From 0932f518b5e61e09bfc492bf4ec315ff87220db5 Mon Sep 17 00:00:00 2001 From: LukenShiro Date: Thu, 13 May 2010 00:39:14 +0200 Subject: office/htmldoc: Updated for version 1.8.27 --- office/htmldoc/README | 18 +++++++--------- office/htmldoc/htmldoc.SlackBuild | 34 ++++++++++++++--------------- office/htmldoc/htmldoc.info | 2 ++ office/htmldoc/insecure_sscanf_patch.diff | 36 +++++++++++++++++++++++++++++++ office/htmldoc/slack-desc | 10 ++++----- 5 files changed, 68 insertions(+), 32 deletions(-) create mode 100644 office/htmldoc/insecure_sscanf_patch.diff diff --git a/office/htmldoc/README b/office/htmldoc/README index 502c7d31f4..e975de15f8 100644 --- a/office/htmldoc/README +++ b/office/htmldoc/README @@ -1,11 +1,9 @@ -HTMLDOC converts Hyper-Text Markup Language ("HTML") input files into -indexed HTML, Adobe(r) PostScript(r), or Adobe(r) Portable Document -Format ("PDF") files. -HTMLDOC supports most HTML 3.2 elements, some HTML 4.0 elements, and -can generate title and table of contents pages. The 1.8.x releases -do not support stylesheets. -HTMLDOC can be used as a standalone application, in a batch document -processing environment, or as a web-based report generation application. -No restrictions are placed upon the output produced by HTMLDOC. +HTMLDOC converts Hyper-Text Markup Language ("HTML") input files into indexed +HTML, Adobe(r) PostScript(r), or Adobe(r) Portable Document Format ("PDF") +files. HTMLDOC supports most HTML 3.2 elements, some HTML 4.0 elements, and +can generate title and table of contents pages. The 1.8.x releases do not +support stylesheets. HTMLDOC can be used as a standalone application, in a +batch document processing environment, or as a web-based report generation +application. No restrictions are placed upon the output produced by HTMLDOC. -htmldoc requires fltk (available on SlackBuilds.org). +This requires fltk. diff --git a/office/htmldoc/htmldoc.SlackBuild b/office/htmldoc/htmldoc.SlackBuild index 092643cf79..3dcaa59958 100644 --- a/office/htmldoc/htmldoc.SlackBuild +++ b/office/htmldoc/htmldoc.SlackBuild @@ -2,7 +2,7 @@ # Slackware build script for htmldoc -# Copyright 2009 LukenShiro +# Copyright 2009-2010 LukenShiro # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,12 +22,13 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# Thanks to Gentoo htmldoc's .ebuild maintainer for hints about configure's workaround +# Thanks to Gentoo htmldoc's .ebuild maintainer for hints about configure's +# workaround, and for a patch to fix CVE-2009-3050. PRGNAM=htmldoc VERSION=1.8.27 ARCH=${ARCH:-i486} -BUILD=${BUILD:-2} +BUILD=${BUILD:-3} TAG=${TAG:-_SBo} CWD=$(pwd) @@ -48,14 +49,11 @@ elif [ "$ARCH" = "x86_64" ]; then LIBDIRSUFFIX="64" fi -# Exit on most errors -set -e - rm -rf $PKG mkdir -p $TMP $PKG $OUTPUT cd $TMP rm -rf $PRGNAM-$VERSION -tar xjf $CWD/$PRGNAM-$VERSION-source.tar.bz2 +tar xvf $CWD/$PRGNAM-$VERSION-source.tar.bz2 cd $PRGNAM-$VERSION chown -R root:root . chmod -R u+w,go+r-w,a-s . @@ -81,14 +79,14 @@ CXXFLAGS="$SLKCFLAGS" \ sed -i 's|\$(datadir)/doc/htmldoc|\$(prefix)/doc/htmldoc-1.8.27|g' \ doc/Makefile -make all +# Apply patch to fix several insecure calls to sscanf(). +# It's intended to resolve CVE-2009-3050 vulnerability. +patch -p0 < $CWD/insecure_sscanf_patch.diff + +make all || exit 1 + # DESTDIR= is not supported -make prefix=$PKG/usr install -# Documentation -cd doc -make all -make prefix=$PKG/usr install -cd .. +make prefix=$PKG/usr install || exit 1 # Copy some files who are not automatically installed (main binary, .desktop, icons, etc..) mkdir -p $PKG/usr/bin @@ -111,8 +109,10 @@ cp -a desktop/htmldoc-96.png $PKG/usr/share/icons/hicolor/96x96/apps/$PRGNAM.png cp -a desktop/htmldoc-128.png $PKG/usr/share/icons/hicolor/128x128/apps/$PRGNAM.png ( cd $PKG - find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | \ + xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | \ + xargs strip --strip-unneeded 2> /dev/null ) ( cd $PKG/usr/man @@ -131,4 +131,4 @@ cat $CWD/slack-desc > $PKG/install/slack-desc cat $CWD/doinst.sh > $PKG/install/doinst.sh cd $PKG -/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/office/htmldoc/htmldoc.info b/office/htmldoc/htmldoc.info index a5a9baf698..55e325f415 100644 --- a/office/htmldoc/htmldoc.info +++ b/office/htmldoc/htmldoc.info @@ -3,6 +3,8 @@ VERSION="1.8.27" HOMEPAGE="http://www.htmldoc.org/index.php" DOWNLOAD="http://ftp.funet.fi/pub/mirrors/ftp.easysw.com/pub/htmldoc/1.8.27/htmldoc-1.8.27-source.tar.bz2" MD5SUM="35589e7b8fe9c54e11be87cd5aec4dcc" +DOWNLOAD_x86_64="" +MD5SUM_x86_64="" MAINTAINER="LukenShiro" EMAIL="lukenshiro@ngi.it" APPROVED="dsomero" diff --git a/office/htmldoc/insecure_sscanf_patch.diff b/office/htmldoc/insecure_sscanf_patch.diff new file mode 100644 index 0000000000..2047c7f7d2 --- /dev/null +++ b/office/htmldoc/insecure_sscanf_patch.diff @@ -0,0 +1,36 @@ +diff -ru htmldoc/htmllib.cxx htmldoc/htmllib.cxx +--- htmldoc/htmllib.cxx 2006-06-07 19:43:52.000000000 +0200 ++++ htmldoc/htmllib.cxx 2009-08-01 19:52:46.301099436 +0200 +@@ -2139,7 +2139,7 @@ + * assigned charset... + */ + +- if (sscanf(line, "%*s%*s%*s%*s%f%*s%*s%s", &width, glyph) != 2) ++ if (sscanf(line, "%*s%*s%*s%*s%f%*s%*s%63s", &width, glyph) != 2) + continue; + + for (ch = 0; ch < 256; ch ++) +diff -ru htmldoc/ps-pdf.cxx htmldoc/ps-pdf.cxx +--- htmldoc/ps-pdf.cxx 2006-08-01 18:58:50.000000000 +0200 ++++ htmldoc/ps-pdf.cxx 2009-08-01 19:53:14.300610480 +0200 +@@ -12512,7 +12512,7 @@ + * assigned charset... + */ + +- if (sscanf(line, "%*s%*s%*s%*s%d%*s%*s%s", &width, glyph) != 2) ++ if (sscanf(line, "%*s%*s%*s%*s%d%*s%*s%63s", &width, glyph) != 2) + continue; + + for (ch = 0; ch < 256; ch ++) +diff -ru htmldoc/util.cxx htmldoc/util.cxx +--- htmldoc/util.cxx 2005-04-24 21:20:32.000000000 +0200 ++++ htmldoc/util.cxx 2009-08-01 19:52:14.469652088 +0200 +@@ -484,7 +484,7 @@ + PageWidth = 595; + PageLength = 792; + } +- else if (sscanf(size, "%fx%f%s", &width, &length, units) >= 2) ++ else if (sscanf(size, "%fx%f%254s", &width, &length, units) >= 2) + { + /* + * Custom size... diff --git a/office/htmldoc/slack-desc b/office/htmldoc/slack-desc index f12a4d19d3..27ce884f1d 100644 --- a/office/htmldoc/slack-desc +++ b/office/htmldoc/slack-desc @@ -7,13 +7,13 @@ |-----handy-ruler------------------------------------------------------| htmldoc: htmldoc (an HTML to indexed HTML, ps and pdf conversion tool) -htmldoc: +htmldoc: htmldoc: It converts Hyper-Text Markup Language ("HTML") input files into htmldoc: indexed HTML, Adobe(r) PostScript(r), or Adobe(r) Portable Document htmldoc: Format ("PDF") files. htmldoc: It is a product by Easy Software Products. -htmldoc: +htmldoc: htmldoc: Homepage: http://www.htmldoc.org/index.php -htmldoc: -htmldoc: -htmldoc: +htmldoc: +htmldoc: +htmldoc: -- cgit v1.2.3