[63931] trunk/dports/tex/pTeX
takanori at macports.org
takanori at macports.org
Thu Feb 18 06:27:56 PST 2010
Revision: 63931
http://trac.macports.org/changeset/63931
Author: takanori at macports.org
Date: 2010-02-18 06:27:55 -0800 (Thu, 18 Feb 2010)
Log Message:
-----------
pTeX:
- Updated DVIPDFMx to the snapshot 20090708.
- Updated CMap to the latest one.
- Added patch for CVE-2009-1284. (Buffer overflow in BibTeX/JBibTeX.)
Modified Paths:
--------------
trunk/dports/tex/pTeX/Portfile
trunk/dports/tex/pTeX/files/patch-1check-archive.sh.diff
trunk/dports/tex/pTeX/files/patch-2extract-src.sh.diff
trunk/dports/tex/pTeX/files/patch-7font-search.sh.diff
trunk/dports/tex/pTeX/files/patch-md5sum_texsrc.traditional.diff
Added Paths:
-----------
trunk/dports/tex/pTeX/files/security/
trunk/dports/tex/pTeX/files/security/bibtex-CVE-2009-1284.diff
trunk/dports/tex/pTeX/files/security/jbibtex-CVE-2009-1284.diff
Modified: trunk/dports/tex/pTeX/Portfile
===================================================================
--- trunk/dports/tex/pTeX/Portfile 2010-02-18 14:21:39 UTC (rev 63930)
+++ trunk/dports/tex/pTeX/Portfile 2010-02-18 14:27:55 UTC (rev 63931)
@@ -3,11 +3,10 @@
PortSystem 1.0
name pTeX
-version 20090703
-revision 1
+version 20100218
epoch ${version}
set ver_ptetex3 20080616
-set ver_dvipdfmx 20090506
+set ver_dvipdfmx 20090708
set ver_dvipsk 5.97-p1.7b-20090509
set ver_jsclasses 090222
set ver_txfonts 3.2.1
@@ -44,7 +43,7 @@
jsclasses-${ver_jsclasses}.zip:jsclasses \
txfonts-${ver_txfonts}.zip:misc \
pxfonts-${ver_pxfonts}.zip:misc \
- cmap-gs863.tar.gz:misc
+ cmap-gs871.tar.gz:misc
patchfiles patch-1check-archive.sh.diff \
patch-2extract-src.sh.diff \
patch-3extract-texmf.sh.diff \
@@ -56,12 +55,12 @@
checksums tetex-src-3.0.tar.gz rmd160 15a139f5f36993e4ed3583260e175cfb13ce7bcc \
tetex-texmf-3.0po.tar.gz rmd160 a1e87733fa3cbef04e39a690ed8549aeaaddb241 \
${distname}${extract.suffix} rmd160 50bcf8986d1cb5f23e578ba97d7ade20bb05f3a2 \
- dvipdfmx-${ver_dvipdfmx}.tar.gz rmd160 e8b208add8d2e205d426a681fdafacd7a182dd17 \
+ dvipdfmx-${ver_dvipdfmx}.tar.gz rmd160 41b57a20264a569222f3b59ac023dff427e2fddf \
dvipsk-${ver_dvipsk}.tar.gz rmd160 c15135bcd4c01143a921d5eaeadd43247738289e \
jsclasses-${ver_jsclasses}.zip rmd160 070ee272072166dccde9c957eb03f0395aa96cfe \
txfonts-${ver_txfonts}.zip rmd160 e0881b33012ae10a7557ee773439df62e600e56d \
pxfonts-${ver_pxfonts}.zip rmd160 9a2e8df4b779dab2c93704f0716f3d69dcbac6fe \
- cmap-gs863.tar.gz rmd160 2aa8ccc8e1d83a56026b476b4129238264c2e22c
+ cmap-gs871.tar.gz rmd160 1fb4a51914f6b17050d984414e0490d9a5e6edc9
depends_lib bin:perl:perl5 \
port:gd2 \
@@ -90,11 +89,12 @@
extract.only ${distname}${extract.suffix}
post-extract {
- system "cd ${worksrcpath} && gzip -dc ${distpath}/cmap-gs863.tar.gz | tar --no-same-owner -xf -"
+ system "cd ${worksrcpath} && gzip -dc ${distpath}/cmap-gs871.tar.gz | tar --no-same-owner -xf -"
}
post-patch {
eval copy [glob ${filespath}/archive/*] ${worksrcpath}/archive/
+ eval copy [glob ${filespath}/security/*] ${worksrcpath}/security/
foreach f {dvipdfmx-${ver_dvipdfmx}.tar.gz
dvipsk-${ver_dvipsk}.tar.gz
txfonts-${ver_txfonts}.zip
Modified: trunk/dports/tex/pTeX/files/patch-1check-archive.sh.diff
===================================================================
--- trunk/dports/tex/pTeX/files/patch-1check-archive.sh.diff 2010-02-18 14:21:39 UTC (rev 63930)
+++ trunk/dports/tex/pTeX/files/patch-1check-archive.sh.diff 2010-02-18 14:27:55 UTC (rev 63931)
@@ -5,7 +5,7 @@
md5check <<EOF || exit
92579eca220d2279787ddb98b5b1e439 archive/config.ps
-3429510a849f0736ffa78ce6a5b5a3a7 archive/dvipdfmx-20070409.tar.gz
-+dba57b9893f5632662c7d741874f7159 archive/dvipdfmx-20090506.tar.gz
++c727370d57633eb58618022516d17b07 archive/dvipdfmx-20090708.tar.gz
92f5fcdf523381c6e30288d0e2c487ab archive/dvipdfmx-contrib-latex.tar.gz
-02e0b121e2c391efffb46d6485d7899f archive/dvipsk-5.96-p1.7b.tar.gz
+0c7e46e0562ee2debcf93e313b70e7ac archive/dvipsk-5.97-p1.7b-20090509.tar.gz
Modified: trunk/dports/tex/pTeX/files/patch-2extract-src.sh.diff
===================================================================
--- trunk/dports/tex/pTeX/files/patch-2extract-src.sh.diff 2010-02-18 14:21:39 UTC (rev 63930)
+++ trunk/dports/tex/pTeX/files/patch-2extract-src.sh.diff 2010-02-18 14:27:55 UTC (rev 63931)
@@ -1,5 +1,5 @@
--- ./2extract-src.sh.orig 2008-06-16 13:50:47.000000000 +0900
-+++ ./2extract-src.sh 2009-07-03 07:09:18.000000000 +0900
++++ ./2extract-src.sh 2010-02-18 22:41:43.000000000 +0900
@@ -14,7 +14,6 @@
fi
@@ -33,7 +33,7 @@
## for dvipdfmx
-tarx archive/dvipdfmx-20070409.tar.gz $SRC/texk
-+tarx archive/dvipdfmx-20090506.tar.gz $SRC/texk
++tarx archive/dvipdfmx-20090708.tar.gz $SRC/texk
mv $SRC/texk/dvipdfmx-* $SRC/texk/dvipdfmx || exit
-perlprint "s/ cid-x.map\$/ kanjix.map/g;
- s|^%(D \"gs .*%o) (%i .*\")|\1 $GSNOEMBED -f \2|" \
@@ -55,9 +55,19 @@
## disable installing 'config.ps'
$CP $SRC/texk/${P}dvipsk/Makefile.in $SRC/texk/${P}dvipsk/Makefile.in.jp
$CP $SRC/texk/${P}dvipsk/Makefile.in.tetex $SRC/texk/${P}dvipsk/Makefile.in
-@@ -263,7 +256,11 @@
+@@ -255,6 +248,9 @@
+ # Fix xpdf integer overflow CVE-2007-3387 (impoted from tetex-3.0-35.fc6)
+ cpatch security/tetex-3.0-CVE-2007-3387.patch 1 $SRC
++cpatch security/bibtex-CVE-2009-1284.diff 1 $SRC
++cpatch security/jbibtex-CVE-2009-1284.diff 1 $SRC
++
+ #exit # uncomment if 'mktemp' command doesn't exist
+ # Don't use PID for temporary file names in scripts. (impoted from FC4)
+ cpatch security/tetex-3.0-badscript.patch 1 $SRC
+@@ -263,7 +258,11 @@
+
## check
-cat md5sum/texsrc.$JAPANESE | (cd $SRC; md5check) && exit
+if cat md5sum/texsrc.$JAPANESE | (cd $SRC; md5check); then
Modified: trunk/dports/tex/pTeX/files/patch-7font-search.sh.diff
===================================================================
--- trunk/dports/tex/pTeX/files/patch-7font-search.sh.diff 2010-02-18 14:21:39 UTC (rev 63930)
+++ trunk/dports/tex/pTeX/files/patch-7font-search.sh.diff 2010-02-18 14:27:55 UTC (rev 63931)
@@ -40,7 +40,7 @@
-QtPalmtop /opt/QtPalmtop/lib/X11/fonts/opentype
-EOF
+$MKDIR $CMAP/ghostscript
-+$CP ./cmap-gs863/* $CMAP/ghostscript
++$CP ./cmap-gs871/* $CMAP/ghostscript
if test -d /System/Library/Fonts; then # Mac OS X
LC_ALL=ja_JP.UTF-8
Modified: trunk/dports/tex/pTeX/files/patch-md5sum_texsrc.traditional.diff
===================================================================
--- trunk/dports/tex/pTeX/files/patch-md5sum_texsrc.traditional.diff 2010-02-18 14:21:39 UTC (rev 63930)
+++ trunk/dports/tex/pTeX/files/patch-md5sum_texsrc.traditional.diff 2010-02-18 14:27:55 UTC (rev 63931)
@@ -1,5 +1,5 @@
--- md5sum/texsrc.traditional.orig 2008-06-16 15:02:58.000000000 +0900
-+++ md5sum/texsrc.traditional 2009-07-03 07:12:07.000000000 +0900
++++ md5sum/texsrc.traditional 2010-02-18 22:56:02.000000000 +0900
@@ -72,29 +72,29 @@
aa8bcb252fdfab1e6164e338b6a791ce ./texk/dvipdfm/ebb.c
c98e0303e74020945a281afd04b09182 ./texk/dvipdfm/pdfdoc.c
@@ -69,6 +69,15 @@
ebc6b3bdfb294b144444a826cd044442 ./texk/tetex/fmtutil
5641fcc891193155d3c256de05207f73 ./texk/tetex/texconfig
c87a7653e7ff3d98faa26d5f6995c6f0 ./texk/tetex/texlinks
+@@ -291,7 +291,7 @@
+ 6c4e69c3fd5fe3251d85bff4069ad123 ./texk/web2c/ptex/configure
+ 8839a8141c7402536e8ecfec68609814 ./texk/web2c/ptex/jbibextra.c
+ e76c43343a3925d04dd89d313662391c ./texk/web2c/ptex/jbibextra.h
+-e1b15f4509b6d2aa81b2cb16252c2313 ./texk/web2c/ptex/jbibtex.ch
++896b957ed679c6663f12960d706b8dd0 ./texk/web2c/ptex/jbibtex.ch
+ 6add19f1b22455bab699ae2cddee28f1 ./texk/web2c/ptex/jbibtex.defines
+ a54f6f9f2718b634667e99d8f9e2bdf3 ./texk/web2c/ptex/jmpost/Makefile.in
+ 01765754d619176d107ae27e16b815af ./texk/web2c/ptex/jmpost/configure
@@ -310,7 +310,7 @@
cc8193b92f3f22160f9f75552c936eb1 ./texk/web2c/ptex/openclose.c
e94844efdc6621352d2edc5bd43a3463 ./texk/web2c/ptex/pdvitype.ch
Added: trunk/dports/tex/pTeX/files/security/bibtex-CVE-2009-1284.diff
===================================================================
--- trunk/dports/tex/pTeX/files/security/bibtex-CVE-2009-1284.diff (rev 0)
+++ trunk/dports/tex/pTeX/files/security/bibtex-CVE-2009-1284.diff 2010-02-18 14:27:55 UTC (rev 63931)
@@ -0,0 +1,18 @@
+--- tetex-src-3.0/texk/web2c/bibtex.ch.orig 2004-07-15 02:32:51.000000000 +0900
++++ tetex-src-3.0/texk/web2c/bibtex.ch 2010-02-18 22:22:53.000000000 +0900
+@@ -1077,6 +1077,15 @@
+ @y
+ @z
+
++% Forgot to check for pool overflow here. Triggered by test case linked
++% from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520920.
++ at x
++while (sp_ptr < sp_end) do {shift the substring}
++ at y
++str_room(sp_end - sp_ptr);
++while (sp_ptr < sp_end) do {shift the substring}
++ at z
++
+ % [459] Eliminate unreferenced statement label, because `undefined' is
+ % now a constant expression that is not evaluated at the Web level. If
+ % this label were ever required, it could be replaced by the constant
Added: trunk/dports/tex/pTeX/files/security/jbibtex-CVE-2009-1284.diff
===================================================================
--- trunk/dports/tex/pTeX/files/security/jbibtex-CVE-2009-1284.diff (rev 0)
+++ trunk/dports/tex/pTeX/files/security/jbibtex-CVE-2009-1284.diff 2010-02-18 14:27:55 UTC (rev 63931)
@@ -0,0 +1,13 @@
+--- tetex-src-3.0/texk/web2c/ptex/jbibtex.ch.orig 2010-02-18 22:49:18.000000000 +0900
++++ tetex-src-3.0/texk/web2c/ptex/jbibtex.ch 2010-02-18 22:50:29.000000000 +0900
+@@ -1381,6 +1381,10 @@
+ else decr(sp_end);
+ end;
+
++{ Forgot to check for pool overflow here. Triggered by test case linked
++ from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520920.}
++
++str_room(sp_end - sp_ptr);
+ while (sp_ptr < sp_end) do {shift the substring}
+ begin
+ if str_pool[sp_ptr] >127 then begin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-changes/attachments/20100218/bab83db8/attachment-0001.html>
More information about the macports-changes
mailing list