From c8f50b4d8d0c7865dce5d1dec05fd609168d4830 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 7 May 2019 06:31:48 -0400 Subject: [PATCH] import transfig-3.2.6a-4.el8 --- .gitignore | 1 + .transfig.metadata | 1 + SOURCES/fig2dev-3.2.6a-CVE-2017-16899.patch | 38 +++ SPECS/transfig.spec | 320 ++++++++++++++++++++ 4 files changed, 360 insertions(+) create mode 100644 .gitignore create mode 100644 .transfig.metadata create mode 100644 SOURCES/fig2dev-3.2.6a-CVE-2017-16899.patch create mode 100644 SPECS/transfig.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..26d14c0 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/fig2dev-3.2.6a.tar.xz diff --git a/.transfig.metadata b/.transfig.metadata new file mode 100644 index 0000000..39700d7 --- /dev/null +++ b/.transfig.metadata @@ -0,0 +1 @@ +e09145435f3306010eb006f9d7e118fccf77cd2b SOURCES/fig2dev-3.2.6a.tar.xz diff --git a/SOURCES/fig2dev-3.2.6a-CVE-2017-16899.patch b/SOURCES/fig2dev-3.2.6a-CVE-2017-16899.patch new file mode 100644 index 0000000..7f3df37 --- /dev/null +++ b/SOURCES/fig2dev-3.2.6a-CVE-2017-16899.patch @@ -0,0 +1,38 @@ +diff -up fig2dev-3.2.6a/fig2dev/read.c.orig fig2dev-3.2.6a/fig2dev/read.c +--- fig2dev-3.2.6a/fig2dev/read.c.orig 2017-01-07 23:01:19.000000000 +0100 ++++ fig2dev-3.2.6a/fig2dev/read.c 2017-11-21 15:17:31.195643198 +0100 +@@ -1329,8 +1329,14 @@ read_textobject(FILE *fp) + | PSFONT_TEXT; + + /* keep the font number reasonable */ +- if (t->font > MAXFONT(t)) ++ if (t->font > MAXFONT(t)) { + t->font = MAXFONT(t); ++ } else if (t->font < 0 ) { ++ if (psfont_text(t) && t->font < -1) ++ t->font = -1; ++ else ++ t->font = 0; ++ } + fix_and_note_color(&t->color); + t->comments = attach_comments(); /* attach any comments */ + return t; +diff -up fig2dev-3.2.6a/fig2dev/read1_3.c.orig fig2dev-3.2.6a/fig2dev/read1_3.c +--- fig2dev-3.2.6a/fig2dev/read1_3.c.orig 2016-08-19 21:34:38.000000000 +0200 ++++ fig2dev-3.2.6a/fig2dev/read1_3.c 2017-11-21 15:17:31.196643206 +0100 +@@ -470,6 +470,15 @@ read_textobject(FILE *fp) + free((char*) t); + return(NULL); + } ++ /* keep the font number within valid range */ ++ if (t->font > MAXFONT(t)) { ++ t->font = MAXFONT(t); ++ } else if (t->font < 0 ) { ++ if (psfont_text(t) && t->font < -1) ++ t->font = -1; ++ else ++ t->font = 0; ++ } + (void)strcpy(t->cstring, buf); + if (t->size == 0) t->size = 18; + return(t); diff --git a/SPECS/transfig.spec b/SPECS/transfig.spec new file mode 100644 index 0000000..42ede4d --- /dev/null +++ b/SPECS/transfig.spec @@ -0,0 +1,320 @@ +Name: transfig +Version: 3.2.6a +Release: 4%{?dist} +Epoch: 1 +Summary: Utility for converting FIG files (made by xfig) to other formats +License: MIT +URL: https://sourceforge.net/projects/mcj/ +Source0: http://downloads.sourceforge.net/mcj/fig2dev-%{version}.tar.xz +Patch1: fig2dev-3.2.6a-CVE-2017-16899.patch + +Requires: ghostscript +Requires: bc +Requires: netpbm-progs + +BuildRequires: libpng-devel +BuildRequires: libjpeg-devel +BuildRequires: libXpm-devel + +%description +The transfig utility creates a makefile which translates FIG (created +by xfig) or PIC figures into a specified LaTeX graphics language (for +example, PostScript(TM)). Transfig is used to create TeX documents +which are portable (i.e., they can be printed in a wide variety of +environments). + +Install transfig if you need a utility for translating FIG or PIC +figures into certain graphics languages. + +%prep +%autosetup -p1 -n fig2dev-%{version} + +%build +%configure --enable-transfig +make %{?_smp_mflags} + +%install +%make_install + +%files +%doc transfig/doc/manual.pdf +%{_bindir}/transfig +%{_bindir}/fig2dev +%{_bindir}/fig2ps2tex +%{_bindir}/pic2tpic +%{_datadir}/fig2dev/bitmaps/*.bmp +%{_datadir}/fig2dev/i18n/*.ps +%{_datadir}/fig2dev/rgb.txt +%{_mandir}/man1/*.1.gz + +%changelog +* Mon Jul 16 2018 Honza Horak - 1:3.2.6a-4 +- Remove license GPLv3+ + +* Sun Jul 15 2018 Honza Horak - 1:3.2.6a-3 +- Add license GPLv3+ + +* Fri Feb 09 2018 Fedora Release Engineering - 1:3.2.6a-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Tue Nov 21 2017 Hans de Goede - 3.2.6a-1 +- New upstream release 3.2.6a +- Add patch fixing CVE-2017-16899 (rhbz#1515695) + +* Tue Nov 07 2017 Adam Jackson - 3.2.6-6 +- Remove unnecessary BuildRequires: imake + +* Thu Aug 03 2017 Fedora Release Engineering - 1:3.2.6-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 1:3.2.6-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sat Feb 11 2017 Fedora Release Engineering - 1:3.2.6-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Mon Sep 19 2016 Tomas Repik - 1:3.2.6-2 +- added missing requires for netpbm-progs (RHBZ#1371667) + +* Fri Aug 12 2016 Jozef Mlich - 1:3.2.6-1 +- Resolves #1366524 + rebase to fig2dev 3.2.6 + +* Thu Mar 31 2016 Tomas Repik - 1:3.2.5d-18 +- reading alpha channel of png files properly (#1282615) + +* Fri Feb 05 2016 Fedora Release Engineering - 1:3.2.5d-17 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Fri Jun 19 2015 Fedora Release Engineering - 1:3.2.5d-16 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Mon Aug 18 2014 Fedora Release Engineering - 1:3.2.5d-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sun Jun 08 2014 Fedora Release Engineering - 1:3.2.5d-14 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Tue Dec 03 2013 Kamil Dudka - 1:3.2.5d-13 +- make it compile with -Werror=format-security (#1037365) + +* Sun Aug 04 2013 Fedora Release Engineering - 1:3.2.5d-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Wed May 15 2013 Kamil Dudka - 1:3.2.5d-11 +- install man pages using the correct file name suffix +- provide the fig2ps2tex.sh man page as a symlink + +* Fri Feb 15 2013 Fedora Release Engineering - 1:3.2.5d-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Tue Aug 28 2012 Kamil Dudka - 1:3.2.5d-9 +- fix specfile issues reported by the fedora-review script + +* Thu Aug 09 2012 Kamil Dudka - 1:3.2.5d-8 +- fix buffer overflow on loading a malformed .fig file (CVE-2009-4227) + +* Sun Jul 22 2012 Fedora Release Engineering - 1:3.2.5d-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Tue Feb 14 2012 Peter Robinson - 1:3.2.5d-6 +- add Gentoo patch to fix compilation with libpng 1.5 + +* Sat Jan 14 2012 Fedora Release Engineering - 1:3.2.5d-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Dec 06 2011 Adam Jackson - 1:3.2.5d-4 +- Rebuild for new libpng + +* Tue Aug 09 2011 Kamil Dudka - 1:3.2.5d-3 +- fix crash of fig2dev on a failure of ghostscript (#728825) + +* Wed Feb 09 2011 Fedora Release Engineering - 1:3.2.5d-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Thu Nov 04 2010 Kamil Dudka - 1:3.2.5d-1 +- new upstream release (#546623) + +* Wed Mar 03 2010 Kamil Dudka - 1:3.2.5c-1 +- new upstream release +- patch to generate comments compliant with DSC 3.0, thanks to Ian Dall + (#558380) + +* Sun Jul 26 2009 Fedora Release Engineering - 1:3.2.5-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Tue May 5 2009 Ville Skyttä - 1:3.2.5-7 +- Get rid of csh dependency, add missing one on bc (#435993). +- Build with $RPM_OPT_FLAGS (#329831). +- Convert specfile to UTF-8. +- Add URL, fix source URL. +- Escape macros in changelog. +- Improve summary. + +* Wed Feb 25 2009 Fedora Release Engineering - 1:3.2.5-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Sat Dec 20 2008 Ralf Corsépius - 1:3.2.5-5 +- Add transfig-3.2.5-bitmap.patch, tweak permission on sources (BZ #209865). + +* Wed Sep 10 2008 Stepan Kasal - 1:3.2.5-4 +- remove transfig.3.2.4-pstex.patch, which reintroduced #164140 + at the update to 3.2.5 + +* Mon Sep 8 2008 Tom "spot" Callaway - 1:3.2.5-3 +- fix license tag + +* Tue Feb 19 2008 Fedora Release Engineering - 1:3.2.5-2 +- Autorebuild for GCC 4.3 + +* Mon Apr 16 2007 Than Ngo - 1:3.2.5-1.fc7 +- 3.2.5 + +* Wed Aug 16 2006 Stepan Kasal - 1:3.2.4-16 +- Require ghostscript; fig2dev calls it. + +* Wed Jul 12 2006 Jesse Keating - 1:3.2.4-15.1 +- rebuild + +* Tue May 16 2006 Than Ngo 3.2.4-15 +- fix #164140, transfig creates wrong dependencies for -L pstex + +* Tue May 16 2006 Than Ngo 3.2.4-14 +- fix #191825, buildrequire on imake +- fix #173748, fig2dev still refers to /usr/X11R6/lib/X11/rgb.txt + +* Fri Feb 10 2006 Jesse Keating - 1:3.2.4-13.2 +- bump again for double-long bug on ppc(64) + +* Tue Feb 07 2006 Jesse Keating - 1:3.2.4-13.1 +- rebuilt for new gcc4.1 snapshot and glibc changes + +* Mon Dec 19 2005 Than Ngo 3.2.4-13 +- fix build problem with modular X + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Tue Nov 15 2005 Than Ngo 1:3.2.4-12 +- fix for modular X + +* Sat Mar 05 2005 Than Ngo 1:3.2.4-11 +- rebuild + +* Tue Nov 30 2004 Than Ngo 1:3.2.4-10 +- fix compiler warnings #111394 +- fix broken language selection #114849 + +* Tue Nov 30 2004 Than Ngo 1:3.2.4-9 +- add patch to fix getrgb #117099 + +* Mon Oct 18 2004 Miloslav Trmac - 1:3.2.4-8 +- Fix at least a few obvious instances of C abuse (partly #74594 with patch by + Sysoltsev Slawa) +- Drop -Dcfree=free fix, not needed with current version + +* Tue Jun 15 2004 Elliot Lee +- rebuilt + +* Fri Feb 13 2004 Elliot Lee +- rebuilt + +* Tue Jun 17 2003 Than Ngo 3.2.4-4 +- patch build problem + +* Wed Jun 04 2003 Elliot Lee +- rebuilt + +* Fri May 23 2003 Jeremy Katz 1:3.2.4-2 +- fix build with gcc 3.3 + +* Tue May 6 2003 Than Ngo 3.2.4-1 +- 3.2.4 + +* Wed Jan 22 2003 Tim Powers +- rebuilt + +* Mon Nov 18 2002 Than Ngo 3.2.3d-8 +- Added a patch file from d.binderman@virgin.net (bug #77980) + +* Wed Jul 31 2002 Than Ngo 3.2.3d-7 +- fig2dev crashes with more than 1 gif files (bug #69917) + +* Fri Jun 21 2002 Tim Powers +- automated rebuild + +* Fri Jun 14 2002 han Ngo 3.2.3d-5 +- fhs fixes (bug #66732) + +* Thu May 23 2002 Tim Powers +- automated rebuild + +* Wed Jan 09 2002 Tim Powers +- automated rebuild + +* Mon Jul 23 2001 Than Ngo +- fix build dependencies (bug #49725) +- Copyright -> License + +* Fri Jun 15 2001 Than Ngo +- update to 3.2.3d release (Bug # 44742) + +* Tue May 29 2001 Than Ngo +- update to 3.2.3d beta2 + +* Fri Apr 13 2001 Than Ngo +- fix core dump when using LDAP auth +- update ftp site + +* Mon Dec 18 2000 Yukihiro Nakai +- Enable Japanese + +* Sat Aug 05 2000 Than Ngo +- update to 3.2.3c (Bug fixed release) + +* Wed Jul 12 2000 Prospector +- automatic rebuild + +* Tue Jun 13 2000 Trond Eivind Glomsrød +- make it build as nobody. Imake sucks. +- include LATEX.AND.XFIG +- use %%{_tmppath} + +* Wed Apr 26 2000 Matt Wilson +- add enable_japanese option, disable it for now. + +* Sun Apr 16 2000 Bryan C. Andregg +- new version to support -b and -g which xfig uses + +* Mon Feb 7 2000 Bill Nottingham +- handle compressed manpages + +* Sun Mar 21 1999 Cristian Gafton +- auto rebuild in the new build environment (release 3) + +* Wed Dec 30 1998 Cristian Gafton +- build for glibc 2.1 + +* Tue Jul 7 1998 Jeff Johnson +- update to 3.2.1. + +* Sat Jun 27 1998 Jeff Johnson +- add %%clean. + +* Mon Apr 27 1998 Prospector System +- translations modified for de, fr, tr + +* Thu Nov 13 1997 Otto Hammersmith +- fixed problem with Imakefile for fig2dev not including $(XLIB) +- build rooted. + +* Fri Oct 24 1997 Otto Hammersmith +- recreated the glibc patch that is needed for an alpha build, missed it + building on the intel. + +* Tue Oct 21 1997 Otto Hammersmith +- updated version +- fixed source url + +* Fri Jul 18 1997 Erik Troan +- built against glibc