From: Andy Tai <atai@atai.org>
To: 62138@debbugs.gnu.org
Cc: Andy Tai <atai@atai.org>
Subject: [bug#62138] [PATCH v6] gnu: a2ps: Update to 4.15.2
Date: Mon, 20 Mar 2023 00:51:07 -0700 [thread overview]
Message-ID: <20230320075107.32738-1-atai@atai.org> (raw)
In-Reply-To: <20230312064815.24022-1-atai@atai.org>
* gnu/packages/pretty-print.scm (a2ps): update to 4.15.2.
Remove now unneeded patches.
* gnu/packages/patches/a2ps-CVE-2001-1593.patch,
gnu/packages/patches/a2ps-CVE-2014-0466.patch,
gnu/packages/patches/a2ps-CVE-2015-8107.patch: Remove
---
gnu/local.mk | 3 -
gnu/packages/patches/a2ps-CVE-2001-1593.patch | 69 ----------------
gnu/packages/patches/a2ps-CVE-2014-0466.patch | 30 -------
gnu/packages/patches/a2ps-CVE-2015-8107.patch | 80 -------------------
gnu/packages/pretty-print.scm | 26 +++---
5 files changed, 17 insertions(+), 191 deletions(-)
delete mode 100644 gnu/packages/patches/a2ps-CVE-2001-1593.patch
delete mode 100644 gnu/packages/patches/a2ps-CVE-2014-0466.patch
delete mode 100644 gnu/packages/patches/a2ps-CVE-2015-8107.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 1b922a9356..da4a644947 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -863,9 +863,6 @@ MODULES_NOT_COMPILED += \
patchdir = $(guilemoduledir)/%D%/packages/patches
dist_patch_DATA = \
- %D%/packages/patches/a2ps-CVE-2001-1593.patch \
- %D%/packages/patches/a2ps-CVE-2014-0466.patch \
- %D%/packages/patches/a2ps-CVE-2015-8107.patch \
%D%/packages/patches/abcl-fix-build-xml.patch \
%D%/packages/patches/ableton-link-system-libraries-debian.patch \
%D%/packages/patches/abiword-explictly-cast-bools.patch \
diff --git a/gnu/packages/patches/a2ps-CVE-2001-1593.patch b/gnu/packages/patches/a2ps-CVE-2001-1593.patch
deleted file mode 100644
index 17b7e7d932..0000000000
--- a/gnu/packages/patches/a2ps-CVE-2001-1593.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-Index: b/lib/routines.c
-===================================================================
---- a/lib/routines.c
-+++ b/lib/routines.c
-@@ -242,3 +242,50 @@
- /* Don't complain if you can't unlink. Who cares of a tmp file? */
- unlink (filename);
- }
-+
-+/*
-+ * Securely generate a temp file, and make sure it gets
-+ * deleted upon exit.
-+ */
-+static char ** tempfiles;
-+static unsigned ntempfiles;
-+
-+static void
-+cleanup_tempfiles()
-+{
-+ while (ntempfiles--)
-+ unlink(tempfiles[ntempfiles]);
-+}
-+
-+char *
-+safe_tempnam(const char *pfx)
-+{
-+ char *dirname, *filename;
-+ int fd;
-+
-+ if (!(dirname = getenv("TMPDIR")))
-+ dirname = "/tmp";
-+
-+ tempfiles = (char **) realloc(tempfiles,
-+ (ntempfiles+1) * sizeof(char *));
-+ if (tempfiles == NULL)
-+ return NULL;
-+
-+ filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX"));
-+ if (!filename)
-+ return NULL;
-+
-+ sprintf(filename, "%s/%sXXXXXX", dirname, pfx);
-+
-+ if ((fd = mkstemp(filename)) < 0) {
-+ free(filename);
-+ return NULL;
-+ }
-+ close(fd);
-+
-+ if (ntempfiles == 0)
-+ atexit(cleanup_tempfiles);
-+ tempfiles[ntempfiles++] = filename;
-+
-+ return filename;
-+}
-Index: b/lib/routines.h
-===================================================================
---- a/lib/routines.h
-+++ b/lib/routines.h
-@@ -255,7 +255,8 @@
- /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */
- #define tempname_ensure(Str) \
- do { \
-- (Str) = (Str) ? (Str) : tempnam (NULL, "a2_"); \
-+ (Str) = (Str) ? (Str) : safe_tempnam("a2_"); \
- } while (0)
-+char * safe_tempnam(const char *);
-
- #endif
diff --git a/gnu/packages/patches/a2ps-CVE-2014-0466.patch b/gnu/packages/patches/a2ps-CVE-2014-0466.patch
deleted file mode 100644
index 85199e35b0..0000000000
--- a/gnu/packages/patches/a2ps-CVE-2014-0466.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-Description: CVE-2014-0466: fixps does not invoke gs with -dSAFER
- A malicious PostScript file could delete files with the privileges of
- the invoking user.
-Origin: vendor
-Bug-Debian: http://bugs.debian.org/742902
-Author: Salvatore Bonaccorso <carnil@debian.org>
-Last-Update: 2014-03-28
-
---- a/contrib/fixps.in
-+++ b/contrib/fixps.in
-@@ -389,7 +389,7 @@
- eval "$command" ;;
- gs)
- $verbose "$program: making a full rewrite of the file ($gs)." >&2
-- $gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
-+ $gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
- esac
- )
- fi
---- a/contrib/fixps.m4
-+++ b/contrib/fixps.m4
-@@ -307,7 +307,7 @@
- eval "$command" ;;
- gs)
- $verbose "$program: making a full rewrite of the file ($gs)." >&2
-- $gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
-+ $gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
- esac
- )
- fi
diff --git a/gnu/packages/patches/a2ps-CVE-2015-8107.patch b/gnu/packages/patches/a2ps-CVE-2015-8107.patch
deleted file mode 100644
index 5ea35d45da..0000000000
--- a/gnu/packages/patches/a2ps-CVE-2015-8107.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-https://sources.debian.org/data/main/a/a2ps/1:4.14-2/debian/patches/fix-format-security.diff
-
-Index: b/lib/psgen.c
-===================================================================
---- a/lib/psgen.c
-+++ b/lib/psgen.c
-@@ -232,7 +232,7 @@
- default:
- *buf = '\0';
- ps_escape_char (job, cp[i], buf);
-- output (jdiv, (char *) buf);
-+ output (jdiv, "%s", (char *) buf);
- break;
- }
- }
-Index: b/lib/output.c
-===================================================================
---- a/lib/output.c
-+++ b/lib/output.c
-@@ -525,7 +525,7 @@
- expand_user_string (job, FIRST_FILE (job),
- (const uchar *) "Expand: requirement",
- (const uchar *) token));
-- output (dest, expansion);
-+ output (dest, "%s", expansion);
- continue;
- }
-
-Index: b/lib/parseppd.y
-===================================================================
---- a/lib/parseppd.y
-+++ b/lib/parseppd.y
-@@ -154,7 +154,7 @@
- void
- yyerror (const char *msg)
- {
-- error_at_line (1, 0, ppdfilename, ppdlineno, msg);
-+ error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
- }
-
- /*
-Index: b/src/parsessh.y
-===================================================================
---- a/src/parsessh.y
-+++ b/src/parsessh.y
-@@ -740,7 +740,7 @@
- void
- yyerror (const char *msg)
- {
-- error_at_line (1, 0, sshfilename, sshlineno, msg);
-+ error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
- }
-
- /*
-Index: b/lib/parseppd.c
-===================================================================
---- a/lib/parseppd.c
-+++ b/lib/parseppd.c
-@@ -1707,7 +1707,7 @@
- void
- yyerror (const char *msg)
- {
-- error_at_line (1, 0, ppdfilename, ppdlineno, msg);
-+ error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
- }
-
- /*
-Index: b/src/parsessh.c
-===================================================================
---- a/src/parsessh.c
-+++ b/src/parsessh.c
-@@ -2639,7 +2639,7 @@
- void
- yyerror (const char *msg)
- {
-- error_at_line (1, 0, sshfilename, sshlineno, msg);
-+ error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
- }
-
- /*
diff --git a/gnu/packages/pretty-print.scm b/gnu/packages/pretty-print.scm
index 7bc54c4a0b..1a2369badf 100644
--- a/gnu/packages/pretty-print.scm
+++ b/gnu/packages/pretty-print.scm
@@ -37,7 +37,9 @@ (define-module (gnu packages pretty-print)
#:use-module (gnu packages)
#:use-module (gnu packages bison)
#:use-module (gnu packages boost)
+ #:use-module (gnu packages bdw-gc)
#:use-module (gnu packages compression)
+ #:use-module (gnu packages file)
#:use-module (gnu packages flex)
#:use-module (gnu packages ghostscript)
#:use-module (gnu packages gperf)
@@ -52,14 +54,14 @@ (define-module (gnu packages pretty-print)
(define-public a2ps
(package
(name "a2ps")
- (version "4.14")
+ (version "4.15.2")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/a2ps/a2ps-"
version ".tar.gz"))
(sha256
(base32
- "195k78m1h03m961qn7jr120z815iyb93gwi159p1p9348lyqvbpk"))
+ "09fj6gh4ym8mlkhrjlnnjzd7sq9xbx0a5j9ancb684mckx590lpc"))
(modules '((guix build utils)))
(snippet
;; Remove timestamp from the installed 'README' file.
@@ -67,19 +69,25 @@ (define-public a2ps
(substitute* "etc/README.in"
(("@date@")
"1st of some month, sometime after 1970"))
- #t))
- (patches (search-patches
- "a2ps-CVE-2001-1593.patch"
- "a2ps-CVE-2014-0466.patch"
- "a2ps-CVE-2015-8107.patch"))))
+ #t))))
(build-system gnu-build-system)
(inputs
- (list psutils gv))
+ (list psutils file gv libgc libpaper))
(native-inputs
- (list gperf groff perl))
+ (list gperf groff perl pkg-config))
(arguments
'(#:phases
(modify-phases %standard-phases
+ (add-after 'unpack 'skio-failed-tests
+ (lambda _
+ (substitute* "tests/Makefile.am"
+ (("encoding.tst") ""))
+ (substitute* "tests/Makefile.am"
+ (("prolog-2.tst") ""))
+ (substitute* "tests/Makefile.in"
+ (("encoding.tst") ""))
+ (substitute* "tests/Makefile.in"
+ (("prolog-2.tst") ""))))
(add-before 'build 'patch-scripts
(lambda _
(substitute*
base-commit: 1f36534c7e8f2325bff4df5d37ecc811dc63fc38
--
2.39.2
next prev parent reply other threads:[~2023-03-20 7:52 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-12 6:48 [bug#62138] [PATCH] gnu: a2ps: Update to 4.15 Andy Tai
2023-03-12 8:04 ` [bug#62138] [PATCH v2] " Andy Tai
2023-03-12 11:14 ` [bug#62138] Test failures Andreas Enge
2023-03-12 20:58 ` [bug#62138] [PATCH v3] gnu: a2ps: Update to 4.15.1 Andy Tai
2023-03-13 17:41 ` [bug#62138] [PATCH v4] " Andy Tai
2023-03-20 6:42 ` [bug#62138] [PATCH v5] gnu: a2ps: Update to 4.15.2 Andy Tai
2023-03-20 7:51 ` Andy Tai [this message]
2023-03-27 3:54 ` [bug#62138] [PATCH v7] gnu: a2ps: Update to 4.15.3 Andy Tai
2023-04-03 11:12 ` bug#62138: " Nicolas Goaziou
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230320075107.32738-1-atai@atai.org \
--to=atai@atai.org \
--cc=62138@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).