Resolves: #2209870, CVE-2023-32700
This commit is contained in:
Than Ngo
parent
8e88b19195
commit
dfa3442a5e
File diff suppressed because it is too large
Load Diff
38
texlive.spec
38
texlive.spec
|
|
@ -15,7 +15,7 @@
|
|||
|
||||
Name: texlive
|
||||
Version: %{source_date}
|
||||
Release: 28%{?dist}
|
||||
Release: 29%{?dist}
|
||||
Epoch: %{tl_epoch}
|
||||
Summary: TeX formatting system
|
||||
Group: Applications/Publishing
|
||||
|
|
@ -54,6 +54,7 @@ BuildRequires: libtool
|
|||
BuildRequires: gmp-devel
|
||||
BuildRequires: mpfr-devel
|
||||
BuildRequires: chrpath
|
||||
BuildRequires: dos2unix
|
||||
|
||||
Requires: texlive-scheme-basic
|
||||
Requires: texlive-collection-latexrecommended
|
||||
|
|
@ -882,6 +883,10 @@ Patch15: texlive-20180414-poppler-20.11.0-luatex.patch
|
|||
Patch16: texlive-xdvi-ghostcripts.patch
|
||||
Patch17: texlive-20180414-beamer-doc.patch
|
||||
|
||||
# upstream patch
|
||||
# LuaTeX Security Vulnerabilities CVE-2023-32700
|
||||
Patch100: texlive-2018-luatex-CVE-2023-32700.patch
|
||||
|
||||
%description
|
||||
The TeX Live software distribution offers a complete TeX system for a
|
||||
variety of Unix, Macintosh, Windows and other platforms. It
|
||||
|
|
@ -23821,25 +23826,27 @@ words.
|
|||
%setup -q -c -T
|
||||
xz -dc %{SOURCE0} | tar x
|
||||
[ -e %{source_name} ] && mv %{source_name} source
|
||||
%patch1 -p0
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch5 -p0
|
||||
%patch -P1 -p0
|
||||
%patch -P2 -p1
|
||||
%patch -P3 -p1
|
||||
%patch -P5 -p0
|
||||
%if 0%{?fedora} >= 28 || 0%{?rhel} >= 8
|
||||
%patch7 -p1 -b .newpoppler
|
||||
%patch -P7 -p1 -b .newpoppler
|
||||
%endif
|
||||
%patch11 -p1 -b .annocheck
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
%patch -P11 -p1 -b .annocheck
|
||||
%patch -P12 -p1
|
||||
%patch -P13 -p1
|
||||
pushd source
|
||||
%patch15 -p1
|
||||
%patch16 -p1
|
||||
%patch -P15 -p1
|
||||
%patch -P16 -p1
|
||||
popd
|
||||
# Setup copies of the licenses
|
||||
for l in `unxz -c %{SOURCE2} | tar t`; do
|
||||
ln -s %{_texdir}/licenses/$l $l
|
||||
done
|
||||
|
||||
# covert to unix fileformat
|
||||
dos2unix source/texk/web2c/luatexdir/lua/luatex-core.lua
|
||||
%patch -P100 -p1
|
||||
|
||||
%build
|
||||
export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -Werror=format-security"
|
||||
|
|
@ -24644,26 +24651,22 @@ xz -dc %{SOURCE8033} | tar x -C %{buildroot}%{_texdir}/texmf-dist
|
|||
# Patches to component tarballs
|
||||
pushd %{buildroot}%{_texdir}/texmf-dist
|
||||
patch -p1 < %{_sourcedir}/texlive-20180414-tlmgr-ignore-warning.patch
|
||||
# %%patch14 -p1
|
||||
popd
|
||||
|
||||
# XML validity
|
||||
pushd %{buildroot}%{_texdir}/texmf-dist/
|
||||
patch -p0 < %{_sourcedir}/texlive-20180414-xml.patch
|
||||
# %%patch8 -p0
|
||||
rm -f doc/otherformats/xmltex/base/{englishutf16.xml,russiankoi8.xml}
|
||||
popd
|
||||
|
||||
# support python3 and fix mangling shebang
|
||||
pushd %{buildroot}%{_texdir}/texmf-dist/
|
||||
patch -p0 < %{_sourcedir}/texlive-2017-python3.patch
|
||||
# %%patch9 -p0
|
||||
popd
|
||||
|
||||
# Patch beamer.doc
|
||||
pushd %{buildroot}%{_texdir}/texmf-dist/
|
||||
patch -p0 < %{_sourcedir}/texlive-20180414-beamer-doc.patch
|
||||
# %%patch17 -p0
|
||||
popd
|
||||
|
||||
# adjust python3 shebang to make it point at #!%%{_python3}
|
||||
|
|
@ -27261,6 +27264,9 @@ fi
|
|||
%doc %{_texdir}/texmf-dist/doc/latex/translator/
|
||||
|
||||
%changelog
|
||||
* Thu May 25 2023 Than Ngo <than@redhat.com> - 7:20180414-29
|
||||
- Resolves: #2209870, CVE-2023-32700
|
||||
|
||||
* Mon Dec 12 2022 Than Ngo <than@redhat.com> - 7:20180414-28
|
||||
- Related: #2150727, fix rpminspect issues
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue