diff --git a/0003-various-security-fixes.patch b/0003-various-security-fixes.patch index 3f318ca..7dd1bea 100644 --- a/0003-various-security-fixes.patch +++ b/0003-various-security-fixes.patch @@ -1,6 +1,6 @@ -From 8989e9e33080ed5a6e940bfbca3a4ef28b3264b5 Mon Sep 17 00:00:00 2001 +From 36115e102859badb08cb5b2398de6b0ba45421d3 Mon Sep 17 00:00:00 2001 From: Jan Vcelak -Date: Tue, 1 Jan 2013 15:35:04 +0100 +Date: Tue, 4 Nov 2014 14:36:47 +0100 Subject: [PATCH] various security fixes CVE-2009-5044 (#709413) @@ -14,21 +14,21 @@ Signed-off-by: Jan Vcelak contrib/eqn2graph/eqn2graph.sh | 2 ++ contrib/gdiffmk/tests/runtests.in | 5 +++-- contrib/grap2graph/grap2graph.sh | 2 ++ - contrib/groffer/perl/groffer.pl | 10 +++++----- - contrib/groffer/perl/roff2.pl | 2 +- + contrib/groffer/main_subs.pl | 10 +++++----- + contrib/groffer/roff2.pl | 2 +- contrib/pdfmark/pdfroff.man | 5 +++-- contrib/pic2graph/pic2graph.sh | 2 ++ - doc/fixinfo.sh | 4 +++- + doc/fixinfo.sh | 5 +++-- doc/groff.info-2 | 6 +++--- doc/groff.texinfo | 6 +++--- gendef.sh | 10 +++------- - 11 files changed, 30 insertions(+), 24 deletions(-) + 11 files changed, 30 insertions(+), 25 deletions(-) diff --git a/contrib/eqn2graph/eqn2graph.sh b/contrib/eqn2graph/eqn2graph.sh -index 2f1fa56..c628423 100644 +index ee7cc5f..13edf78 100644 --- a/contrib/eqn2graph/eqn2graph.sh +++ b/contrib/eqn2graph/eqn2graph.sh -@@ -69,6 +69,8 @@ for d in "$GROFF_TMPDIR" "$TMPDIR" "$TMP" "$TEMP" /tmp; do +@@ -67,6 +67,8 @@ for d in "$GROFF_TMPDIR" "$TMPDIR" "$TMP" "$TEMP" /tmp; do tmp=$d/eqn2graph$$-$RANDOM (umask 077 && mkdir $tmp) 2> /dev/null && break @@ -54,10 +54,10 @@ index 714ce48..40a35c4 100644 # Run tests. diff --git a/contrib/grap2graph/grap2graph.sh b/contrib/grap2graph/grap2graph.sh -index 580e340..fe38041 100644 +index 58544e1..aeab832 100644 --- a/contrib/grap2graph/grap2graph.sh +++ b/contrib/grap2graph/grap2graph.sh -@@ -65,6 +65,8 @@ for d in "$GROFF_TMPDIR" "$TMPDIR" "$TMP" "$TEMP" /tmp; do +@@ -63,6 +63,8 @@ for d in "$GROFF_TMPDIR" "$TMPDIR" "$TMP" "$TEMP" /tmp; do tmp=$d/grap2graph$$-$RANDOM (umask 077 && mkdir $tmp) 2> /dev/null && break @@ -66,20 +66,20 @@ index 580e340..fe38041 100644 done; if test -z "$tmp"; then echo "$0: cannot create temporary directory" >&2 -diff --git a/contrib/groffer/perl/groffer.pl b/contrib/groffer/perl/groffer.pl -index 65d4cdb..fd11ab1 100755 ---- a/contrib/groffer/perl/groffer.pl -+++ b/contrib/groffer/perl/groffer.pl -@@ -1379,7 +1379,7 @@ sub _check_prog_on_list { - ######################################################################## - - sub main_temp { +diff --git a/contrib/groffer/main_subs.pl b/contrib/groffer/main_subs.pl +index 90627cc..76896cd 100644 +--- a/contrib/groffer/main_subs.pl ++++ b/contrib/groffer/main_subs.pl +@@ -1239,7 +1239,7 @@ sub main_temp { + our $fh_stdin; + our $tmp_cat; + our $tmp_stdin; - my $template = 'groffer_' . "$$" . '_XXXX'; + my $template = 'groffer_' . "$$" . '_XXXXXXXXXX'; foreach ($ENV{'GROFF_TMPDIR'}, $ENV{'TMPDIR'}, $ENV{'TMP'}, $ENV{'TEMP'}, $ENV{'TEMPDIR'}, File::Spec->catfile($ENV{'HOME'}, 'tmp')) { if ($_ && -d $_ && -w $_) { -@@ -1410,12 +1410,12 @@ sub main_temp { +@@ -1271,12 +1271,12 @@ sub main_temp { # further argument: SUFFIX => '.sh' if ($Debug{'KEEP'}) { @@ -96,11 +96,11 @@ index 65d4cdb..fd11ab1 100755 DIR => $tmpdir); } } # main_temp() -diff --git a/contrib/groffer/perl/roff2.pl b/contrib/groffer/perl/roff2.pl -index 0e1f17a..b9eb67e 100755 ---- a/contrib/groffer/perl/roff2.pl -+++ b/contrib/groffer/perl/roff2.pl -@@ -124,7 +124,7 @@ if ($Has_Groffer) { +diff --git a/contrib/groffer/roff2.pl b/contrib/groffer/roff2.pl +index d8dad3f..f0ca9f2 100755 +--- a/contrib/groffer/roff2.pl ++++ b/contrib/groffer/roff2.pl +@@ -123,7 +123,7 @@ if ($Has_Groffer) { last; } } @@ -110,19 +110,19 @@ index 0e1f17a..b9eb67e 100755 if ($tempdir) { ($fh, $stdin) = tempfile($template, UNLINK => 1, DIR => $tempdir) || diff --git a/contrib/pdfmark/pdfroff.man b/contrib/pdfmark/pdfroff.man -index 3a1d705..73650a8 100644 +index ec412bb..faf2898 100644 --- a/contrib/pdfmark/pdfroff.man +++ b/contrib/pdfmark/pdfroff.man -@@ -529,7 +529,7 @@ defaults to +@@ -555,7 +555,7 @@ defaults to .B GROFF_TMPDIR Identifies the directory in which .B pdfroff -should create temporary files. +should create a subdirectory for its temporary files. + . If .B \%GROFF_TMPDIR - is -@@ -541,7 +541,8 @@ and +@@ -568,7 +568,8 @@ and .B TEMP are considered in turn, as possible temporary file repositories. If none of these are set, then temporary files are created @@ -133,10 +133,10 @@ index 3a1d705..73650a8 100644 .TP .B GROFF_GHOSTSCRIPT_INTERPRETER diff --git a/contrib/pic2graph/pic2graph.sh b/contrib/pic2graph/pic2graph.sh -index 0c45610..874aad0 100644 +index 72c5477..6b3360d 100644 --- a/contrib/pic2graph/pic2graph.sh +++ b/contrib/pic2graph/pic2graph.sh -@@ -80,6 +80,8 @@ for d in "$GROFF_TMPDIR" "$TMPDIR" "$TMP" "$TEMP" /tmp; do +@@ -78,6 +78,8 @@ for d in "$GROFF_TMPDIR" "$TMPDIR" "$TMP" "$TEMP" /tmp; do tmp=$d/pic2graph$$-$RANDOM (umask 077 && mkdir $tmp) 2> /dev/null \ && break @@ -146,26 +146,27 @@ index 0c45610..874aad0 100644 if test -z "$tmp"; then echo "$0: cannot create temporary directory" >&2 diff --git a/doc/fixinfo.sh b/doc/fixinfo.sh -index 2c853f8..a0e8295 100644 +index 2c853f8..6954e6a 100644 --- a/doc/fixinfo.sh +++ b/doc/fixinfo.sh -@@ -22,7 +22,9 @@ +@@ -22,8 +22,9 @@ # groff.texinfo macro code. Hopefully, a new texinfo version makes it # unnecessary. -t=${TMPDIR-.}/gro$$.tmp +- +t="`mktemp -t groff-fixinfo.XXXXXXXXXX`" || exit +trap 'rm -f -- "$t"' EXIT +trap 'trap - EXIT; rm -f -- "$t"; exit 1' HUP INT QUIT TERM - cat $1 | sed ' 1 { + N diff --git a/doc/groff.info-2 b/doc/groff.info-2 -index 3e169ec..e964dd6 100644 +index 7eaae86..e7dab72 100644 --- a/doc/groff.info-2 +++ b/doc/groff.info-2 -@@ -1957,9 +1957,9 @@ not there, `groff' would not know when to stop. - +@@ -1697,9 +1697,9 @@ not there, 'groff' would not know when to stop. + time into a document: .sy perl -e 'printf ".nr H %d\\n.nr M %d\\n.nr S %d\\n",\ - (localtime(time))[2,1,0]' > /tmp/x\n[$$] @@ -176,12 +177,12 @@ index 3e169ec..e964dd6 100644 + .sy rm timefile\n[$$] \nH:\nM:\nS - Note that this works by having the `perl' script (run by `sy') + Note that this works by having the 'perl' script (run by 'sy') diff --git a/doc/groff.texinfo b/doc/groff.texinfo -index bf77e95..914ba8b 100644 +index 066b527..83684da 100644 --- a/doc/groff.texinfo +++ b/doc/groff.texinfo -@@ -13660,9 +13660,9 @@ into a document: +@@ -13736,9 +13736,9 @@ into a document: @pindex perl @Example .sy perl -e 'printf ".nr H %d\\n.nr M %d\\n.nr S %d\\n",\ @@ -189,16 +190,16 @@ index bf77e95..914ba8b 100644 -.so /tmp/x\n[$$] -.sy rm /tmp/x\n[$$] + (localtime(time))[2,1,0]' > timefile\n[$$] -+.so timefile\n[$$] -+.sy rm timefile\n[$$] +++.so timefile\n[$$] +++.sy rm timefile\n[$$] \nH:\nM:\nS @endExample diff --git a/gendef.sh b/gendef.sh -index ad4ccb2..c25e2d4 100644 +index 41a511b..050bcbe 100644 --- a/gendef.sh +++ b/gendef.sh -@@ -34,11 +34,9 @@ do +@@ -33,11 +33,9 @@ do #define $def" done @@ -213,7 +214,7 @@ index ad4ccb2..c25e2d4 100644 sed -e 's/=/ /' >$t < -Date: Tue, 23 Jul 2013 14:09:50 +0200 +Date: Tue, 4 Nov 2014 14:49:57 +0100 Subject: [PATCH] don't use /usr/bin/env in shebang There might be an issue that the script is executed with unwanted version of @@ -8,14 +8,14 @@ There might be an issue that the script is executed with unwanted version of Resolves: #987069 --- - contrib/chem/chem.pl | 2 +- - contrib/groffer/perl/groffer.pl | 2 +- - contrib/groffer/perl/roff2.pl | 2 +- - src/roff/grog/grog.pl | 2 +- + contrib/chem/chem.pl | 2 +- + contrib/groffer/groffer.pl | 2 +- + contrib/groffer/roff2.pl | 2 +- + src/roff/grog/grog.pl | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/contrib/chem/chem.pl b/contrib/chem/chem.pl -index dacf8b4..932606a 100755 +index 1a8b3cc..15eda5f 100755 --- a/contrib/chem/chem.pl +++ b/contrib/chem/chem.pl @@ -1,4 +1,4 @@ @@ -24,20 +24,20 @@ index dacf8b4..932606a 100755 # chem - a groff preprocessor for producing chemical structure diagrams -diff --git a/contrib/groffer/perl/groffer.pl b/contrib/groffer/perl/groffer.pl -index f56fbfc..d0352d0 100755 ---- a/contrib/groffer/perl/groffer.pl -+++ b/contrib/groffer/perl/groffer.pl +diff --git a/contrib/groffer/groffer.pl b/contrib/groffer/groffer.pl +index 4e2e575..913e8eb 100755 +--- a/contrib/groffer/groffer.pl ++++ b/contrib/groffer/groffer.pl @@ -1,4 +1,4 @@ -#! /usr/bin/env perl +#! /usr/bin/perl # groffer - display groff files -diff --git a/contrib/groffer/perl/roff2.pl b/contrib/groffer/perl/roff2.pl -index cf95f95..9ba6860 100755 ---- a/contrib/groffer/perl/roff2.pl -+++ b/contrib/groffer/perl/roff2.pl +diff --git a/contrib/groffer/roff2.pl b/contrib/groffer/roff2.pl +index f0ca9f2..1b8577f 100755 +--- a/contrib/groffer/roff2.pl ++++ b/contrib/groffer/roff2.pl @@ -1,4 +1,4 @@ -#! /usr/bin/env perl +#! /usr/bin/perl @@ -45,7 +45,7 @@ index cf95f95..9ba6860 100755 # roff2* - transform roff files into other formats diff --git a/src/roff/grog/grog.pl b/src/roff/grog/grog.pl -index 3f33d86..77adf78 100644 +index fb7b54c..9baa869 100644 --- a/src/roff/grog/grog.pl +++ b/src/roff/grog/grog.pl @@ -1,4 +1,4 @@ @@ -55,5 +55,5 @@ index 3f33d86..77adf78 100644 # Inspired by doctype script in Kernighan & Pike, Unix Programming # Environment, pp 306-8. -- -1.7.11.7 +1.9.3 diff --git a/0005-Add-missing-rule-for-gropdf.patch b/0005-Add-missing-rule-for-gropdf.patch new file mode 100644 index 0000000..2ab9eed --- /dev/null +++ b/0005-Add-missing-rule-for-gropdf.patch @@ -0,0 +1,25 @@ +From 65c9f2f5152b3eebba8494cbead00d79d1dcbb1c Mon Sep 17 00:00:00 2001 +From: Jan Chaloupka +Date: Wed, 12 Nov 2014 08:23:00 +0100 +Subject: [PATCH] Add missing rule for gropdf + +--- + Makefile.in | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/Makefile.in b/Makefile.in +index 4b5a5c6..7ae9ac2 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -896,6 +896,8 @@ $(GNULIBDIRS): FORCE + $(MAKE) ACLOCAL=: AUTOCONF=: AUTOHEADER=: AUTOMAKE=: $(do) ;; \ + esac + ++$(SHPROGDIRS): $(PROGDEPDIRS) ++ + $(OTHERDIRS): $(PROGDEPDIRS) $(CCPROGDIRS) $(CPROGDIRS) $(SHPROGDIRS) + + $(INCDIRS) $(PROGDEPDIRS) $(SHPROGDIRS) $(OTHERDIRS): FORCE +-- +1.9.3 + diff --git a/groff.spec b/groff.spec index 5a9e7c2..db71857 100644 --- a/groff.spec +++ b/groff.spec @@ -2,8 +2,8 @@ Summary: A document formatting system Name: groff -Version: 1.22.2 -Release: 11%{?dist} +Version: 1.22.3 +Release: 1%{?dist} License: GPLv3+ and GFDL and BSD and MIT Group: Applications/Publishing URL: http://www.gnu.org/software/groff/ @@ -16,6 +16,8 @@ Patch1: 0002-load-site-font-and-site-tmac-from-etc-groff.patch Patch2: 0003-various-security-fixes.patch # resolves: #987069 Patch3: 0004-don-t-use-usr-bin-env-in-shebang.patch +# SSIA +Patch4: 0005-Add-missing-rule-for-gropdf.patch Requires: coreutils, /sbin/install-info, groff-base = %{version}-%{release} Requires(post): info @@ -201,6 +203,13 @@ fi %{_bindir}/pic2graph %{_bindir}/refer %{_bindir}/tfmtodit +%{_libdir}/groff/glilypond/args.pl +%{_libdir}/groff/glilypond/oop_fh.pl +%{_libdir}/groff/glilypond/subs.pl +%{_libdir}/groff/gpinyin/subs.pl +%{_libdir}/groff/groff_opts_no_arg.txt +%{_libdir}/groff/groff_opts_with_arg.txt +%{_libdir}/groff/grog/subs.pl %{_mandir}/man1/addftinfo.* %{_mandir}/man1/eqn2graph.* %{_mandir}/man1/gdiffmk.* @@ -303,6 +312,9 @@ fi %{_datadir}/%{name}/%{version}/tmac/www.tmac # programs %{_bindir}/eqn +%{_bindir}/glilypond +%{_bindir}/gperl +%{_bindir}/gpinyin %{_bindir}/groff %{_bindir}/grops %{_bindir}/grotty @@ -316,6 +328,9 @@ fi %{_bindir}/tbl %{_bindir}/troff %{_mandir}/man1/eqn.* +%{_mandir}/man1/glilypond.* +%{_mandir}/man1/gperl.* +%{_mandir}/man1/gpinyin.* %{_mandir}/man1/groff.* %{_mandir}/man1/grops.* %{_mandir}/man1/grotty.* @@ -401,6 +416,10 @@ fi %doc %{_pkgdocdir}/pdf/ %changelog +* Tue Nov 04 2014 jchaloup - 1.22.3-1 +- Update to 1.22.3 + resolves: #1160256 + * Sat Aug 16 2014 Fedora Release Engineering - 1.22.2-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild diff --git a/sources b/sources index a33af05..0f9c163 100644 --- a/sources +++ b/sources @@ -1 +1,2 @@ 9f4cd592a5efc7e36481d8d8d8af6d16 groff-1.22.2.tar.gz +cc825fa64bc7306a885f2fb2268d3ec5 groff-1.22.3.tar.gz