rpms/texlive/F-11 texlive-CVE-2010-0739, 1440-integer-overflows.patch, NONE, 1.1 texlive-CVE-2010-0829-dvipng-multiple-array-indexing-errors.patch, NONE, 1.1 .cvsignore, 1.2, 1.3 sources, 1.2, 1.3 texlive.spec, 1.53, 1.54
Jindrich Novy
jnovy at fedoraproject.org
Mon May 10 08:19:48 UTC 2010
Author: jnovy
Update of /cvs/pkgs/rpms/texlive/F-11
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv22623
Modified Files:
.cvsignore sources texlive.spec
Added Files:
texlive-CVE-2010-0739,1440-integer-overflows.patch
texlive-CVE-2010-0829-dvipng-multiple-array-indexing-errors.patch
Log Message:
* Mon May 10 2010 Jindrich Novy <jnovy at redhat.com> 2007-47
- fix CVE-2010-0739 and CVE-2010-1440 (#584795)
- fix CVE-2010-0829 (#589607)
- add missing defattr to filelists
- fix directory ownership of /var/lib/texmf/web2c (#512459)
- use official tarball for jpatch
- fix post/postun scriptlets (#532466)
***** Not enough context to create diffstat for file: texlive-CVE-2010-0739,1440-integer-overflows.patch,NONE,1.1
***** Not enough context to create diff for file: texlive-CVE-2010-0739,1440-integer-overflows.patch,NONE,1.1
texlive-CVE-2010-0829-dvipng-multiple-array-indexing-errors.patch:
draw.c | 18 +++++++++++++-----
dvipng.h | 4 ++--
set.c | 3 +--
vf.c | 3 +--
4 files changed, 17 insertions(+), 11 deletions(-)
--- NEW FILE texlive-CVE-2010-0829-dvipng-multiple-array-indexing-errors.patch ---
diff -up texlive-2007/texk/dvipng/draw.c.CVE-2010-0829 texlive-2007/texk/dvipng/draw.c
--- texlive-2007/texk/dvipng/draw.c.CVE-2010-0829 2006-11-07 21:40:00.000000000 +0100
+++ texlive-2007/texk/dvipng/draw.c 2010-05-07 10:54:31.532938790 +0200
@@ -99,7 +99,15 @@ dviunits SetChar(int32_t c)
if (currentfont==NULL)
Fatal("faulty DVI, trying to set character from null font");
- ptr = currentfont->chr[c];
+ if (c<0 || c>LASTFNTCHAR) {
+ Warning("glyph index out of range (%d), skipping",c);
+ return(0);
+ }
+ ptr=currentfont->chr[c];
+ if (ptr==NULL) {
+ Warning("unable to draw glyph %d, skipping",c);
+ return(0);
+ }
#ifdef DEBUG
switch (currentfont->type) {
case FONT_TYPE_VF: DEBUG_PRINT(DEBUG_DVI,("\n VF CHAR:\t")); break;
@@ -108,13 +116,13 @@ dviunits SetChar(int32_t c)
case FONT_TYPE_FT: DEBUG_PRINT(DEBUG_DVI,("\n FT CHAR:\t")); break;
default: DEBUG_PRINT(DEBUG_DVI,("\n NO CHAR:\t"))
}
- if (isprint(c))
+ if (debug & DEBUG_DVI && c>=0 && c<=UCHAR_MAX && isprint(c))
DEBUG_PRINT(DEBUG_DVI,("'%c' ",c));
DEBUG_PRINT(DEBUG_DVI,("%d at (%d,%d) tfmw %d", c,hh,vv,ptr?ptr->tfmw:0));
#endif
if (currentfont->type==FONT_TYPE_VF) {
- return(SetVF(c));
- } else if (ptr) {
+ return(SetVF(ptr));
+ } else {
if (ptr->data == NULL)
switch(currentfont->type) {
case FONT_TYPE_PK: LoadPK(c, ptr); break;
@@ -128,7 +136,7 @@ dviunits SetChar(int32_t c)
Fatal("undefined fonttype %d",currentfont->type);
}
if (page_imagep != NULL)
- return(SetGlyph(c, hh, vv));
+ return(SetGlyph(ptr, hh, vv));
else {
/* Expand bounding box if necessary */
min(x_min,hh - ptr->xOffset/shrinkfactor);
diff -up texlive-2007/texk/dvipng/dvipng.h.CVE-2010-0829 texlive-2007/texk/dvipng/dvipng.h
--- texlive-2007/texk/dvipng/dvipng.h.CVE-2010-0829 2006-12-24 01:02:30.000000000 +0100
+++ texlive-2007/texk/dvipng/dvipng.h 2010-05-07 08:11:10.249916801 +0200
@@ -387,9 +387,9 @@ void DrawPages(void);
void WriteImage(char*, int);
void LoadPK(int32_t, register struct char_entry *);
int32_t SetChar(int32_t);
-dviunits SetGlyph(int32_t c, int32_t hh,int32_t vv);
+dviunits SetGlyph(struct char_entry *ptr, int32_t hh,int32_t vv);
void Gamma(double gamma);
-int32_t SetVF(int32_t);
+int32_t SetVF(struct char_entry *ptr);
int32_t SetRule(int32_t, int32_t, int32_t, int32_t);
void SetSpecial(char *, int32_t, int32_t, int32_t);
void BeginVFMacro(struct font_entry*);
diff -up texlive-2007/texk/dvipng/set.c.CVE-2010-0829 texlive-2007/texk/dvipng/set.c
--- texlive-2007/texk/dvipng/set.c.CVE-2010-0829 2006-11-07 21:40:00.000000000 +0100
+++ texlive-2007/texk/dvipng/set.c 2010-05-07 10:55:57.807931411 +0200
@@ -202,10 +202,9 @@ void Gamma(double gamma)
}
}
-dviunits SetGlyph(int32_t c, int32_t hh,int32_t vv)
+dviunits SetGlyph(struct char_entry *ptr, int32_t hh, int32_t vv)
/* gdImageChar can only do monochrome glyphs */
{
- register struct char_entry *ptr = currentfont->chr[c];
int dst_alpha,dst_weight,tot_weight,alpha;
int x,y,pos=0;
int bgColor,pixelgrey,pixelcolor;
diff -up texlive-2007/texk/dvipng/vf.c.CVE-2010-0829 texlive-2007/texk/dvipng/vf.c
--- texlive-2007/texk/dvipng/vf.c.CVE-2010-0829 2006-11-07 21:40:00.000000000 +0100
+++ texlive-2007/texk/dvipng/vf.c 2010-05-07 08:11:10.252917007 +0200
@@ -28,11 +28,10 @@
#define VF_ID 202
#define LONG_CHAR 242
-int32_t SetVF(int32_t c)
+int32_t SetVF(struct char_entry* ptr)
{
struct font_entry* currentvf;
unsigned char *command,*end;
- struct char_entry* ptr=currentfont->chr[c];
currentvf=currentfont;
BeginVFMacro(currentvf);
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/texlive/F-11/.cvsignore,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- .cvsignore 2 Dec 2007 08:03:19 -0000 1.2
+++ .cvsignore 10 May 2010 08:19:48 -0000 1.3
@@ -1,4 +1,4 @@
-dvipsk-jpatch-p1.7a.tar.bz2
mendexk2.6e.tar.gz
ptex-src-3.1.10.tar.gz
source-free.tar.bz2
+dvipsk-jpatch-p1.7a.tar.gz
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/texlive/F-11/sources,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -p -r1.2 -r1.3
--- sources 2 Dec 2007 08:03:19 -0000 1.2
+++ sources 10 May 2010 08:19:48 -0000 1.3
@@ -1,4 +1,4 @@
-de024c71383d35d2274f5ebc599057f7 dvipsk-jpatch-p1.7a.tar.bz2
fe07b8b7b83d1cb13f836dc1caf7bad8 mendexk2.6e.tar.gz
9738f48ec9d6b603b4b6550ba480876d ptex-src-3.1.10.tar.gz
c67cdc1e1ecfeb87ccb9dfacc56a7a97 source-free.tar.bz2
+f8c7430ed070c127c6eefbc301525469 dvipsk-jpatch-p1.7a.tar.gz
Index: texlive.spec
===================================================================
RCS file: /cvs/pkgs/rpms/texlive/F-11/texlive.spec,v
retrieving revision 1.53
retrieving revision 1.54
diff -u -p -r1.53 -r1.54
--- texlive.spec 23 Oct 2009 01:44:36 -0000 1.53
+++ texlive.spec 10 May 2010 08:19:48 -0000 1.54
@@ -21,7 +21,7 @@
Name: texlive
Version: %{texlive_ver}
-Release: 46%{?dist}
+Release: 47%{?dist}
Summary: Binaries for the TeX formatting system
Group: Applications/Publishing
@@ -41,7 +41,7 @@ Source100: texlive-generate-tarball.sh
%define __perl_requires %{SOURCE99}
# 1000-: Japanese pTeX
Source1000: ftp://ftp.ascii.co.jp/pub/TeX/ascii-ptex/tetex/ptex-src-%{ptex_src_ver}.tar.gz
-Source1001: ftp://ftp.ascii.co.jp/pub/TeX/ascii-ptex/dvips/dvipsk-jpatch-%{pdvipsk_ver}.tar.bz2
+Source1001: ftp://ftp.ascii.co.jp/pub/TeX/ascii-ptex/dvips/dvipsk-jpatch-%{pdvipsk_ver}.tar.gz
Source1002: ftp://ftp.ascii.co.jp/pub/TeX/ascii-ptex/mendex/mendexk%{mendexk_ver}.tar.gz
# Don't run brp-python-bytecompile
@@ -78,6 +78,8 @@ Patch31: texlive-elif.patch
Patch32: texlive-getline.patch
Patch33: texlive-poolfix.patch
Patch34: texlive-dvipsconfig.patch
+Patch35: texlive-CVE-2010-0829-dvipng-multiple-array-indexing-errors.patch
+Patch36: texlive-CVE-2010-0739,1440-integer-overflows.patch
######
# mpeters contributed patches
@@ -400,6 +402,8 @@ chmod -x texk/dvipdfm/encodings.c
%patch32 -p1 -b .getline
%patch33 -p1 -b .poolfix
%patch34 -p1 -b .dvipsconfig
+%patch35 -p1 -b .CVE-2010-0829
+%patch36 -p1 -b .CVE-2010-0739,1440
# fix non utf man pages
%patch42 -p1 -b .notutf8-2
@@ -454,7 +458,7 @@ cd -
# Prepare Japanese dvips
mkdir pdvipsk
-tar xfj %{SOURCE1001} -C pdvipsk
+tar xfz %{SOURCE1001} -C pdvipsk
cp -lR texk/dvipsk texk/pdvipsk
cd pdvipsk
%patch1005 -p0
@@ -678,24 +682,24 @@ rm -rf %{buildroot}%{_texmf_main}/texcon
rm -rf %{buildroot}
%post
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
[ -x /sbin/install-info ] && /sbin/install-info %{_infodir}/web2c.info.gz %{_infodir}/dir
-%{_bindir}/fmtutil-sys --all &> /dev/null
-%{_bindir}/updmap-sys --syncwithtrees &> /dev/null
+[ -x %{_bindir}/fmtutil-sys ] && %{_bindir}/fmtutil-sys --all &> /dev/null
+[ -x %{_bindir}/updmap-sys ] && %{_bindir}/updmap-sys --syncwithtrees &> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
:
%post afm
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
:
%post context
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
@@ -703,21 +707,21 @@ fi
%post dvips
[ -x /sbin/install-info ] && /sbin/install-info %{_infodir}/dvips.info.gz %{_infodir}/dir
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
:
%post dviutils
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
:
%post east-asian
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
@@ -725,23 +729,23 @@ fi
%post latex
[ -x /sbin/install-info ] && /sbin/install-info %{_infodir}/latex.info.gz %{_infodir}/dir
-%{_bindir}/texconfig-sys init &> /dev/null
-%{_bindir}/texconfig-sys rehash 2> /dev/null
-%{_bindir}/fmtutil-sys --all &> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys init &> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/fmtutil-sys ] && %{_bindir}/fmtutil-sys --all &> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
:
%post xetex
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
:
%post -n kpathsea
-/sbin/ldconfig
+[ -x /sbin/ldconfig ] && /sbin/ldconfig
[ -x /sbin/install-info ] && /sbin/install-info %{_infodir}/kpathsea.info.gz %{_infodir}/dir
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
@@ -774,7 +778,7 @@ fi
:
%preun -n kpathsea
-/sbin/ldconfig
+[ -x /sbin/ldconfig ] && /sbin/ldconfig
if [ "$1" = 0 ]; then
[ -x /sbin/install-info ] && /sbin/install-info --delete %{_infodir}/kpathsea.info.gz %{_infodir}/dir
fi
@@ -784,63 +788,63 @@ fi
:
%postun
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
:
%postun afm
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
:
%postun context
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
:
%postun east-asian
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
:
%postun dviutils
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
:
%postun dvips
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
:
%postun latex
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
:
%postun xetex
-%{_bindir}/texconfig-sys rehash 2> /dev/null
+[ -x %{_bindir}/texconfig-sys ] && %{_bindir}/texconfig-sys rehash 2> /dev/null
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
:
%postun -n kpathsea
-/sbin/ldconfig
+[ -x /sbin/ldconfig ] && /sbin/ldconfig
if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
[ -x /sbin/restorecon ] && /sbin/restorecon -R %{_texmf_var}/
fi
@@ -851,7 +855,6 @@ fi
# config files
%dir %{_texmf_conf}
%dir %{_texmf_conf}/web2c/
-%dir %{_texmf_var}/web2c/
%dir %{_texmf_main}/web2c/
%dir %{_texmf_main}/doc/
%doc %{_texmf_main}/doc/bibtex8/
@@ -1169,6 +1172,7 @@ fi
%{_mandir}/ja/man1/mendex.1*
%files east-asian
+%defattr(-,root,root,-)
%doc %{_texmf_main}/doc/pdvipsk/
%doc %{_texmf_main}/doc/ptex/
%{_texmf_main}/fonts/map/pdvips/
@@ -1208,6 +1212,7 @@ fi
%{_mandir}/man1/opdvips.1*
%files context
+%defattr(-,root,root,-)
%{_bindir}/ctxtools
%{_bindir}/exatools
%{_bindir}/luatools
@@ -1238,6 +1243,14 @@ fi
%{_mandir}/man1/texutil.1*
%changelog
+* Mon May 10 2010 Jindrich Novy <jnovy at redhat.com> 2007-47
+- fix CVE-2010-0739 and CVE-2010-1440 (#584795)
+- fix CVE-2010-0829 (#589607)
+- add missing defattr to filelists
+- fix directory ownership of /var/lib/texmf/web2c (#512459)
+- use official tarball for jpatch
+- fix post/postun scriptlets (#532466)
+
* Fri Oct 23 2009 Jindrich Novy <jnovy at redhat.com> 2007-46
- add missing dependency on kpathsea
More information about the scm-commits
mailing list