pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2017Q1]: pkgsrc/print/a2ps Pullup ticket #5370 - requested by ...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/b63bd5244abb
branches:  pkgsrc-2017Q1
changeset: 360303:b63bd5244abb
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Thu Apr 27 18:26:21 2017 +0000

description:
Pullup ticket #5370 - requested by sevan
print/a2ps: security fix

Revisions pulled up:
- print/a2ps/Makefile                                           1.83
- print/a2ps/distinfo                                           1.17
- print/a2ps/patches/patch-CVE-2015-8107                        1.1

---
   Module Name:    pkgsrc
   Committed By:   tez
   Date:           Tue Apr 25 22:19:20 UTC 2017

   Modified Files:
           pkgsrc/print/a2ps: Makefile distinfo
   Added Files:
           pkgsrc/print/a2ps/patches: patch-CVE-2015-8107

   Log Message:
   Patch for CVE-2015-8107 from http://seclists.org/oss-sec/2015/q4/284

diffstat:

 print/a2ps/Makefile                    |   4 ++--
 print/a2ps/distinfo                    |   3 ++-
 print/a2ps/patches/patch-CVE-2015-8107 |  16 ++++++++++++++++
 3 files changed, 20 insertions(+), 3 deletions(-)

diffs (50 lines):

diff -r d2273fa26e88 -r b63bd5244abb print/a2ps/Makefile
--- a/print/a2ps/Makefile       Tue Apr 25 18:31:23 2017 +0000
+++ b/print/a2ps/Makefile       Thu Apr 27 18:26:21 2017 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.82 2017/01/19 18:52:22 agc Exp $
+# $NetBSD: Makefile,v 1.82.2.1 2017/04/27 18:26:21 bsiegert Exp $
 
 DISTNAME=              a2ps-4.14
-PKGREVISION=           9
+PKGREVISION=           10
 CATEGORIES=            print
 MASTER_SITES=          ${MASTER_SITE_GNU:=a2ps/}
 MASTER_SITES+=         ftp://ftp.enst.fr/pub/unix/a2ps/
diff -r d2273fa26e88 -r b63bd5244abb print/a2ps/distinfo
--- a/print/a2ps/distinfo       Tue Apr 25 18:31:23 2017 +0000
+++ b/print/a2ps/distinfo       Thu Apr 27 18:26:21 2017 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.16 2015/11/04 01:01:30 agc Exp $
+$NetBSD: distinfo,v 1.16.12.1 2017/04/27 18:26:21 bsiegert Exp $
 
 SHA1 (a2ps-4.14.tar.gz) = 365abbbe4b7128bf70dad16d06e23c5701874852
 RMD160 (a2ps-4.14.tar.gz) = a5105d6256a809483e099519325979aaaff7219e
@@ -8,6 +8,7 @@
 SHA1 (patch-CVE-2001-1593_2) = f3a40104b0c510480ce5107a8acf2924d4ef5974
 SHA1 (patch-CVE-2014-0466_1) = fa77ad336e307678e0c649e049b57d1fbc8c492f
 SHA1 (patch-CVE-2014-0466_2) = 1abc6d26bdf03d859cec53afc3f5c363942d9385
+SHA1 (patch-CVE-2015-8107) = 404b291b0c22b67aa4310f86e5aadea5160d1ea7
 SHA1 (patch-aa) = 6317b6abca697388538fc705037da55379a4e1e1
 SHA1 (patch-ab) = 7b1f1e3ed2af47e7d9864ec2dbcd7d105f93632a
 SHA1 (patch-ac) = 8e09c4c3b320b58bf12c4266d4d22977b5f9b826
diff -r d2273fa26e88 -r b63bd5244abb print/a2ps/patches/patch-CVE-2015-8107
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/print/a2ps/patches/patch-CVE-2015-8107    Thu Apr 27 18:26:21 2017 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-CVE-2015-8107,v 1.1.2.2 2017/04/27 18:26:21 bsiegert Exp $
+
+Patch for CVE-2015-8107 from http://seclists.org/oss-sec/2015/q4/284
+
+
+--- lib/output.c.orig  2017-04-25 21:23:33.908698400 +0000
++++ lib/output.c
+@@ -525,7 +525,7 @@ output_file (struct output * out, a2ps_j
+                    expand_user_string (job, FIRST_FILE (job),
+                                        (const uchar *) "Expand: requirement",
+                                        (const uchar *) token));
+-      output (dest, expansion);
++      output (dest, "%s", expansion);
+       continue;
+       }
+ 



Home | Main Index | Thread Index | Old Index