONFIGURE_ARGS+= --with-system-python CONFIGURE_ARGS+= --with-system-zlib CONFIGURE_ARGS+= --with-dynamic-xinerama @@ -195,13 +192,11 @@ post-install: .include "../../graphics/hicolor-icon-theme/buildlink3.mk" .include "../../graphics/jpeg/buildlink3.mk" .include "../../lang/python/application.mk" -.include "../../security/openssl/buildlink3.mk" .include "../../textproc/expat/buildlink3.mk" .include "../../textproc/icu/buildlink3.mk" .include "../../textproc/libxml2/buildlink3.mk" .include "../../textproc/libxslt/buildlink3.mk" .include "../../www/curl/buildlink3.mk" -.include "../../www/neon/buildlink3.mk" .include "../../x11/libX11/buildlink3.mk" .include "../../x11/libXaw/buildlink3.mk" .include "../../x11/libXcursor/buildlink3.mk" diff --git a/misc/openoffice2/distinfo b/misc/openoffice2/distinfo index 13b9ce9e84c..758fd69a2cc 100644 --- a/misc/openoffice2/distinfo +++ b/misc/openoffice2/distinfo @@ -1,17 +1,17 @@ -$NetBSD: distinfo,v 1.54 2009/09/10 00:27:08 tnn Exp $ +$NetBSD: distinfo,v 1.55 2009/09/13 03:54:13 hira Exp $ -SHA1 (openoffice-2.4.2/OOo_2.4.2_src_binfilter.tar.bz2) = 1c7f652c71ad3364a98d79d4f6751db00c7daa99 -RMD160 (openoffice-2.4.2/OOo_2.4.2_src_binfilter.tar.bz2) = 09662444f359f86bb7eeec0c035ae29360e989e5 -Size (openoffice-2.4.2/OOo_2.4.2_src_binfilter.tar.bz2) = 6674731 bytes -SHA1 (openoffice-2.4.2/OOo_2.4.2_src_core.tar.bz2) = f84782887062011f34c5c8f0279c40d159051a34 -RMD160 (openoffice-2.4.2/OOo_2.4.2_src_core.tar.bz2) = d29ed7d23a7616b05d855c172e6f148aeb0f4b69 -Size (openoffice-2.4.2/OOo_2.4.2_src_core.tar.bz2) = 153673147 bytes -SHA1 (openoffice-2.4.2/OOo_2.4.2_src_l10n.tar.bz2) = c59fefaf9f7e3372fbeb2a1e468270613b7b1fa6 -RMD160 (openoffice-2.4.2/OOo_2.4.2_src_l10n.tar.bz2) = 7a2bf7cbe404b7fe8cb61c670717f54046e1cab9 -Size (openoffice-2.4.2/OOo_2.4.2_src_l10n.tar.bz2) = 81193726 bytes -SHA1 (openoffice-2.4.2/OOo_2.4.2_src_system.tar.bz2) = 67dd2af4c25a311c2e83a7dcd3a8229378ee1625 -RMD160 (openoffice-2.4.2/OOo_2.4.2_src_system.tar.bz2) = 172fcde006f5e81f3be526ab50dbb10a67d277b3 -Size (openoffice-2.4.2/OOo_2.4.2_src_system.tar.bz2) = 44071903 bytes +SHA1 (openoffice-2.4.3/OOo_2.4.3_src_binfilter.tar.bz2) = 8c5175b933df18fa88adec59d366e5b191555d22 +RMD160 (openoffice-2.4.3/OOo_2.4.3_src_binfilter.tar.bz2) = be6e0215d00ff78ecfd35ba51c86b37e9c2ba899 +Size (openoffice-2.4.3/OOo_2.4.3_src_binfilter.tar.bz2) = 6738021 bytes +SHA1 (openoffice-2.4.3/OOo_2.4.3_src_core.tar.bz2) = 40193da67ec5f76d7528e03c94599f4db8e61dfb +RMD160 (openoffice-2.4.3/OOo_2.4.3_src_core.tar.bz2) = 44fde99dbd4991c893dd18816f8e98e54fb0aacd +Size (openoffice-2.4.3/OOo_2.4.3_src_core.tar.bz2) = 152311420 bytes +SHA1 (openoffice-2.4.3/OOo_2.4.3_src_l10n.tar.bz2) = 89c3420231808b0492dc07c83f5dc0421a3c5836 +RMD160 (openoffice-2.4.3/OOo_2.4.3_src_l10n.tar.bz2) = 540dd0fdae81b1f434db73882691b5d62cd0c75d +Size (openoffice-2.4.3/OOo_2.4.3_src_l10n.tar.bz2) = 81490942 bytes +SHA1 (openoffice-2.4.3/OOo_2.4.3_src_system.tar.bz2) = a250d4327bb4bcf8e025fbe7c706121044cfc949 +RMD160 (openoffice-2.4.3/OOo_2.4.3_src_system.tar.bz2) = 01441eeaa0785b8988f1d464974119b54572f009 +Size (openoffice-2.4.3/OOo_2.4.3_src_system.tar.bz2) = 41621781 bytes SHA1 (patch-ac) = ed6d84d40c3543eed754d74a5e65caf137f31c3d SHA1 (patch-ad) = f26b60c05bf061c9d1f245826954cb642861dd98 SHA1 (patch-ag) = 6c2f17424cfc85b5bc923a650167f14b7acabfd4 @@ -74,3 +74,6 @@ SHA1 (patch-eg) = 0c6119bd2a91c91ab71348558b8c75224ffa90dc SHA1 (patch-eh) = bb09b068066309ccdc1dc707b8d97e2dd9bf64e5 SHA1 (patch-ei) = b8b0ca35c15cff58cc53a937f8f3a127e4cd0d03 SHA1 (patch-ej) = 1300efe96fb675b89df2c345cc68f1fc79a8bd69 +SHA1 (patch-ga) = ba2ecca04fa39f37180080338fe9107f854ceb95 +SHA1 (patch-gb) = adabfee3d06e31741b462f5f9ab6dab26a243688 +SHA1 (patch-gc) = 91865d8bd5cdb0499f4b63d626b6ef22ef0c37b2 diff --git a/misc/openoffice2/patches/patch-ga b/misc/openoffice2/patches/patch-ga new file mode 100644 index 00000000000..b78b926b9be --- /dev/null +++ b/misc/openoffice2/patches/patch-ga @@ -0,0 +1,16 @@ +$NetBSD: patch-ga,v 1.1 2009/09/13 03:54:13 hira Exp $ + +Fix build with getline() in libc. +From http://bugs.gentoo.org/show_bug.cgi?id=270263 + +--- soltools/mkdepend/def.h.orig 2007-07-19 00:01:07.000000000 +0900 ++++ soltools/mkdepend/def.h 2009-09-12 20:56:00.000000000 +0900 +@@ -151,7 +151,7 @@ + + char *copy(); + char *base_name(); +-char *getline(); ++char *ooo_getline(); + struct symtab *slookup(); + struct symtab *isdefined(); + struct symtab *fdefined(); diff --git a/misc/openoffice2/patches/patch-gb b/misc/openoffice2/patches/patch-gb new file mode 100644 index 00000000000..b9cdfe2a056 --- /dev/null +++ b/misc/openoffice2/patches/patch-gb @@ -0,0 +1,16 @@ +$NetBSD: patch-gb,v 1.1 2009/09/13 03:54:14 hira Exp $ + +Fix build with getline() in libc. +From http://bugs.gentoo.org/show_bug.cgi?id=270263 + +--- soltools/mkdepend/main.c.orig 2007-10-15 23:29:29.000000000 +0900 ++++ soltools/mkdepend/main.c 2009-09-12 20:53:46.000000000 +0900 +@@ -543,7 +543,7 @@ + * Get the next line. We only return lines beginning with '#' since that + * is all this program is ever interested in. + */ +-char *getline(filep) ++char *ooo_getline(filep) + register struct filepointer *filep; + { + register char *p, /* walking pointer */ diff --git a/misc/openoffice2/patches/patch-gc b/misc/openoffice2/patches/patch-gc new file mode 100644 index 00000000000..45a7bb35c57 --- /dev/null +++ b/misc/openoffice2/patches/patch-gc @@ -0,0 +1,25 @@ +$NetBSD: patch-gc,v 1.1 2009/09/13 03:54:14 hira Exp $ + +Fix build with getline() in libc. +From http://bugs.gentoo.org/show_bug.cgi?id=270263 + +--- soltools/mkdepend/parse.c.orig 2006-09-22 17:57:33.000000000 +0900 ++++ soltools/mkdepend/parse.c 2009-09-12 20:56:36.000000000 +0900 +@@ -45,7 +45,7 @@ + register int type; + boolean recfailOK; + +- while ((line = getline(filep))) { ++ while ((line = ooo_getline(filep))) { + switch(type = deftype(line, filep, file_red, file, TRUE)) { + case IF: + doif: +@@ -167,7 +167,7 @@ + register char *line; + register int type; + +- while ((line = getline(filep))) { ++ while ((line = ooo_getline(filep))) { + switch(type = deftype(line, filep, file_red, file, FALSE)) { + case IF: + case IFFALSE: -- cgit v1.2.3