commit 4dcb875f396dbcb85645c2082072c7abb22cdd9a Author: overweight <5324761+overweight@user.noreply.gitee.com> Date: Mon Sep 30 10:51:56 2019 -0400 Package init diff --git a/0002-load-site-font-and-site-tmac-from-etc-groff.patch b/0002-load-site-font-and-site-tmac-from-etc-groff.patch new file mode 100644 index 0000000..857badf --- /dev/null +++ b/0002-load-site-font-and-site-tmac-from-etc-groff.patch @@ -0,0 +1,43 @@ +From c6d8bb3e0ebc03274564d7b2c768e9932cc5f79d Mon Sep 17 00:00:00 2001 +From: Jan Vcelak +Date: Tue, 1 Jan 2013 15:33:45 +0100 +Subject: [PATCH] load site-font and site-tmac from /etc/groff + +Move site-font and site-tmac configuration from /usr/share/groff to +/etc/groff. That allows permanent custom changes. (Symlinking brought +a lot of problems with RPM. This is safer and cleaner.) + +Signed-off-by: Jan Vcelak +--- + Makefile.in | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/Makefile.in b/Makefile.in +index 505e9c3..fe1c56b 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -3573,7 +3573,7 @@ fontdir = $(datasubdir)/font + oldfontdir = $(datasubdir)/oldfont + + # `localfontdir' says where local fonts will be installed (as dev*/*). +-localfontdir = $(dataprogramdir)/site-font ++localfontdir=@sysconfdir@/groff/site-font + + # `legacyfontdir' is for compatibility with non-GNU troff. + legacyfontdir = /usr/lib/font +@@ -3585,10 +3585,10 @@ fontpath = $(localfontdir)$(RT_SEP)$(fontdir)$(RT_SEP)$(legacyfontdir) + tmacdir = $(datasubdir)/tmac + + # `systemtmacdir' says where to install platform-dependent macros. +-systemtmacdir = $(libprogramdir)/site-tmac ++systemtmacdir=@sysconfdir@/groff/site-tmac + + # `localtmacdir' says where local files will be installed. +-localtmacdir = $(dataprogramdir)/site-tmac ++localtmacdir=@sysconfdir@/groff/site-tmac + + # appresdir + # `appresdir' says where to install the application resource file for +-- +2.19.1 + diff --git a/0003-various-security-fixes.patch b/0003-various-security-fixes.patch new file mode 100644 index 0000000..bd713e0 --- /dev/null +++ b/0003-various-security-fixes.patch @@ -0,0 +1,154 @@ +From 36115e102859badb08cb5b2398de6b0ba45421d3 Mon Sep 17 00:00:00 2001 +From: Jan Vcelak +Date: Tue, 4 Nov 2014 14:36:47 +0100 +Subject: [PATCH] various security fixes + +CVE-2009-5044 (#709413) +CVE-2009-5080 (#720058) +CVE-2009-5081 (#720057) + +Based on: http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff?rev=1.2;content-type=text%2Fplain +Resolves: #709415, #720060 +Signed-off-by: Jan Vcelak +--- + contrib/eqn2graph/eqn2graph.sh | 2 ++ + contrib/gdiffmk/tests/runtests.in | 5 +++-- + contrib/grap2graph/grap2graph.sh | 2 ++ + contrib/groffer/main_subs.pl | 10 +++++----- + contrib/groffer/roff2.pl | 2 +- + contrib/pdfmark/pdfroff.man | 5 +++-- + contrib/pic2graph/pic2graph.sh | 2 ++ + doc/fixinfo.sh | 5 +++-- + doc/groff.info-2 | 6 +++--- + doc/groff.texinfo | 6 +++--- + gendef.sh | 10 +++------- + 11 files changed, 30 insertions(+), 25 deletions(-) + +diff --git a/contrib/eqn2graph/eqn2graph.sh b/contrib/eqn2graph/eqn2graph.sh +index 3e9c374..4e4f11e 100644 +--- a/contrib/eqn2graph/eqn2graph.sh ++++ b/contrib/eqn2graph/eqn2graph.sh +@@ -74,6 +74,8 @@ then + # but is supported by the stripped-down dash shell, for instance. + tmp="$d/eqn2graph$$-${RANDOM:-$PPID}" + (umask 077 && mkdir "$tmp") 2> /dev/null ++ ++ tmp= + fi + + if ! test -d "$tmp" +diff --git a/contrib/grap2graph/grap2graph.sh b/contrib/grap2graph/grap2graph.sh +index 29df25b..94c436b 100644 +--- a/contrib/grap2graph/grap2graph.sh ++++ b/contrib/grap2graph/grap2graph.sh +@@ -76,6 +76,8 @@ then + # but is supported by the stripped-down dash shell, for instance. + tmp="$d/grap2graph$$-${RANDOM:-$PPID}" + (umask 077 && mkdir "$tmp") 2> /dev/null ++ ++ tmp= + fi + + if ! test -d "$tmp" +diff --git a/contrib/groffer/main_subs.pl b/contrib/groffer/main_subs.pl +index a40e356..c8c4e53 100644 +--- a/contrib/groffer/main_subs.pl ++++ b/contrib/groffer/main_subs.pl +@@ -1244,7 +1244,7 @@ sub main_temp { + our $fh_stdin; + our $tmp_cat; + our $tmp_stdin; +- my $template = 'groffer_' . "$$" . '_XXXX'; ++ my $template = 'groffer_' . "$$" . '_XXXXXXXXXX'; + foreach ($ENV{'GROFF_TMPDIR'}, $ENV{'TMPDIR'}, $ENV{'TMP'}, $ENV{'TEMP'}, + $ENV{'TEMPDIR'}, File::Spec->catfile($ENV{'HOME'}, 'tmp')) { + if ($_ && -d $_ && -w $_) { +@@ -1276,12 +1276,12 @@ sub main_temp { + + # further argument: SUFFIX => '.sh' + if ($Debug{'KEEP'}) { +- ($fh_cat, $tmp_cat) = tempfile(',cat_XXXX', DIR => $tmpdir); +- ($fh_stdin, $tmp_stdin) = tempfile(',stdin_XXXX', DIR => $tmpdir); ++ ($fh_cat, $tmp_cat) = tempfile(',cat_XXXXXXXXXX', DIR => $tmpdir); ++ ($fh_stdin, $tmp_stdin) = tempfile(',stdin_XXXXXXXXXX', DIR => $tmpdir); + } else { +- ($fh_cat, $tmp_cat) = tempfile(',cat_XXXX', UNLINK => 1, ++ ($fh_cat, $tmp_cat) = tempfile(',cat_XXXXXXXXXX', UNLINK => 1, + DIR => $tmpdir); +- ($fh_stdin, $tmp_stdin) = tempfile(',stdin_XXXX', UNLINK => 1, ++ ($fh_stdin, $tmp_stdin) = tempfile(',stdin_XXXXXXXXXX', UNLINK => 1, + DIR => $tmpdir); + } + } # main_temp() +diff --git a/contrib/groffer/roff2.pl b/contrib/groffer/roff2.pl +index cf5c583..24af006 100755 +--- a/contrib/groffer/roff2.pl ++++ b/contrib/groffer/roff2.pl +@@ -123,7 +123,7 @@ if ($Has_Groffer) { + last; + } + } +- my $template = $Name . '_XXXX'; ++ my $template = $Name . '_XXXXXXXXXX'; + my ($fh, $stdin); + if ($tempdir) { + ($fh, $stdin) = tempfile($template, UNLINK => 1, DIR => $tempdir) || +diff --git a/contrib/pic2graph/pic2graph.sh b/contrib/pic2graph/pic2graph.sh +index b229914..2d6e77c 100644 +--- a/contrib/pic2graph/pic2graph.sh ++++ b/contrib/pic2graph/pic2graph.sh +@@ -89,6 +89,8 @@ then + # but is supported by the stripped-down dash shell, for instance. + tmp="$d/pic2graph$$-${RANDOM:-$PPID}" + (umask 077 && mkdir "$tmp") 2> /dev/null ++ ++ tmp= + fi + + if ! test -d "$tmp" +diff --git a/doc/fixinfo.sh b/doc/fixinfo.sh +index 47127f8..ce0f565 100644 +--- a/doc/fixinfo.sh ++++ b/doc/fixinfo.sh +@@ -24,7 +24,9 @@ + # + # 09-2014: no more problem with texinfo 5.0 or higher + # +-t=${TMPDIR-.}/gro$$.tmp ++t="`mktemp -t groff-fixinfo.XXXXXXXXXX`" || exit ++trap 'rm -f -- "$t"' EXIT ++trap 'trap - EXIT; rm -f -- "$t"; exit 1' HUP INT QUIT TERM + + cat $1 | sed ' + 1 { +diff --git a/gendef.sh b/gendef.sh +index be41dbe..4770bae 100644 +--- a/gendef.sh ++++ b/gendef.sh +@@ -33,11 +33,9 @@ do + #define $def" + done + +-# Use $TMPDIR if defined. Default to cwd, for non-Unix systems +-# which don't have /tmp on each drive (we are going to remove +-# the file before we exit anyway). Put the PID in the basename, +-# since the extension can only hold 3 characters on MS-DOS. +-t=${TMPDIR-.}/gro$$.tmp ++t="`mktemp -t groff-gendef.XXXXXXXXXX`" || exit ++trap 'rm -f -- "$t"' EXIT ++trap 'trap - EXIT; rm -f -- "$t"; exit 1' HUP INT QUIT TERM + + sed -e 's/=/ /' >$t < +Date: Tue, 4 Nov 2014 14:49:57 +0100 +Subject: [PATCH] don't use /usr/bin/env in shebang + +There might be an issue that the script is executed with unwanted version of + if that language is provided by enabled dynamic software collection. + +Resolves: #987069 +--- + contrib/chem/chem.pl | 2 +- + contrib/groffer/groffer.pl | 2 +- + contrib/groffer/roff2.pl | 2 +- + src/roff/grog/grog.pl | 2 +- + 4 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/contrib/chem/chem.pl b/contrib/chem/chem.pl +index 1a8b3cc..15eda5f 100755 +--- a/contrib/chem/chem.pl ++++ b/contrib/chem/chem.pl +@@ -1,4 +1,4 @@ +-#! /usr/bin/env perl ++#! /usr/bin/perl + + # chem - a groff preprocessor for producing chemical structure diagrams + +diff --git a/contrib/groffer/groffer.pl b/contrib/groffer/groffer.pl +index 4e2e575..913e8eb 100755 +--- a/contrib/groffer/groffer.pl ++++ b/contrib/groffer/groffer.pl +@@ -1,4 +1,4 @@ +-#! /usr/bin/env perl ++#! /usr/bin/perl + + # groffer - display groff files + +diff --git a/contrib/groffer/roff2.pl b/contrib/groffer/roff2.pl +index f0ca9f2..1b8577f 100755 +--- a/contrib/groffer/roff2.pl ++++ b/contrib/groffer/roff2.pl +@@ -1,4 +1,4 @@ +-#! /usr/bin/env perl ++#! /usr/bin/perl + + # roff2* - transform roff files into other formats + +diff --git a/src/roff/grog/grog.pl b/src/roff/grog/grog.pl +index fb7b54c..9baa869 100644 +--- a/src/roff/grog/grog.pl ++++ b/src/roff/grog/grog.pl +@@ -1,4 +1,4 @@ +-#! /usr/bin/env perl ++#! /usr/bin/perl + # grog - guess options for groff command + # Inspired by doctype script in Kernighan & Pike, Unix Programming + # Environment, pp 306-8. +-- +1.9.3 + diff --git a/groff-1.22.4.tar.gz b/groff-1.22.4.tar.gz new file mode 100644 index 0000000..7f153db Binary files /dev/null and b/groff-1.22.4.tar.gz differ diff --git a/groff.spec b/groff.spec new file mode 100644 index 0000000..9601757 --- /dev/null +++ b/groff.spec @@ -0,0 +1,195 @@ +%global __requires_exclude %{?__requires_exclude:%__requires_exclude|}^perl\\([^.]*\\.pl\\) +Name: groff +Version: 1.22.4 +Release: 1 +Summary: A typesetting system +License: GPLv3+ and GFDL and BSD and MIT +URL: http://www.gnu.org/software/groff/ +Source: http://ftp.gnu.org/gnu/groff/groff-%{version}.tar.gz + +Patch1: 0002-load-site-font-and-site-tmac-from-etc-groff.patch +# resolves: #709413, #720058, #720057 +Patch2: 0003-various-security-fixes.patch +# resolves: #987069 +Patch3: 0004-don-t-use-usr-bin-env-in-shebang.patch + +BuildRequires: gcc, gcc-c++ +BuildRequires: git, netpbm-progs, perl-generators, psutils, ghostscript +BuildRequires: libXaw-devel, libXmu-devel +BuildRequires: jbig2dec-libs +Requires: coreutils + +Obsoletes: %{name}-base < %{version}-%{release} +Obsoletes: %{name}-perl < %{version}-%{release} +Obsoletes: %{name}-x11 < %{version}-%{release} +Obsoletes: %{name}-gxditview < 1.20.1 +Provides: %{name}-base +Provides: %{name}-perl +Provides: %{name}-x11 +Provides: groff-gxditview = %{version}-%{release} +Provides: nroff-i18n = %{version}-%{release} + +%description +Groff (GNU troff) is a typesetting system that reads plain text mixed +with formatting commands and produces formatted output. Output may be +PostScript or PDF, html, or ASCII/UTF8 for display at the terminal. +Formatting commands may be either low-level typesetting requests +(“primitives”) or macros from a supplied set. Users may also write +their own macros. All three may be combined. + +%package help +Summary: Documents for %{name} +Buildarch: noarch +Requires: man info +Requires: groff = %{version}-%{release} + +Obsoletes: %{name}-doc < %{version}-%{release} +Provides: %{name}-doc + +%description help +Man pages and other related documents for %{name}. + +%prep +%autosetup -n %{name}-%{version} -p1 + +for file in NEWS src/devices/grolbp/grolbp.1.man doc/webpage.ms \ + contrib/mm/*.man contrib/mom/examples/{README.txt,*.mom,mom.vim}; do + iconv -f iso-8859-1 -t utf-8 < "$file" > "${file}_" + mv "${file}_" "$file" +done + +%build +%configure \ + --docdir=%{_docdir}/%{name}-%{version} \ + --with-appresdir=%{_datadir}/X11/app-defaults \ + --with-grofferdir=%{_datadir}/%{name}/%{version}/groffer +%make_build + +%install +%make_install + +# some binaries need alias with 'g' or 'z' prefix +for file in g{nroff,troff,tbl,pic,eqn,neqn,refer,lookbib,indxbib,soelim} zsoelim; do + ln -s ${file#?} %{buildroot}%{_bindir}/${file} + ln -s ${file#?}.1.gz %{buildroot}%{_mandir}/man1/${file}.1.gz +done + +# fix absolute symlink to relative symlink +rm -f %{buildroot}%{_docdir}/%{name}-%{version}/pdf/mom-pdf.pdf +ln -s ../examples/mom/mom-pdf.pdf %{buildroot}%{_docdir}/%{name}-%{version}/pdf/mom-pdf.pdf + +# rename groff downloadable postscript fonts(bz #477394) +for file in $(find %{buildroot}%{_datadir}/%{name}/%{version}/font/devps -name "*.pfa"); do + mv ${file} ${file}_ +done +sed --in-place 's/\.pfa$/.pfa_/' %{buildroot}%{_datadir}/%{name}/%{version}/font/devps/download + +# remove unnecessary files +rm -f %{buildroot}%{_infodir}/dir + +# fix privileges +chmod 755 %{buildroot}%{_datadir}/groff/%{version}/groffer/version.sh +chmod 755 %{buildroot}%{_datadir}/groff/%{version}/font/devlj4/generate/special.awk + +# remove CreationDate +pushd %{buildroot}%{_docdir}/%{name}-%{version} + find -name "*.html" | xargs sed -i "/^