rpms/transfig
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Add patches from upstream git fixing a couple of issues which may have

Browse Source 
security implications (CVE-2021-3561)
This commit is contained in:
Hans de Goede 2021-05-29 17:58:21 +02:00
parent 3cb9157ef3
commit 5dfc999696
2 changed files with 545 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

538
fig2dev-upstream-git-patches.patch Normal file
View File

@ -0,0 +1,538 @@
From 3379fee1bc390997ce9428a11024c4885dc71b84 Mon Sep 17 00:00:00 2001
From: Thomas Loimer <thomas.loimer@tuwien.ac.at>
Date: Fri, 2 Apr 2021 17:13:55 +0200
Subject: [PATCH 1/7] Correctly return the status of popen() calls
When converting a fig file to a bitmap, and writing to a device with
too little space, the exit status of fig2dev was zero. Therefore, when
exporting from xfig, xfig could not note that something went wrong.
This might resolve part of the problem reported in ticket [#101].
---
fig2dev/dev/genbitmaps.c | 6 +++++-
fig2dev/dev/readeps.c | 5 +++--
fig2dev/dev/readpics.c | 9 +++++++--
fig2dev/dev/readppm.c | 4 +++-
version.m4 | 2 +-
5 files changed, 19 insertions(+), 7 deletions(-)
diff --git a/fig2dev/dev/genbitmaps.c b/fig2dev/dev/genbitmaps.c
index a6a804d..e478ba5 100644
--- a/fig2dev/dev/genbitmaps.c
+++ b/fig2dev/dev/genbitmaps.c
@@ -3,7 +3,7 @@
* Copyright (c) 1991 by Micah Beck
* Parts Copyright (c) 1985-1988 by Supoj Sutanthavibul
* Parts Copyright (c) 1989-2015 by Brian V. Smith
- * Parts Copyright (c) 2015-2020 by Thomas Loimer
+ * Parts Copyright (c) 2015-2021 by Thomas Loimer
*
* Any party obtaining a copy of these files is granted, free of charge, a
* full and unrestricted irrevocable, world-wide, paid up, royalty-free,
@@ -533,6 +533,10 @@ genbitmaps_end(void)
}
status = pclose(tfp);
+ if (WIFEXITED(status))
+ status = WEXITSTATUS(status);
+ else
+ status = -1;
tfp = NULL; /* Otherwise main() tries to close tfp again */
(void) signal(SIGPIPE, SIG_DFL);
diff --git a/fig2dev/dev/readeps.c b/fig2dev/dev/readeps.c
index 1436f7b..a7d6008 100644
--- a/fig2dev/dev/readeps.c
+++ b/fig2dev/dev/readeps.c
@@ -3,7 +3,7 @@
* Copyright (c) 1991 by Micah Beck
* Parts Copyright (c) 1985-1988 by Supoj Sutanthavibul
* Parts Copyright (c) 1989-2015 by Brian V. Smith
- * Parts Copyright (c) 2015-2020 by Thomas Loimer
+ * Parts Copyright (c) 2015-2021 by Thomas Loimer
*
* Any party obtaining a copy of these files is granted, free of charge, a
* full and unrestricted irrevocable, world-wide, paid up, royalty-free,
@@ -85,7 +85,8 @@ gsexe(FILE **out, bool *isnew, char *exenew, char *exeold)
n = fscanf(fp, "%lf", &rev);
stat = pclose(fp);
if (n != 1 || stat != 0)
- return stat == 0 ? failure : stat;
+ return stat == 0 ? failure : (WIFEXITED(stat) ?
+ WEXITSTATUS(stat) : failure);
if (rev > 9.49) {
exe = exenew;
diff --git a/fig2dev/dev/readpics.c b/fig2dev/dev/readpics.c
index 67cfe19..7f27307 100644
--- a/fig2dev/dev/readpics.c
+++ b/fig2dev/dev/readpics.c
@@ -3,7 +3,7 @@
* Copyright (c) 1991 by Micah Beck
* Parts Copyright (c) 1985-1988 by Supoj Sutanthavibul
* Parts Copyright (c) 1989-2015 by Brian V. Smith
- * Parts Copyright (c) 2015-2019 by Thomas Loimer
+ * Parts Copyright (c) 2015-2021 by Thomas Loimer
*
* Any party obtaining a copy of these files is granted, free of charge, a
* full and unrestricted irrevocable, world-wide, paid up, royalty-free,
@@ -253,12 +253,17 @@ close_stream(struct xfig_stream *restrict xf_stream)
} else {
/* a pipe */
char trash[BUFSIZ];
+ int status;
/* for a pipe, must read everything or
we'll get a broken pipe message */
while (fread(trash, (size_t)1, (size_t)BUFSIZ, xf_stream->fp) ==
(size_t)BUFSIZ)
;
- return pclose(xf_stream->fp);
+ status = pclose(xf_stream->fp);
+ if (WIFEXITED(status))
+ return WEXITSTATUS(status);
+ else
+ return -1;
}
}
diff --git a/fig2dev/dev/readppm.c b/fig2dev/dev/readppm.c
index 16dd025..e2c1d1c 100644
--- a/fig2dev/dev/readppm.c
+++ b/fig2dev/dev/readppm.c
@@ -3,7 +3,7 @@
* Copyright (c) 1991 by Micah Beck
* Parts Copyright (c) 1985-1988 by Supoj Sutanthavibul
* Parts Copyright (c) 1989-2015 by Brian V. Smith
- * Parts Copyright (c) 2015-2020 by Thomas Loimer
+ * Parts Copyright (c) 2015-2021 by Thomas Loimer
*
* Any party obtaining a copy of these files is granted, free of charge, a
* full and unrestricted irrevocable, world-wide, paid up, royalty-free,
@@ -326,6 +326,8 @@ read_ppm(F_pic *pic, struct xfig_stream *restrict pic_stream, int *llx,int *lly)
stat = -1;
}
remove(pcxname);
+ } else {
+ stat = -1;
}
if (pcxname != pcxname_buf)
--
2.31.1
From 43cfa693284b076e5d2cc100758a34b76db65e58 Mon Sep 17 00:00:00 2001
From: Thomas Loimer <thomas.loimer@tuwien.ac.at>
Date: Fri, 23 Apr 2021 22:31:27 +0200
Subject: [PATCH 2/7] Remove arrows from polygon with single point, ticket #114
When sanitizing line objects, a polygon consisting of too few points is
converted to a polyline. With this commit, the resulting polyline is
also sanitized, e.g, by removing arrow tips if the line consists only of
a single point.
---
fig2dev/read.c | 3 ++-
fig2dev/tests/read.at | 17 +++++++++++++++--
2 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/fig2dev/read.c b/fig2dev/read.c
index c12d3a0..7e18fda 100644
--- a/fig2dev/read.c
+++ b/fig2dev/read.c
@@ -3,7 +3,7 @@
* Copyright (c) 1991 by Micah Beck
* Parts Copyright (c) 1985-1988 by Supoj Sutanthavibul
* Parts Copyright (c) 1989-2015 by Brian V. Smith
- * Parts Copyright (c) 2015-2020 by Thomas Loimer
+ * Parts Copyright (c) 2015-2021 by Thomas Loimer
*
* Any party obtaining a copy of these files is granted, free of charge, a
* full and unrestricted irrevocable, world-wide, paid up, royalty-free,
@@ -936,6 +936,7 @@ sanitize_lineobject(
put_msg("A polygon with %d points at line %d - convert to a polyline.",
npts, line_no);
l->type = T_POLYLINE;
+ sanitize_lineobject(l, p, line_no);
return 0;
}
}
diff --git a/fig2dev/tests/read.at b/fig2dev/tests/read.at
index 4b2d80f..f43cc80 100644
--- a/fig2dev/tests/read.at
+++ b/fig2dev/tests/read.at
@@ -2,7 +2,7 @@ dnl Fig2dev: Translate Fig code to various Devices
dnl Copyright (c) 1991 by Micah Beck
dnl Parts Copyright (c) 1985-1988 by Supoj Sutanthavibul
dnl Parts Copyright (c) 1989-2015 by Brian V. Smith
-dnl Parts Copyright (c) 2015-2020 by Thomas Loimer
+dnl Parts Copyright (c) 2015-2021 by Thomas Loimer
dnl
dnl Any party obtaining a copy of these files is granted, free of charge, a
dnl full and unrestricted irrevocable, world-wide, paid up, royalty-free,
@@ -121,7 +121,7 @@ EOF
])
AT_CLEANUP
-AT_SETUP([remove arrows tips from single point])
+AT_SETUP([remove arrow tips from single point])
AT_KEYWORDS(read.c polyline)
AT_CHECK([fig2dev -L pict2e <<EOF
FIG_FILE_TOP
@@ -135,6 +135,19 @@ A single point with a backward arrow - remove the arrow.
])
AT_CLEANUP
+AT_SETUP([remove arrow tips on polygon with single point])
+AT_KEYWORDS(read.c polygon)
+AT_CHECK([fig2dev -L svg <<EOF
+FIG_FILE_TOP
+2 3 0 1 -1 -1 50 -1 -1 0. 0 0 0 0 1 1
+ 0 0 2. 120. 240.
+ 0 0
+EOF
+],0,ignore,[A polygon with 1 points at line 12 - convert to a polyline.
+A single point with a backward arrow - remove the arrow.
+])
+AT_CLEANUP
+
AT_SETUP([reject huge arrow-type, ticket #57])
AT_KEYWORDS(arrow.c arrow)
AT_CHECK([fig2dev -L box <<EOF
--
2.31.1
From f8ce1ff8837056b12c046f56e3b5248b2c8eeaa1 Mon Sep 17 00:00:00 2001
From: Thomas Loimer <thomas.loimer@tuwien.ac.at>
Date: Sat, 24 Apr 2021 10:29:59 +0200
Subject: [PATCH 3/7] Allow truncated sub/superscripts in text, #113, #117
For svg output, sub- and superscripts are indicated by the ^ and _
characters, respectively. A text string truncated right after these
characters caused buffer overflow. Fixes tickets #113 and #117.
---
fig2dev/dev/gensvg.c | 8 ++++++--
fig2dev/tests/output.at | 11 +++++++++++
fig2dev/tests/read.at | 2 +-
3 files changed, 18 insertions(+), 3 deletions(-)
diff --git a/fig2dev/dev/gensvg.c b/fig2dev/dev/gensvg.c
index e888dbf..1ff0a06 100644
--- a/fig2dev/dev/gensvg.c
+++ b/fig2dev/dev/gensvg.c
@@ -3,7 +3,7 @@
* Parts Copyright (c) 2002 by Anthony Starks
* Parts Copyright (c) 2002-2006 by Martin Kroeker
* Parts Copyright (c) 2002-2015 by Brian V. Smith
- * Parts Copyright (c) 2015-2020 by Thomas Loimer
+ * Parts Copyright (c) 2015-2021 by Thomas Loimer
*
* Any party obtaining a copy of these files is granted, free of charge, a
* full and unrestricted irrevocable, world-wide, paid up, royalty-free,
@@ -1005,7 +1005,7 @@ gensvg_text(F_text *t)
#endif
for (cp = (unsigned char *)t->cstring; *cp; cp++) {
ch = *cp;
- if (( supsub == 2 &&ch == '}' ) || supsub==1) {
+ if ((supsub == 2 && ch == '}') || supsub==1) {
#ifdef NOSUPER
fprintf(tfp,"</tspan><tspan dy=\"%d\">",-dy);
old_dy=-dy;
@@ -1019,6 +1019,8 @@ gensvg_text(F_text *t)
}
}
if (ch == '_' || ch == '^') {
+ if (*(cp + 1) == '\0')
+ break;
supsub=1;
#ifdef NOSUPER
if (dy != 0)
@@ -1043,6 +1045,8 @@ gensvg_text(F_text *t)
++cp;
ch = *cp;
if (ch == '{' ) {
+ if (*(cp + 1) == '\0')
+ break;
supsub=2;
++cp;
ch = *cp;
diff --git a/fig2dev/tests/output.at b/fig2dev/tests/output.at
index e6408d7..0918961 100644
--- a/fig2dev/tests/output.at
+++ b/fig2dev/tests/output.at
@@ -231,6 +231,17 @@ AT_CHECK([SOURCE_DATE_EPOCH=1483564881 fig2dev -L svg \
- $builddir/data/fillswclip.svg])
AT_CLEANUP
+AT_SETUP([truncated sub/superscript, tickets #113, #117])
+AT_KEYWORDS(read.c svg)
+AT_CHECK([fig2dev -L svg <<EOF
+#FIG 2
+1200 2
+4 2 0 0 1 0 0 0 6 110 376 0 0 ^
+4 2 0 0 1 0 0 0 6 110 376 0 200 ^{
+EOF
+], 0, ignore)
+AT_CLEANUP
+
AT_BANNER([Test tikz output language.])
diff --git a/fig2dev/tests/read.at b/fig2dev/tests/read.at
index f43cc80..4043356 100644
--- a/fig2dev/tests/read.at
+++ b/fig2dev/tests/read.at
@@ -136,7 +136,7 @@ A single point with a backward arrow - remove the arrow.
AT_CLEANUP
AT_SETUP([remove arrow tips on polygon with single point])
-AT_KEYWORDS(read.c polygon)
+AT_KEYWORDS(read.c polygon svg)
AT_CHECK([fig2dev -L svg <<EOF
FIG_FILE_TOP
2 3 0 1 -1 -1 50 -1 -1 0. 0 0 0 0 1 1
--
2.31.1
From 8c0917994e49110004a6632d0a66ea19501ad39d Mon Sep 17 00:00:00 2001
From: Thomas Loimer <thomas.loimer@tuwien.ac.at>
Date: Sat, 24 Apr 2021 23:04:36 +0200
Subject: [PATCH 4/7] Omit arrows without points in svg output, ticket #115
---
fig2dev/dev/gensvg.c | 4 ++--
fig2dev/tests/output.at | 13 ++++++++++++-
2 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/fig2dev/dev/gensvg.c b/fig2dev/dev/gensvg.c
index 1ff0a06..2c30d8c 100644
--- a/fig2dev/dev/gensvg.c
+++ b/fig2dev/dev/gensvg.c
@@ -1173,7 +1173,7 @@ svg_arrows(int line_thickness, F_arrow *for_arrow, F_arrow *back_arrow,
return true;
}
- if (for_arrow) {
+ if (for_arrow && fnpoints > 1) {
fputs("<!-- Forward arrow", tfp);
arrow_path(for_arrow, forw2, pen_color, fnpoints, fpoints,
fnfillpoints, ffillpoints
@@ -1182,7 +1182,7 @@ svg_arrows(int line_thickness, F_arrow *for_arrow, F_arrow *back_arrow,
#endif
);
}
- if (back_arrow) {
+ if (back_arrow && bnpoints > 1) {
fputs("<!-- Backward arrow", tfp);
arrow_path(back_arrow, back2, pen_color, bnpoints, bpoints,
bnfillpoints, bfillpoints
diff --git a/fig2dev/tests/output.at b/fig2dev/tests/output.at
index 0918961..9af3c8d 100644
--- a/fig2dev/tests/output.at
+++ b/fig2dev/tests/output.at
@@ -2,7 +2,7 @@ dnl Fig2dev: Translate Fig code to various Devices
dnl Copyright (c) 1991 by Micah Beck
dnl Parts Copyright (c) 1985-1988 by Supoj Sutanthavibul
dnl Parts Copyright (c) 1989-2015 by Brian V. Smith
-dnl Parts Copyright (c) 2015-2020 by Thomas Loimer
+dnl Parts Copyright (c) 2015-2021 by Thomas Loimer
dnl
dnl Any party obtaining a copy of these files is granted, free of charge, a
dnl full and unrestricted irrevocable, world-wide, paid up, royalty-free,
@@ -184,6 +184,7 @@ FIG_FILE_TOP
EOF], 0, ignore)
AT_CLEANUP
+
AT_BANNER([Test svg output language.])
AT_SETUP([compare patterns with template])
AT_KEYWORDS(svg pattern creationdate)
@@ -242,6 +243,16 @@ EOF
], 0, ignore)
AT_CLEANUP
+AT_SETUP([omit arrows without points, ticket #115])
+AT_KEYWORDS(svg arrow)
+AT_CHECK([fig2dev -L svg <<EOF
+FIG_FILE_TOP
+5 1 0 1 7 7 44 -1 6 0.000 0 1 1 1 50 -1 -1500 200 -1 7 50 -1 900 750 975
+ 0 0 1.00 45.00 90.00
+ 5 0 1.003 1426 1068 1426
+EOF], 0, ignore)
+AT_CLEANUP
+
AT_BANNER([Test tikz output language.])
--
2.31.1
From 6827c09d2d6491cb2ae3ac7196439ff3aa791fd9 Mon Sep 17 00:00:00 2001
From: Thomas Loimer <thomas.loimer@tuwien.ac.at>
Date: Sun, 25 Apr 2021 00:49:15 +0200
Subject: [PATCH 5/7] Sanitize color definitions, ticket #116
---
fig2dev/read.c | 35 +++++++++++++++++++++--------------
1 file changed, 21 insertions(+), 14 deletions(-)
diff --git a/fig2dev/read.c b/fig2dev/read.c
index 7e18fda..4c6bacc 100644
--- a/fig2dev/read.c
+++ b/fig2dev/read.c
@@ -520,30 +520,37 @@ read_colordef(char *line, int line_no)
if (num_usr_cols >= MAX_USR_COLS) {
if (num_usr_cols == MAX_USR_COLS) {
- put_msg("Maximum number of color definitions (%d) exceeded at line %d.",
+ put_msg("Maximum number of color definitions (%d) "
+ "exceeded at line %d.",
MAX_USR_COLS, line_no);
++num_usr_cols;
}
/* ignore additional colors */
return;
}
- if (sscanf(line, "%*d %d #%2x%2x%2x", &c, &r, &g, &b) != 4) {
- if (c >= NUM_STD_COLS && c < NUM_STD_COLS + MAX_USR_COLS) {
- put_msg("Invalid color definition at line %d: %s, setting to black (#00000).",
- line_no, line);
- r = g = b = 0;
- } else {
- put_msg("User color number at line %d out of range (%d), should be between %d and %d.",
+ if (sscanf(line, "%*d %d #%2x%2x%2x", &c, &r, &g, &b) == 4) {
+ if (c >= NUM_STD_COLS && c < NUM_STD_COLS + MAX_USR_COLS &&
+ r >=0 && r < 256 && g >=0 && g < 256 &&
+ b >= 0 && b < 256 ) {
+ user_col_indx[num_usr_cols] = c;
+ user_colors[num_usr_cols].r = r;
+ user_colors[num_usr_cols].g = g;
+ user_colors[num_usr_cols].b = b;
+ ++num_usr_cols;
+ } else if (c < NUM_STD_COLS || c >= NUM_STD_COLS+MAX_USR_COLS) {
+ put_msg("User color number at line %d out of range (%d)"
+ ", should be between %d and %d.",
line_no, c, NUM_STD_COLS,
NUM_STD_COLS + MAX_USR_COLS - 1);
- return;
+ } else {
+ put_msg("Invalid color definition at line %d: %s, color"
+ " values must be between 0 through 255.",
+ line_no, line);
}
+ } else {
+ put_msg("Invalid color definition at line %d: %s.",
+ line_no, line);
}
- user_col_indx[num_usr_cols] = c;
- user_colors[num_usr_cols].r = r;
- user_colors[num_usr_cols].g = g;
- user_colors[num_usr_cols].b = b;
- ++num_usr_cols;
}
static void
--
2.31.1
From 54a2f930df8a05c5b68ac4aff9a5ab219cac2ce7 Mon Sep 17 00:00:00 2001
From: Thomas Loimer <thomas.loimer@tuwien.ac.at>
Date: Wed, 5 May 2021 23:28:43 +0200
Subject: [PATCH 6/7] Update man-page with respect to tikz, ticket #48
Mention that it may be necessary to include
\usetikzlibrary{arrows.meta,bending} and \usetikzlibrary{patterns}
in the preamble of a TeX document in which a tikz file generated by
fig2dev is included.
---
man/fig2dev.1.in | 31 ++++++++++++++++---------------
1 file changed, 16 insertions(+), 15 deletions(-)
diff --git a/man/fig2dev.1.in b/man/fig2dev.1.in
index 4520305..d4b8788 100644
--- a/man/fig2dev.1.in
+++ b/man/fig2dev.1.in
@@ -690,6 +690,7 @@ renders patterns by filling the respective area with the pen-color at 25%
intensity, i.e., a 75% tint of the pen-color.
The PICT2E driver allows one to choose any font available to the LaTeX engine,
including PostScript fonts.
+TeX an PostScript fonts may appear together in the same document.
.TP
.B \-b borderwidth
@@ -1235,8 +1236,8 @@ you which packages are needed. In the document body, include the
figure with "\fB\\input{pstfile}\fR" where
.B pstfile.tex
is the output file. Use the
-.B XFig special
-flag to have text passed as-is to LaTeX. For non-special text,
+.B XFig TeX text
+flag to have text passed as-is to LaTeX. For non-TeX text,
the same mechanism as the LaTeX and epic driver mechanism is used
to match font specs, but this is imprecise.
@@ -1399,14 +1400,14 @@ The default is \fIrm\fR.
Set the line thickness. \fIlwidth\fR must be a value between 1 and 12.
.SH TIKZ OPTIONS
-TIKZ is a powerful frontend to the Portable Graphics Format (PGF)
-developed by Till Tantau, now at the University of Lübeck.
-TIKZ was developed to be as platform-independent as possible, i.e.,
-tikz-code can be processed with plain TeX, pdftex, xetex, LaTeX, ConTeX,
-pdflatex, lualatex, or combinations of LaTeX + dvips, LaTeX + dvipdfm or others.
-The TIKZ-code emitted by \fIfig2dev\fR tries to maintain this portability.
-For instance, a tikz-picture is commenced with \\tikzpicture (TeX-style), to
-not exclude any processing engine. However, the stand-alone file produced with
+TIKZ is a powerful frontend to the Portable Graphics Format (PGF) for TeX/LaTeX.
+To use figures created by the TIKZ driver in a LaTeX document, use
+"\fB\\usepackage{tikz}\fR" and, depending on the contents of your figure,
+"\fB\\usetikzlibrary{arrows.meta, bending}\fR" and
+"\fB\\usetikzlibrary{patterns}\fR" in the document preamble.
+Simply \\input or copy the output file into the TeX-document.
+TIKZ files produced by \fIfig2dev\fR may be included into a plain TeX document.
+However, the stand-alone file produced with
the \fB\-P\fR option must be processed with a LaTeX-engine.
In addition, font-commands may require a LaTeX engine.
@@ -1482,11 +1483,11 @@ See also \fB\-F\fR (no font properties).
.TP
.B \-P
-Pagemode, generate a stand-alone LaTeX-file as \fIout-file\fR. The document
-produced from the
-LaTeX-file will have the paper size equal to the figure's
-bounding box (but see the \fB\-b\fR option to add a margin).
-The generated LaTeX-file calls the package "geometry.sty" to set the paper size.
+Pagemode, generate a stand-alone LaTeX-file as \fIout-file\fR.
+Run \fIout-file\fR through LaTeX to generate a pdf or eps of the figure.
+The document produced from \fIout-file\fR will have the paper size equal to the
+figure's bounding box (but see the \fB\-b\fR option to add a margin).
+The package "geometry.sty" is used in \fIout-file\fR to set the paper size.
.TP
.B \-T
--
2.31.1
From 605afb79f72eac8dd0d3dd9904ec996619ea792f Mon Sep 17 00:00:00 2001
From: Thomas Loimer <thomas.loimer@tuwien.ac.at>
Date: Mon, 24 May 2021 19:51:06 +0200
Subject: [PATCH 7/7] Add space in command line to convert, ticket #121
---
fig2dev/dev/genbitmaps.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fig2dev/dev/genbitmaps.c b/fig2dev/dev/genbitmaps.c
index e478ba5..73998f1 100644
--- a/fig2dev/dev/genbitmaps.c
+++ b/fig2dev/dev/genbitmaps.c
@@ -322,7 +322,7 @@ genbitmaps_start(F_compound *objects)
} else if (has_ImageMagick()) {
if (*gif_transparent)
sprintf(fmt, "{ %s%s%s | convert - -transparent"
- "%s gif:%s; }%s", gscmd,
+ " %s gif:%s; }%s", gscmd,
antialias, gspipe,
gif_transparent, gimend, err);
else
--
2.31.1

10
transfig.spec
View File

@ -1,18 +1,18 @@
Name: transfig
Version: 3.2.8a
Release: 1%{?dist}
Release: 2%{?dist}
Epoch: 1
Summary: Utility for converting FIG files (made by xfig) to other formats
License: MIT
URL: https://sourceforge.net/projects/mcj/
Source0: http://downloads.sourceforge.net/mcj/fig2dev-%{version}.tar.xz
Patch0: fig2dev-upstream-git-patches.patch
Requires: ghostscript
Requires: bc
Requires: netpbm-progs
BuildRequires: make
BuildRequires: gcc libtool
BuildRequires: make gcc libtool
BuildRequires: libpng-devel
BuildRequires: libjpeg-devel
BuildRequires: libXpm-devel
@ -58,6 +58,10 @@ mv fig2dev.1.in.new man/fig2dev.1.in
%changelog
* Sat May 29 2021 Hans de Goede <hdegoede@redhat.com> - 1:3.2.8a-2
- Add patches from upstream git fixing a couple of issues which may have
security implications (CVE-2021-3561)
* Mon Mar 29 2021 Ondrej Dubaj <odubaj@redhat.com> - 1:3.2.8a-1
- Updated to version 3.2.8a