SOURCES/enscript-CVE-vasnprintf.patch

@@ -0,0 +1,15 @@
+diff --git a/intl/vasnprintf.c b/intl/vasnprintf.c
+index 4a8e7f0..65ade71 100644
+--- a/intl/vasnprintf.c
++++ b/intl/vasnprintf.c
+@@ -758,7 +758,9 @@ convert_to_decimal (mpn_t a, size_t extra_zeroes)
+   size_t a_len = a.nlimbs;
+   /* 0.03345 is slightly larger than log(2)/(9*log(10)).  */
+   size_t c_len = 9 * ((size_t)(a_len * (GMP_LIMB_BITS * 0.03345f)) + 1);
+-  char *c_ptr = (char *) malloc (xsum (c_len, extra_zeroes));
++  /* We need extra_zeroes bytes for zeroes, followed by c_len bytes for the
++     digits of a, followed by 1 byte for the terminating NUL.  */
++  char *c_ptr = (char *) malloc (xsum (xsum (extra_zeroes, c_len), 1));
+   if (c_ptr != NULL)
+     {
+       char *d_ptr = c_ptr;

SPECS/enscript.spec

@@ -1,7 +1,7 @@
 Summary: A plain ASCII to PostScript converter
 Name: enscript
 Version: 1.6.6
-Release: 17%{?dist}
+Release: 28%{?dist}
 License: GPLv3+ and LGPLv2+ and GPLv2+
 URL: http://www.gnu.org/software/enscript
 # Tarball exists nowhere. You have to obtain it via:
@@ -24,18 +24,31 @@ Patch12:enscript-rh477382.patch
 Patch13:enscript-build.patch
 Patch14:enscript-manfixes.patch
 Patch15: enscript-bufpos-crash.patch
+# 1664367 - adding support for 2 other encodings, enscript cannot print f.e. euro symbol
+# without it
+# rhbz: https://bugzilla.redhat.com/show_bug.cgi?id=1664367
+# upstream patch: http://lists.gnu.org/archive/html/bug-enscript/2018-04/msg00008.html
 Patch16: 0001-enscript-newencodings.patch
-
-Requires(preun): /sbin/install-info
-Requires(post): /sbin/install-info
-Obsoletes: nenscript < 1.13++-13
-Provides: nenscript = 1.13++-13
+# enscript bundles some gnulib source files, so some issues or CVEs in gnulib can be
+# present in enscript
+# gnulib CVE: https://bugzilla.redhat.com/show_bug.cgi?id=1635896
+Patch17: enscript-CVE-vasnprintf.patch
 
 # gcc is no longer in buildroot by default
 BuildRequires: gcc
+# uses make
+BuildRequires: make
 BuildRequires: autoconf, automake, gettext
 BuildRequires: gettext-devel
 
+# our downstreamed gnulib bundles some gnulib files, so we need to provide
+# this one. I'm not sure why we have gnulib files there, because upstream
+# does not have these files. The correct way would be to extract these files,
+# fix Makefiles to link correct gnulib and requires gnulib-'something' in spec
+# file, but enscript is lowly used+low maintenance+mostly dead upstream package,
+# so there is a little merit of doing it...
+Provides: bundled(gnulib)
+
 %description
 GNU enscript is a free replacement for Adobe's Enscript
 program. Enscript converts ASCII files to PostScript(TM) and spools
@@ -52,7 +65,10 @@ includes many options for customizing printouts
 %patch13 -p1 -b .build
 %patch14 -p1 -b .manfixes
 %patch15 -p1 -b .bufpos-crash
+# 1664367 - [RFE] Add support for 885915 encoding in enscript
 %patch16 -p1 -b .newencodings
+# CVE in gnulib
+%patch17 -p1 -b .vasnprintf
 
 %{__tar} -C states/hl -zxf %{SOURCE1} ruby.st
 install -pm 644 %{SOURCE2} states/hl/php.st
@@ -61,12 +77,12 @@ install -pm 644 %{SOURCE2} states/hl/php.st
 autoreconf -fiv
 export CPPFLAGS='-DPROTOTYPES'
 %configure --with-media=Letter
-make %{?_smp_mflags}
+%make_build
 
 
 %install
 mkdir -p %{buildroot}%{_datadir}/locale/{de,es,fi,fr,nl,sl}/LC_MESSAGES
-make DESTDIR=%{buildroot} install
+%make_install
 rm -f %{buildroot}%{_datadir}/info/dir
 
 %find_lang %name
@@ -89,19 +105,7 @@ for all in README THANKS; do
 	mv $all.new $all
 done
 
-%preun
-if [ $1 = 0 ]; then
-    [ -f %{_infodir}/%{name}.info.gz ] && \
-      /sbin/install-info --delete %{_infodir}/%{name}.info.gz \
-	%{_infodir}/dir || :
-fi
-
-%post
-[ -f %{_infodir}/%{name}.info.gz ] && \
-  /sbin/install-info %{_infodir}/%{name}.info.gz %{_infodir}/dir || :
-
 %files -f %{name}.lang -f share.list
-%defattr(-,root,root,-)
 %doc AUTHORS ChangeLog COPYING docs/FAQ.html NEWS README README.ESCAPES THANKS TODO
 %{_bindir}/*
 %{_mandir}/man1/*
@@ -110,12 +114,49 @@ fi
 %config(noreplace) %{_sysconfdir}/enscript.cfg
 
 %changelog
-* Fri Jun 07 2019 Zdenek Dohnal <zdohnal@redhat.com> - 1.6.6-17
-- 1664366 - [RFE] Add support for 885915 encoding in enscript
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.6.6-28
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
 
-* Tue Jul 24 2018 Zdenek Dohnal <zdohnal@redhat.com> - 1.6.6-16
+* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 1.6.6-27
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.6-26
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Thu Nov 05 2020 Zdenek Dohnal <zdohnal@redhat.com> - 1.6.6-25
+- make is no longer in buildroot by default
+
+* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.6-24
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Mon Jul 13 2020 Tom Stellard <tstellar@redhat.com> - 1.6.6-23
+- Use make macros
+- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
+
+* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.6-22
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.6-21
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.6-20
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Tue Jan 29 2019 Zdenek Dohnal <zdohnal@redhat.com> - 1.6.6-19
+- 1664367 - [RFE] Add support for 885915 encoding in enscript
+- remove old Obsoletes/Provides
+- fix gnulib CVE
+
+* Tue Jul 24 2018 Zdenek Dohnal <zdohnal@redhat.com> - 1.6.6-18
 - correcting license
 
+* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.6-17
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Mon Jun 18 2018 Zdenek Dohnal <zdohnal@redhat.com> - 1.6.6-16
+- remove install-info, info package does it now automatically when any package puts a file into %%_infodir
+
 * Mon Feb 19 2018 Zdenek Dohnal <zdohnal@redhat.com> - 1.6.6-15
 - gcc is no longer in buildroot by default