[arch-commits] Commit in a2ps/trunk (PKGBUILD a2ps-4.13-security.patch)

Eric Bélanger eric at nymeria.archlinux.org
Wed Feb 5 16:40:49 UTC 2014


    Date: Wednesday, February 5, 2014 @ 17:40:49
  Author: eric
Revision: 205464

upgpkg: a2ps 4.14-6

Add security fix (close FS#38799), Add build fix

Added:
  a2ps/trunk/a2ps-4.13-security.patch
Modified:
  a2ps/trunk/PKGBUILD

--------------------------+
 PKGBUILD                 |   17 ++++++-----
 a2ps-4.13-security.patch |   65 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 75 insertions(+), 7 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2014-02-05 16:17:43 UTC (rev 205463)
+++ PKGBUILD	2014-02-05 16:40:49 UTC (rev 205464)
@@ -3,19 +3,20 @@
 
 pkgname=a2ps
 pkgver=4.14
-pkgrel=5
+pkgrel=6
 pkgdesc="An Any to PostScript filter"
 arch=('i686' 'x86_64')
 url="http://www.gnu.org/software/a2ps/"
 license=('GPL3')
-depends=('ghostscript' 'psutils' 'imagemagick')
+depends=('psutils' 'imagemagick')
 makedepends=('gperf')
 backup=('etc/a2ps/a2ps.cfg' 'etc/a2ps/a2ps-site.cfg')
 install=a2ps.install
 source=(ftp://ftp.gnu.org/gnu/a2ps/${pkgname}-${pkgver}.tar.gz{,.sig}
-        a2ps-4.13c-fnmatch-replacement.patch a2ps-4.13c-emacs.patch 
-	a2ps-4.13-manpage-chmod.patch a2ps-4.14-check-mempcpy.patch 
-	a2ps-4.14-fix-stpcpy-proto.patch a2ps-texinfo5.patch)
+        a2ps-4.13c-fnmatch-replacement.patch a2ps-4.13c-emacs.patch
+	a2ps-4.13-manpage-chmod.patch a2ps-4.14-check-mempcpy.patch
+	a2ps-4.14-fix-stpcpy-proto.patch a2ps-texinfo5.patch
+	a2ps-4.13-security.patch)
 sha1sums=('365abbbe4b7128bf70dad16d06e23c5701874852'
           'SKIP'
           '8783952d3410d8d59ed953e1db45e2ef1a0b8f65'
@@ -23,7 +24,8 @@
           '2bb3d0a2ef2f3ff9262723e35c742a80ab0235ce'
           '6aed29c1399e79f3914b408059610f9e7c0fc38e'
           '58fa90134f1027e3f05aeb08212cbcc10f420738'
-          '81269db9dd29685b0ece2539070ced3f7a8472df')
+          '81269db9dd29685b0ece2539070ced3f7a8472df'
+          '93a4db17edfaa99e3498c7d952c560dab49dbe42')
 
 prepare() {
   cd ${pkgname}-${pkgver}
@@ -37,6 +39,7 @@
   patch -p1 -i "${srcdir}/a2ps-4.14-check-mempcpy.patch"
   patch -p0 -i "${srcdir}/a2ps-4.14-fix-stpcpy-proto.patch"
   patch -p1 -i "${srcdir}/a2ps-texinfo5.patch"
+  patch -p1 -i "${srcdir}/a2ps-4.13-security.patch"
 }
 
 build() {
@@ -43,7 +46,7 @@
   cd ${pkgname}-${pkgver}
   libtoolize --force --copy
   autoreconf --force --install -I m4 
-  ./configure --prefix=/usr --sysconfdir=/etc/a2ps \
+  LIBS+="-lm" ./configure --prefix=/usr --sysconfdir=/etc/a2ps \
     --includedir=/usr/include --enable-shared --enable-nls
   make
 }

Added: a2ps-4.13-security.patch
===================================================================
--- a2ps-4.13-security.patch	                        (rev 0)
+++ a2ps-4.13-security.patch	2014-02-05 16:40:49 UTC (rev 205464)
@@ -0,0 +1,65 @@
+--- a2ps-4.13/lib/routines.c.security	Sat Oct 16 05:46:37 1999
++++ a2ps-4.13/lib/routines.c	Mon Feb 12 17:45:15 2001
+@@ -242,3 +242,50 @@
+   /* Don't complain if you can't unlink.  Who cares of a tmp file? */
+   unlink (filename);
+ }
++
++/*
++ * Securely generate a temp file, and make sure it gets
++ * deleted upon exit.
++ */
++static char **	tempfiles;
++static unsigned	ntempfiles;
++
++static void
++cleanup_tempfiles()
++{
++	while (ntempfiles--)
++		unlink(tempfiles[ntempfiles]);
++}
++
++char *
++safe_tempnam(const char *pfx)
++{
++	char	*dirname, *filename;
++	int	fd;
++
++	if (!(dirname = getenv("TMPDIR")))
++		dirname = "/tmp";
++
++	tempfiles = (char **) realloc(tempfiles,
++			(ntempfiles+1) * sizeof(char *));
++	if (tempfiles == NULL)
++		return NULL;
++
++	filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX"));
++	if (!filename)
++		return NULL;
++
++	sprintf(filename, "%s/%sXXXXXX", dirname, pfx);
++
++	if ((fd = mkstemp(filename)) < 0) {
++		free(filename);
++		return NULL;
++	}
++	close(fd);
++
++	if (ntempfiles == 0)
++		atexit(cleanup_tempfiles);
++	tempfiles[ntempfiles++] = filename;
++
++	return filename;
++}
+--- a2ps-4.13/lib/routines.h.security	Mon Oct 18 21:24:41 1999
++++ a2ps-4.13/lib/routines.h	Mon Feb 12 17:39:30 2001
+@@ -255,7 +255,8 @@
+ /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */
+ #define tempname_ensure(Str)				\
+ do {							\
+-  (Str) = (Str) ? (Str) : tempnam (NULL, "a2_");	\
++  (Str) = (Str) ? (Str) : safe_tempnam("a2_");	\
+ } while (0)
++char * safe_tempnam(const char *);
+ 
+ #endif




More information about the arch-commits mailing list