pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2017Q1]: pkgsrc/print/a2ps Pullup ticket #5370 - requested by ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/b63bd5244abb
branches: pkgsrc-2017Q1
changeset: 360303:b63bd5244abb
user: bsiegert <bsiegert%pkgsrc.org@localhost>
date: Thu Apr 27 18:26:21 2017 +0000
description:
Pullup ticket #5370 - requested by sevan
print/a2ps: security fix
Revisions pulled up:
- print/a2ps/Makefile 1.83
- print/a2ps/distinfo 1.17
- print/a2ps/patches/patch-CVE-2015-8107 1.1
---
Module Name: pkgsrc
Committed By: tez
Date: Tue Apr 25 22:19:20 UTC 2017
Modified Files:
pkgsrc/print/a2ps: Makefile distinfo
Added Files:
pkgsrc/print/a2ps/patches: patch-CVE-2015-8107
Log Message:
Patch for CVE-2015-8107 from http://seclists.org/oss-sec/2015/q4/284
diffstat:
print/a2ps/Makefile | 4 ++--
print/a2ps/distinfo | 3 ++-
print/a2ps/patches/patch-CVE-2015-8107 | 16 ++++++++++++++++
3 files changed, 20 insertions(+), 3 deletions(-)
diffs (50 lines):
diff -r d2273fa26e88 -r b63bd5244abb print/a2ps/Makefile
--- a/print/a2ps/Makefile Tue Apr 25 18:31:23 2017 +0000
+++ b/print/a2ps/Makefile Thu Apr 27 18:26:21 2017 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.82 2017/01/19 18:52:22 agc Exp $
+# $NetBSD: Makefile,v 1.82.2.1 2017/04/27 18:26:21 bsiegert Exp $
DISTNAME= a2ps-4.14
-PKGREVISION= 9
+PKGREVISION= 10
CATEGORIES= print
MASTER_SITES= ${MASTER_SITE_GNU:=a2ps/}
MASTER_SITES+= ftp://ftp.enst.fr/pub/unix/a2ps/
diff -r d2273fa26e88 -r b63bd5244abb print/a2ps/distinfo
--- a/print/a2ps/distinfo Tue Apr 25 18:31:23 2017 +0000
+++ b/print/a2ps/distinfo Thu Apr 27 18:26:21 2017 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.16 2015/11/04 01:01:30 agc Exp $
+$NetBSD: distinfo,v 1.16.12.1 2017/04/27 18:26:21 bsiegert Exp $
SHA1 (a2ps-4.14.tar.gz) = 365abbbe4b7128bf70dad16d06e23c5701874852
RMD160 (a2ps-4.14.tar.gz) = a5105d6256a809483e099519325979aaaff7219e
@@ -8,6 +8,7 @@
SHA1 (patch-CVE-2001-1593_2) = f3a40104b0c510480ce5107a8acf2924d4ef5974
SHA1 (patch-CVE-2014-0466_1) = fa77ad336e307678e0c649e049b57d1fbc8c492f
SHA1 (patch-CVE-2014-0466_2) = 1abc6d26bdf03d859cec53afc3f5c363942d9385
+SHA1 (patch-CVE-2015-8107) = 404b291b0c22b67aa4310f86e5aadea5160d1ea7
SHA1 (patch-aa) = 6317b6abca697388538fc705037da55379a4e1e1
SHA1 (patch-ab) = 7b1f1e3ed2af47e7d9864ec2dbcd7d105f93632a
SHA1 (patch-ac) = 8e09c4c3b320b58bf12c4266d4d22977b5f9b826
diff -r d2273fa26e88 -r b63bd5244abb print/a2ps/patches/patch-CVE-2015-8107
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/print/a2ps/patches/patch-CVE-2015-8107 Thu Apr 27 18:26:21 2017 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-CVE-2015-8107,v 1.1.2.2 2017/04/27 18:26:21 bsiegert Exp $
+
+Patch for CVE-2015-8107 from http://seclists.org/oss-sec/2015/q4/284
+
+
+--- lib/output.c.orig 2017-04-25 21:23:33.908698400 +0000
++++ lib/output.c
+@@ -525,7 +525,7 @@ output_file (struct output * out, a2ps_j
+ expand_user_string (job, FIRST_FILE (job),
+ (const uchar *) "Expand: requirement",
+ (const uchar *) token));
+- output (dest, expansion);
++ output (dest, "%s", expansion);
+ continue;
+ }
+
Home |
Main Index |
Thread Index |
Old Index