Hello community,
here is the log from the commit of package texlive for openSUSE:Factory
checked in at Wed Apr 28 22:32:54 CEST 2010.
--------
--- texlive/texlive-bin.changes 2010-04-04 20:21:07.000000000 +0200
+++ texlive/texlive-bin.changes 2010-04-28 13:07:34.000000000 +0200
@@ -1,0 +2,22 @@
+Wed Apr 28 10:37:13 CEST 2010 - werner@suse.de
+
+- Update fix in dvipsk/dospecial.c (bnc#587794)
+- Update to bugfix version 5.3 of the geometry style (bnc#559257)
+
+-------------------------------------------------------------------
+Mon Apr 12 19:42:16 UTC 2010 - coolo@novell.com
+
+- undo gcc43 changes, 4.5 works now
+
+-------------------------------------------------------------------
+Mon Apr 12 14:36:32 CEST 2010 - werner@suse.de
+
+- Add fix to make beamer class work even with new geometry class
+ (bnc#591958)
+
+-------------------------------------------------------------------
+Tue Mar 16 15:47:57 CET 2010 - werner@suse.de
+
+- Fix a few buffer overflows in dvipng (bnc#587794)
+
+-------------------------------------------------------------------
texlive.changes: same change
calling whatdependson for head-i586
Old:
----
source-geometry.dif.bz2
New:
----
source-dvipng.dif
texmf-geometry.dif.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ texlive-bin.spec ++++++
--- /var/tmp/diff_new_pack.ZzMKSB/_old 2010-04-28 22:30:58.000000000 +0200
+++ /var/tmp/diff_new_pack.ZzMKSB/_new 2010-04-28 22:30:58.000000000 +0200
@@ -25,7 +25,6 @@
Name: texlive-bin
# Remark: In case of enabling ttf2pk we need also freetype(1) within the line of BuildRequires
BuildRequires: bison cairo cairo-devel dialog ed expat fdupes flex freetype2-devel gcc-c++ gd-devel ghostscript_any glitz glitz-devel jpeg libicu libicu-devel libjpeg-devel libpng-devel libpoppler-devel netpbm t1lib t1lib-devel unzip xaw3d-devel xorg-x11-devel xorg-x11-util-devel xz zip zziplib zziplib-devel
-BuildRequires: gcc43
Url: http://www.tug.org/texlive/
License: GPLv2+ ; TeX-License ..
PreReq: coreutils ed %fillup_prereq findutils grep %install_info_prereq sed %suseconfig_fonts_prereq
@@ -36,7 +35,7 @@
Summary: The Base System of TeXLive
Group: Productivity/Publishing/TeX/Base
Version: 2009
-Release: 6
+Release: 7
Source0: ftp://tug.org/historic/systems/texlive/2009/texlive-20091107-source.tar.xz
Source1: ftp://tug.org/historic/systems/texlive/2009/texlive-20091107-texmf.tar.xz
Source2: ftp://tug.org/historic/systems/texlive/2009/texlive-20091107-extra.tar.xz
@@ -80,7 +79,6 @@
Patch6: source-dviutils.dif
Patch7: source-psutils-flip.dif
Patch8: source-psutils.dif
-Patch9: source-geometry.dif.bz2
Patch10: source-poppler.dif
Patch11: source-lacheck.dif
Patch12: source-warns.dif
@@ -90,6 +88,7 @@
Patch16: source-metapost.dif
Patch17: source-64.dif
Patch18: source-libpng14.patch
+Patch19: source-dvipng.dif
Patch40: texmf.dif
Patch41: texmf-astro.dif
Patch42: texmf-musixtex.dif
@@ -97,6 +96,7 @@
Patch44: texmf-pubform-bib.dif
Patch45: texmf-jadetex.dif
Patch46: texmf-bbold11.dif
+Patch47: texmf-geometry.dif.bz2
NoPatch: 0
NoPatch: 1
NoPatch: 2
@@ -106,7 +106,6 @@
NoPatch: 6
NoPatch: 7
NoPatch: 8
-NoPatch: 9
NoPatch: 10
NoPatch: 11
NoPatch: 12
@@ -116,6 +115,7 @@
NoPatch: 16
NoPatch: 17
NoPatch: 18
+NoPatch: 19
NoPatch: 40
NoPatch: 41
NoPatch: 42
@@ -123,6 +123,7 @@
NoPatch: 44
NoPatch: 45
NoPatch: 46
+NoPatch: 47
BuildRoot: %{_tmppath}/%{name}-%{version}-build
ExcludeArch: noarch
#
@@ -661,7 +662,6 @@
echo CFLAGS=\"$XCFLAGS\"
echo CXXFLAGS=\"$XCXXFLAGS\"
echo LDFLAGS=\"-Wl,-warn-common $XLDFLAGS\"
- echo CC=gcc-4.3
echo CXX=g++
echo VENDOR=\"${VENDOR}\"
echo ARCH_LIB=%{_lib}
@@ -722,7 +722,6 @@
%patch7 -p0 -b .psutils-flip
%patch8 -p0 -b .psutils
%endif
-%patch9 -p0 -b .geometry
%patch10 -p0 -b .poppler
%patch11 -p0 -b .lacheck
%patch12 -p0 -b .warns
@@ -732,6 +731,7 @@
%patch16 -p0 -b .mp
%patch17 -p0 -b .64
%patch18 -p0 -b .libpng14
+%patch19 -p0 -b .dvipng
%patch40 -p0
%patch41 -p0
%patch42 -p0
@@ -739,6 +739,7 @@
%patch44 -p0
%patch45 -p0
%patch46 -p0
+%patch47 -p0
%patch0 -p0
# Move texmf tree out of the way
++++++ texlive.spec ++++++
--- /var/tmp/diff_new_pack.ZzMKSB/_old 2010-04-28 22:30:58.000000000 +0200
+++ /var/tmp/diff_new_pack.ZzMKSB/_new 2010-04-28 22:30:58.000000000 +0200
@@ -25,7 +25,6 @@
Name: texlive
# Remark: In case of enabling ttf2pk we need also freetype(1) within the line of BuildRequires
BuildRequires: bison cairo cairo-devel dialog ed expat fdupes flex freetype2-devel gcc-c++ gd-devel ghostscript_any glitz glitz-devel jpeg libicu libicu-devel libjpeg-devel libpng-devel libpoppler-devel netpbm t1lib t1lib-devel unzip xaw3d-devel xorg-x11-devel xorg-x11-util-devel xz zip zziplib zziplib-devel
-BuildRequires: gcc43
Url: http://www.tug.org/texlive/
License: GPLv2+ ; TeX-License ..
PreReq: coreutils ed %fillup_prereq findutils grep %install_info_prereq sed %suseconfig_fonts_prereq texlive-bin
@@ -38,7 +37,7 @@
Summary: The Base System of TeXLive
Group: Productivity/Publishing/TeX/Base
Version: 2009
-Release: 6
+Release: 7
Source0: ftp://tug.org/historic/systems/texlive/2009/texlive-20091107-source.tar.xz
Source1: ftp://tug.org/historic/systems/texlive/2009/texlive-20091107-texmf.tar.xz
Source2: ftp://tug.org/historic/systems/texlive/2009/texlive-20091107-extra.tar.xz
@@ -65,7 +64,6 @@
Patch6: source-dviutils.dif
Patch7: source-psutils-flip.dif
Patch8: source-psutils.dif
-Patch9: source-geometry.dif.bz2
Patch10: source-poppler.dif
Patch11: source-lacheck.dif
Patch12: source-warns.dif
@@ -75,6 +73,7 @@
Patch16: source-metapost.dif
Patch17: source-64.dif
Patch18: source-libpng14.patch
+Patch19: source-dvipng.dif
Patch40: texmf.dif
Patch41: texmf-astro.dif
Patch42: texmf-musixtex.dif
@@ -82,6 +81,7 @@
Patch44: texmf-pubform-bib.dif
Patch45: texmf-jadetex.dif
Patch46: texmf-bbold11.dif
+Patch47: texmf-geometry.dif.bz2
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildArch: noarch
#
@@ -774,7 +774,6 @@
echo CFLAGS=\"$XCFLAGS\"
echo CXXFLAGS=\"$XCXXFLAGS\"
echo LDFLAGS=\"-Wl,-warn-common $XLDFLAGS\"
- echo CC=gcc-4.3
echo CXX=g++
echo VENDOR=\"${VENDOR}\"
echo ARCH_LIB=%{_lib}
@@ -835,7 +834,6 @@
%patch7 -p0 -b .psutils-flip
%patch8 -p0 -b .psutils
%endif
-%patch9 -p0 -b .geometry
%patch10 -p0 -b .poppler
%patch11 -p0 -b .lacheck
%patch12 -p0 -b .warns
@@ -845,6 +843,7 @@
%patch16 -p0 -b .mp
%patch17 -p0 -b .64
%patch18 -p0 -b .libpng14
+%patch19 -p0 -b .dvipng
%patch40 -p0
%patch41 -p0
%patch42 -p0
@@ -852,6 +851,7 @@
%patch44 -p0
%patch45 -p0
%patch46 -p0
+%patch47 -p0
%patch0 -p0
# Move texmf tree out of the way
++++++ source-dvipng.dif ++++++
|
| Bug fix for bnc#587794 - VUL-0: texlive dvips buffer overflow
| covers CVE-2010-0827, CVE-2010-0829, and CVE-2010-0739
|
--- texk/dvipng/draw.c
+++ texk/dvipng/draw.c 2010-03-17 12:52:15.000000000 +0000
@@ -18,7 +18,7 @@
License along with this program. If not, see
http://www.gnu.org/licenses/.
- Copyright (C) 2002-2008 Jan-�ke Larsson
+ Copyright (C) 2002-2010 Jan-�ke Larsson
************************************************************************/
@@ -79,9 +79,15 @@ dviunits SetChar(int32_t c)
if (currentfont==NULL)
Fatal("faulty DVI, trying to set character from null font");
-
- if (c>=0 && c<=LASTFNTCHAR)
- ptr = currentfont->chr[c];
+ if (c<0 || c>LASTFNTCHAR) {
+ Warning("glyph index out of range (%d), skipping",c);
+ return(0);
+ }
+ ptr=currentfont->chr[c];
+ if (ptr==NULL) {
+ Warning("unable to draw glyph %d, skipping",c);
+ return(0);
+ }
#ifdef DEBUG
switch (currentfont->type) {
case FONT_TYPE_VF: DEBUG_PRINT(DEBUG_DVI,("\n VF CHAR:\t")); break;
@@ -90,15 +96,15 @@ dviunits SetChar(int32_t c)
case FONT_TYPE_FT: DEBUG_PRINT(DEBUG_DVI,("\n FT CHAR:\t")); break;
default: DEBUG_PRINT(DEBUG_DVI,("\n NO CHAR:\t"))
}
- if (isprint(c))
+ if (debug & DEBUG_DVI && c>=0 && c<=UCHAR_MAX && isprint(c))
DEBUG_PRINT(DEBUG_DVI,("'%c' ",c));
DEBUG_PRINT(DEBUG_DVI,("%d at (%d,%d) tfmw %d", c,
dvi_stack->hh,dvi_stack->vv,ptr?ptr->tfmw:0));
#endif
if (currentfont->type==FONT_TYPE_VF) {
- return(SetVF(c));
+ return(SetVF(ptr));
} else {
- if (ptr!=NULL && ptr->data == NULL)
+ if (ptr->data == NULL)
switch(currentfont->type) {
case FONT_TYPE_PK: LoadPK(c, ptr); break;
#ifdef HAVE_LIBT1
@@ -111,8 +117,8 @@ dviunits SetChar(int32_t c)
Fatal("undefined fonttype %d",currentfont->type);
}
if (page_imagep != NULL)
- return(SetGlyph(c, dvi_stack->hh, dvi_stack->vv));
- else if (ptr!=NULL) {
+ return(SetGlyph(ptr, dvi_stack->hh, dvi_stack->vv));
+ else {
/* Expand bounding box if necessary */
min(x_min,dvi_stack->hh - ptr->xOffset/shrinkfactor);
min(y_min,dvi_stack->vv - ptr->yOffset/shrinkfactor);
--- texk/dvipng/dvipng.h
+++ texk/dvipng/dvipng.h 2010-03-18 07:43:26.000000000 +0000
@@ -18,7 +18,7 @@
License along with this program. If not, see
http://www.gnu.org/licenses/.
- Copyright (C) 2002-2008 Jan-�ke Larsson
+ Copyright (C) 2002-2010 Jan-�ke Larsson
************************************************************************/
@@ -387,9 +387,9 @@ void DrawPages(void);
void WriteImage(char*, int);
void LoadPK(int32_t, register struct char_entry *);
int32_t SetChar(int32_t);
-dviunits SetGlyph(int32_t c, int32_t hh,int32_t vv);
+dviunits SetGlyph(struct char_entry *ptr, int32_t hh,int32_t vv);
void Gamma(double gamma);
-int32_t SetVF(int32_t);
+int32_t SetVF(struct char_entry *ptr);
int32_t SetRule(int32_t, int32_t, int32_t, int32_t);
void SetSpecial(char *, int32_t, int32_t);
void BeginVFMacro(struct font_entry*);
--- texk/dvipng/set.c
+++ texk/dvipng/set.c 2010-03-17 12:52:27.000000000 +0000
@@ -18,7 +18,7 @@
License along with this program. If not, see
http://www.gnu.org/licenses/.
- Copyright (C) 2002-2008 Jan-�ke Larsson
+ Copyright (C) 2002-2010 Jan-�ke Larsson
************************************************************************/
@@ -203,23 +203,13 @@ void Gamma(double gamma)
}
}
-dviunits SetGlyph(int32_t c, int32_t hh,int32_t vv)
+dviunits SetGlyph(struct char_entry *ptr, int32_t hh,int32_t vv)
/* gdImageChar can only do monochrome glyphs */
{
- register struct char_entry *ptr;
int dst_alpha,dst_weight,tot_weight,alpha;
int x,y,pos=0;
int bgColor,pixelgrey,pixelcolor;
- if (c<0 || c>LASTFNTCHAR) {
- Warning("glyph index too large (%d), skipping",c);
- return(0);
- }
- ptr=currentfont->chr[c];
- if (ptr==NULL) {
- Warning("unable to draw glyph %d, skipping",c);
- return(0);
- }
hh -= ptr->xOffset/shrinkfactor;
vv -= ptr->yOffset/shrinkfactor;
/* Initialize persistent color cache. Perhaps this should be in
--- texk/dvipng/vf.c
+++ texk/dvipng/vf.c 2010-04-12 14:35:53.414925428 +0000
@@ -18,7 +18,7 @@
License along with this program. If not, see
http://www.gnu.org/licenses/.
- Copyright (C) 2002-2008 Jan-�ke Larsson
+ Copyright (C) 2002-2010 Jan-�ke Larsson
************************************************************************/
@@ -27,11 +27,10 @@
#define VF_ID 202
#define LONG_CHAR 242
-int32_t SetVF(int32_t c)
+int32_t SetVF(struct char_entry* ptr)
{
struct font_entry* currentvf;
unsigned char *command,*end;
- struct char_entry* ptr=currentfont->chr[c];
currentvf=currentfont;
BeginVFMacro(currentvf);
@@ -116,7 +115,7 @@ void InitVF(struct font_entry * tfontp)
tcharptr->tfmw = (int32_t)
((int64_t) tcharptr->tfmw * tfontp->s / (1 << 20));
DEBUG_PRINT(DEBUG_VF,(" (%d)",tcharptr->tfmw));
- if (c >= NFNTCHARS) /* Only positive for now */
+ if (c < 0 || c >= NFNTCHARS) /* Only positive for now */
Fatal("VF font %s exceeds char numbering limit",tfontp->name);
tfontp->chr[c] = tcharptr;
tcharptr->data=position;
--- texk/dvipsk/dospecial.c
+++ texk/dvipsk/dospecial.c 2010-04-12 14:24:43.054925381 +0000
@@ -333,6 +333,13 @@ predospecial(integer numbytes, Boolean s
int j ;
static int omega_specials = 0;
+ if (numbytes < 0
+ || (numbytes > 0 && 2 > INT_MAX / numbytes)
+ || 2 * numbytes > 1000 + 2 * numbytes) {
+ error("! Integer overflow in predospecial");
+ exit(1);
+ }
+
if (nextstring + numbytes > maxstring) {
p = nextstring = mymalloc(1000 + 2 * numbytes) ;
maxstring = nextstring + 2 * numbytes + 700 ;
--- texk/dvipsk/virtualfont.c
+++ texk/dvipsk/virtualfont.c 2010-04-12 14:38:15.699425323 +0000
@@ -2,6 +2,8 @@
* Here's the code to load a VF file into memory.
* Any resemblance between this file and loadfont.c is purely uncoincidental.
*/
+#include