Fixes symlink attack (#250554), sets CC (#243660), CFLAGS (#240078) and installs english docs (#112592)

(Portage version: 2.2_rc23/cvs/Linux i686)
author: Torsten Veller <tove@gentoo.org> 2009-03-09 15:46:27 +0000
committer: Torsten Veller <tove@gentoo.org> 2009-03-09 15:46:27 +0000
commit: f29c6f8737063556acf53c28f550a7cf408f6c36 (patch)
tree: 0c6480c48e64a78adaa88952481a1474928426a5 /app-misc/muttprint
parent: Sparc stable, Bug #261673. (diff)
download: gentoo-2-f29c6f8737063556acf53c28f550a7cf408f6c36.tar.gz
gentoo-2-f29c6f8737063556acf53c28f550a7cf408f6c36.tar.bz2
gentoo-2-f29c6f8737063556acf53c28f550a7cf408f6c36.zip
6 files changed, 298 insertions, 7 deletions
diff --git a/app-misc/muttprint/ChangeLog b/app-misc/muttprint/ChangeLog
index 9dc145b03211..2f07d1c50c4d 100644
--- a/app-misc/muttprint/ChangeLog
+++ b/app-misc/muttprint/ChangeLog
@@ -1,6 +1,15 @@
 # ChangeLog for app-misc/muttprint
-# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-misc/muttprint/ChangeLog,v 1.32 2008/09/03 21:09:48 opfer Exp $
+# Copyright 2002-2009 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/app-misc/muttprint/ChangeLog,v 1.33 2009/03/09 15:46:27 tove Exp $
+
+*muttprint-0.72d-r1 (09 Mar 2009)
+
+  09 Mar 2009; Torsten Veller <tove@gentoo.org>
+  +files/muttprint-CVE-2008-5368.patch, +files/muttprint-ldflags.patch,
+  +files/muttprint-no_html_docs.patch, +muttprint-0.72d-r1.ebuild:
+  Fixes symlink attack (#250554), sets CC (#243660), CFLAGS (#240078)
+  and installs english docs (#112592).
+  Now maintainer-needed.
 
   03 Sep 2008; Christian Faulhammer <opfer@gentoo.org>
   muttprint-0.72a.ebuild, muttprint-0.72b.ebuild, muttprint-0.72d.ebuild:
diff --git a/app-misc/muttprint/files/muttprint-CVE-2008-5368.patch b/app-misc/muttprint/files/muttprint-CVE-2008-5368.patch
new file mode 100644
index 000000000000..d80b12dfc91f
--- /dev/null
+++ b/app-misc/muttprint/files/muttprint-CVE-2008-5368.patch
@@ -0,0 +1,80 @@
+
+--- muttprint-0.72d/muttprint	2008/11/27 20:21:34	235
++++ muttprint-0.72d/muttprint	2008/12/25 14:26:39	236
+@@ -38,6 +46,9 @@
+ use POSIX;
+ use Text::Wrap;
+ use File::Temp qw(tempdir);
++use File::Temp qw(tempfile);
++use File::Spec qw(tmpdir);
++use File::stat qw(stat);
+ use utf8;
+ 
+ # boolean type
+@@ -1122,21 +1131,49 @@
+ 	}
+ }
+ 
+-sub createTemp () {
+-	#
+-	# temp directory / temp files
+-	$Temp{dir} = tempdir("muttprint-XXXXXX", TMPDIR => 1, CLEANUP => 1);
+-	$Temp{content} = "$Temp{dir}/content";
+-	$Temp{latex} = "$Temp{dir}/mail.tex";
+-	$Temp{logf} = "/tmp/muttprint.log";
+-	$Temp{dvi} = "$Temp{dir}/mail.dvi";
+-	$Temp{ps} = "$Temp{dir}/mail.ps";
+-	$Temp{psnew} = "$Temp{dir}/mail-new.ps";
+-	$Temp{ps1} = "$Temp{dir}/mail1.ps";
+-	$Temp{ps2} = "$Temp{dir}/mail2.ps";
+-	$Temp{xf_raw} = "$Temp{dir}/xface.raw";
+-	$Temp{xf_xbm} = "$Temp{dir}/xface.xbm";
+-	$Temp{xf_eps} = "$Temp{dir}/xface.eps";
++sub createTemp () 
++{ ## set temporary directories and files ##
++	
++	my $logf = "/tmp/muttprint.log";
++	
++	if (-e $logf)
++	{ ## 2008-12-24 -- Lukas Ruf
++		# close CVE-2008-5368 -- muttprint vulnerable to symlink attack
++		# ensure "/tmp/muttprint.log" adheres to the following constraints
++		# 	- owner is current user
++		# 	- only real files are allowed
++		# if any of these fail, create a temporary file by use of tempfile()
++
++		## check ownership ##
++		my $stat 					= stat($logf) || die "ERROR: no $logf";
++		my $is_owner  		= $stat->uid == $< || $stat->uid == $>;
++		my $is_regfile 		= (-f $logf);
++
++		## adjust the logfile if any of those checks fails ##
++		if (!$is_owner || !$is_regfile)
++		{ ## create a temporary logfile ##
++			my $logfh = 0;
++			($logfh, $logf) = tempfile("muttprint-XXXXXX", UNLINK => 0, SUFFIX => ".log");
++
++			my $logd = File::Spec->tmpdir();
++			$logf = "$logd"."/"."$logf";
++			close $logfh || die "ERROR: closing $logf";
++		}
++	}
++
++	$Temp{dir} 			= tempdir("muttprint-XXXXXX", TMPDIR => 1, CLEANUP => 1);
++	$Temp{content} 	= "$Temp{dir}/content";
++	$Temp{latex} 		= "$Temp{dir}/mail.tex";
++	$Temp{logf} 		= "$logf";
++	$Temp{dvi} 			= "$Temp{dir}/mail.dvi";
++	$Temp{ps} 			= "$Temp{dir}/mail.ps";
++	$Temp{psnew} 		= "$Temp{dir}/mail-new.ps";
++	$Temp{ps1} 			= "$Temp{dir}/mail1.ps";
++	$Temp{ps2} 			= "$Temp{dir}/mail2.ps";
++	$Temp{xf_raw} 	= "$Temp{dir}/xface.raw";
++	$Temp{xf_xbm} 	= "$Temp{dir}/xface.xbm";
++	$Temp{xf_eps} 	= "$Temp{dir}/xface.eps";
++	
+ }
+ 
+ ##############################################################################
+
+
diff --git a/app-misc/muttprint/files/muttprint-ldflags.patch b/app-misc/muttprint/files/muttprint-ldflags.patch
new file mode 100644
index 000000000000..abbd0cde4aa0
--- /dev/null
+++ b/app-misc/muttprint/files/muttprint-ldflags.patch
@@ -0,0 +1,19 @@
+--- muttprint-0.72d/langinfo/Makefile
++++ muttprint-0.72d/langinfo/Makefile
+@@ -21,13 +21,13 @@
+ all: muttprint-langinfo
+ 
+ muttprint-langinfo: main.o muttprint-langinfo.o muttprint-langinfo.h
+-	$(CC) $(CCFLAGS) -o muttprint-langinfo muttprint-langinfo.o main.o
++	$(CC) $(LDFLAGS) -o muttprint-langinfo muttprint-langinfo.o main.o
+ 
+ main.o: main.c muttprint-langinfo.h
+-	$(CC) $(CCFLAGS) -c -o main.o main.c
++	$(CC) $(CFLAGS) -c -o main.o main.c
+ 
+ muttprint-langinfo.o: muttprint-langinfo.c
+-	$(CC) $(CCFLAGS) -c -o muttprint-langinfo.o muttprint-langinfo.c
++	$(CC) $(CFLAGS) -c -o muttprint-langinfo.o muttprint-langinfo.c
+ 	
+ install: 
+ 	test -x muttprint-langinfo && \
diff --git a/app-misc/muttprint/files/muttprint-no_html_docs.patch b/app-misc/muttprint/files/muttprint-no_html_docs.patch
new file mode 100644
index 000000000000..f5787102db2a
--- /dev/null
+++ b/app-misc/muttprint/files/muttprint-no_html_docs.patch
@@ -0,0 +1,148 @@
+--- muttprint-0.72d/doc/manpages/de/muttprint.pod
++++ muttprint-0.72d/doc/manpages/de/muttprint.pod
+@@ -22,7 +22,7 @@
+ nur die wichtigen Header und nicht alle.
+ 
+ Eine ausf�rliche Benutzeranleitung finden Sie in 
+-F<##DOCDIR##/muttprint/> im PDF- und HTML-Format.
++F<##DOCDIR##/muttprint/> im PDF--Format.
+ 
+ Wie auch immer, Sie m�ssen folgende Zeile in Ihre F<##SYSCONFDIR##/Muttrc> oder
+ F<~/.muttrc> eintragen:
+--- muttprint-0.72d/doc/manpages/en/muttprint.pod
++++ muttprint-0.72d/doc/manpages/en/muttprint.pod
+@@ -22,7 +22,7 @@
+ whole plethora of them.
+ 
+ For detailed information about Muttprint look read the User's guide in PDF 
+-and HTML format at F<##DOCDIR##/muttprint/>.
++format at F<##DOCDIR##/muttprint/>.
+ 
+ Anyway, you have to put the following line in your F<##SYSCONFDIR##/Muttrc> or 
+ F<~/.muttrc>:
+--- muttprint-0.72d/doc/manual/de/Makefile
++++ muttprint-0.72d/doc/manual/de/Makefile
+@@ -39,7 +39,7 @@
+ 
+ #
+ # we will not make 'all' but only the 'standard' by default
+-default: pdf html sed-clean
++default: pdf sed-clean
+ all: ps dvi pdf html rtf sed-clean
+ ps: manual-$(lang).ps
+ pdf: manual-$(lang).pdf
+@@ -88,10 +88,10 @@
+ ##install: manual-$(lang).pdf manual-$(lang)/muttprint.html
+ install: 
+ 	$(INSTALL) *.pdf $(docdir)/$(docdirname)
+-	mkdir -p $(docdir)/$(docdirname)/manual-$(lang)
++	#mkdir -p $(docdir)/$(docdirname)/manual-$(lang)
+ 	# ignore the stylesheet-images/ directory because the files are not needed
+-	$(INSTALL) manual-$(lang)/*.html $(docdir)/$(docdirname)/manual-$(lang)/
+-	$(INSTALL) manual-$(lang)/*.css $(docdir)/$(docdirname)/manual-$(lang)/
++	#$(INSTALL) manual-$(lang)/*.html $(docdir)/$(docdirname)/manual-$(lang)/
++	#$(INSTALL) manual-$(lang)/*.css $(docdir)/$(docdirname)/manual-$(lang)/
+ 
+ gzip:
+ 	$(gzip) *.ps *.txt
+--- muttprint-0.72d/doc/manual/en/Makefile
++++ muttprint-0.72d/doc/manual/en/Makefile
+@@ -39,7 +39,7 @@
+ 
+ #
+ # we will not make 'all' but only the 'standard' by default
+-default: pdf html sed-clean
++default: pdf sed-clean
+ all: ps dvi pdf html rtf sed-clean
+ ps: manual-$(lang).ps
+ pdf: manual-$(lang).pdf
+@@ -88,10 +88,10 @@
+ ##install: manual-$(lang).pdf manual-$(lang)/muttprint.html
+ install: 
+ 	$(INSTALL) *.pdf $(docdir)/$(docdirname)
+-	mkdir -p $(docdir)/$(docdirname)/manual-$(lang)
++	#mkdir -p $(docdir)/$(docdirname)/manual-$(lang)
+ 	# ignore the stylesheet-images/ directory because the files are not needed
+-	$(INSTALL) manual-$(lang)/*.html $(docdir)/$(docdirname)/manual-$(lang)/
+-	$(INSTALL) manual-$(lang)/*.css $(docdir)/$(docdirname)/manual-$(lang)/
++	#$(INSTALL) manual-$(lang)/*.html $(docdir)/$(docdirname)/manual-$(lang)/
++	#$(INSTALL) manual-$(lang)/*.css $(docdir)/$(docdirname)/manual-$(lang)/
+ 
+ gzip:
+ 	$(gzip) *.ps *.txt
+--- muttprint-0.72d/doc/manual/es/Makefile
++++ muttprint-0.72d/doc/manual/es/Makefile
+@@ -39,7 +39,7 @@
+ 
+ #
+ # we will not make 'all' but only the 'standard' by default
+-default: pdf html sed-clean
++default: pdf sed-clean
+ all: ps dvi pdf html rtf sed-clean
+ ps: manual-$(lang).ps
+ pdf: manual-$(lang).pdf
+@@ -88,10 +88,10 @@
+ ##install: manual-$(lang).pdf manual-$(lang)/muttprint.html
+ install: 
+ 	$(INSTALL) *.pdf $(docdir)/$(docdirname)
+-	mkdir -p $(docdir)/$(docdirname)/manual-$(lang)
++	#mkdir -p $(docdir)/$(docdirname)/manual-$(lang)
+ 	# ignore the stylesheet-images/ directory because the files are not needed
+-	$(INSTALL) manual-$(lang)/*.html $(docdir)/$(docdirname)/manual-$(lang)/
+-	$(INSTALL) manual-$(lang)/*.css $(docdir)/$(docdirname)/manual-$(lang)/
++	#$(INSTALL) manual-$(lang)/*.html $(docdir)/$(docdirname)/manual-$(lang)/
++	#$(INSTALL) manual-$(lang)/*.css $(docdir)/$(docdirname)/manual-$(lang)/
+ 
+ gzip:
+ 	$(gzip) *.ps *.txt
+--- muttprint-0.72d/doc/manual/it/Makefile
++++ muttprint-0.72d/doc/manual/it/Makefile
+@@ -39,7 +39,7 @@
+ 
+ #
+ # we will not make 'all' but only the 'standard' by default
+-default: pdf html sed-clean
++default: pdf sed-clean
+ all: ps dvi pdf html rtf sed-clean
+ ps: manual-$(lang).ps
+ pdf: manual-$(lang).pdf
+@@ -88,10 +88,10 @@
+ ##install: manual-$(lang).pdf manual-$(lang)/muttprint.html
+ install: 
+ 	$(INSTALL) *.pdf $(docdir)/$(docdirname)
+-	mkdir -p $(docdir)/$(docdirname)/manual-$(lang)
++	#mkdir -p $(docdir)/$(docdirname)/manual-$(lang)
+ 	# ignore the stylesheet-images/ directory because the files are not needed
+-	$(INSTALL) manual-$(lang)/*.html $(docdir)/$(docdirname)/manual-$(lang)/
+-	$(INSTALL) manual-$(lang)/*.css $(docdir)/$(docdirname)/manual-$(lang)/
++	#$(INSTALL) manual-$(lang)/*.html $(docdir)/$(docdirname)/manual-$(lang)/
++	#$(INSTALL) manual-$(lang)/*.css $(docdir)/$(docdirname)/manual-$(lang)/
+ 
+ gzip:
+ 	$(gzip) *.ps *.txt
+--- muttprint-0.72d/doc/manual/sl/Makefile
++++ muttprint-0.72d/doc/manual/sl/Makefile
+@@ -39,7 +39,7 @@
+ 
+ #
+ # we will not make 'all' but only the 'standard' by default
+-default: pdf html sed-clean
++default: pdf sed-clean
+ all: ps dvi pdf html rtf sed-clean
+ ps: manual-$(lang).ps
+ pdf: manual-$(lang).pdf
+@@ -88,10 +88,10 @@
+ ##install: manual-$(lang).pdf manual-$(lang)/muttprint.html
+ install: 
+ 	$(INSTALL) *.pdf $(docdir)/$(docdirname)
+-	mkdir -p $(docdir)/$(docdirname)/manual-$(lang)
++	#mkdir -p $(docdir)/$(docdirname)/manual-$(lang)
+ 	# ignore the stylesheet-images/ directory because the files are not needed
+-	$(INSTALL) manual-$(lang)/*.html $(docdir)/$(docdirname)/manual-$(lang)/
+-	$(INSTALL) manual-$(lang)/*.css $(docdir)/$(docdirname)/manual-$(lang)/
++	#$(INSTALL) manual-$(lang)/*.html $(docdir)/$(docdirname)/manual-$(lang)/
++	#$(INSTALL) manual-$(lang)/*.css $(docdir)/$(docdirname)/manual-$(lang)/
+ 
+ gzip:
+ 	$(gzip) *.ps *.txt
+
diff --git a/app-misc/muttprint/metadata.xml b/app-misc/muttprint/metadata.xml
index 2b3b80d69d22..4f4797c619e0 100644
--- a/app-misc/muttprint/metadata.xml
+++ b/app-misc/muttprint/metadata.xml
@@ -1,9 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-	<herd>no-herd</herd>
-	<maintainer>
-		<email>ferdy@gentoo.org</email>
-		<name>Fernando J. Pereda</name>
-	</maintainer>
+	<herd>maintainer-needed</herd>
 </pkgmetadata>
diff --git a/app-misc/muttprint/muttprint-0.72d-r1.ebuild b/app-misc/muttprint/muttprint-0.72d-r1.ebuild
new file mode 100644
index 000000000000..e9e9178ec92e
--- /dev/null
+++ b/app-misc/muttprint/muttprint-0.72d-r1.ebuild
@@ -0,0 +1,39 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-misc/muttprint/muttprint-0.72d-r1.ebuild,v 1.1 2009/03/09 15:46:27 tove Exp $
+
+EAPI=2
+
+inherit eutils toolchain-funcs
+
+DESCRIPTION="Script for pretty printing of your mails"
+HOMEPAGE="http://muttprint.sf.net/"
+SRC_URI="mirror://sourceforge/muttprint/${P}.tar.gz"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~ppc64 ~x86"
+IUSE=""
+
+RDEPEND="virtual/latex-base
+	dev-lang/perl
+	dev-perl/TimeDate
+	dev-perl/Text-Iconv
+	dev-perl/File-Which
+	app-text/psutils"
+
+src_prepare() {
+	epatch "${FILESDIR}/${PN}-rem_sig.patch"
+	epatch "${FILESDIR}/${PN}-ldflags.patch"
+	epatch "${FILESDIR}/${PN}-no_html_docs.patch"
+	epatch "${FILESDIR}/${PN}-CVE-2008-5368.patch"
+}
+
+src_compile() {
+	tc-export CC
+	default
+}
+
+src_install() {
+	make prefix="${D}"/usr docdir="${D}"/usr/share/doc docdirname=${P} install || die
+}
author	Torsten Veller <tove@gentoo.org>	2009-03-09 15:46:27 +0000
committer	Torsten Veller <tove@gentoo.org>	2009-03-09 15:46:27 +0000
commit	f29c6f8737063556acf53c28f550a7cf408f6c36 (patch)
tree	0c6480c48e64a78adaa88952481a1474928426a5 /app-misc/muttprint
parent	Sparc stable, Bug #261673. (diff)
download	gentoo-2-f29c6f8737063556acf53c28f550a7cf408f6c36.tar.gz gentoo-2-f29c6f8737063556acf53c28f550a7cf408f6c36.tar.bz2 gentoo-2-f29c6f8737063556acf53c28f550a7cf408f6c36.zip