update to svn66984 source tree to fix CVE-2023-32700, fix mtxrun stub, patch texmfcnf.lua, fix mptopdf.pl and thumbpdf.pl to have proper interpreter lines

This commit is contained in:
Tom Callaway 2023-05-25 12:31:57 -04:00
parent 3097d8e3f0
commit 320005a93f
6 changed files with 140 additions and 12 deletions

1
.gitignore vendored
View File

@ -434,3 +434,4 @@
/digestif.doc.tar.xz
/digestif.tar.xz
/texaccents.source.tar.xz
/build-svn66984.tar.gz

View File

@ -383,8 +383,6 @@ SHA512 (latex2nemeth.tar.xz) = f2669a9e58857094c922b968f337e2cb2cf475b07811d53c6
SHA512 (latexindent.doc.tar.xz) = 2a34372c3aa18aa3016262905f675d23eaed1d8c6e0e360b61e2084b3bfcfdebc6e349ce2af020fb09a24037119ccd5d3a80635454100ccc688251cde62519b9
SHA512 (latexindent.tar.xz) = 86767228ea35d9c65f4954ae441b13702abb17e2baee941bfb95be4323fd3468953781ceecee7c3518b45f05d94daed5cc89eb18b4d17d2e0ae545a7613bb5c3
SHA512 (luafindfont.doc.tar.xz) = e7196d9a2e69b5a6d5582d7ddc00ac480b16228b424cb9d568ef1ff6fbef48e5926776d5f22fa0eb5c4b09b6b29a283416206f64cf324356b35d66228bbbd3ea
SHA512 (luatex.doc.tar.xz) = dc162ced7be4683e5d0596d200f4924e4feec0d06c253b95cb0dc62e3fc47e947749cbd322b2b71f1868d650ec82d15fb4fe9c2802d0c7faced76831c6134d49
SHA512 (luatex.tar.xz) = 1d802e5ce39d2ceb6e6fcd159fddf57ee16d014ca9165b1e34e23d35943bb40fc795a112aa66af33a87019b74f71e3c4e24025af00823b1980d3a3b437c53aad
SHA512 (lwarp.doc.tar.xz) = 704b3f89973e2fa158252e48f3804b4de5f45bd1ae03954d0eb0f598a4c1c05d6378229dec906caffaf5dfd1ea57dbd53afc77d3d1abd96c3d1be7f146b7ebfc
SHA512 (lwarp.tar.xz) = 2001aeb9c76b008488cededa297bfd8802cc2f4961c6f1432ed4118de204d9e8a0769b3b540ac922e786e2e6723964cdf2975f1e59ed7006029062129996e4f4
SHA512 (oberdiek.doc.tar.xz) = 73a422dd8009d191a24790f5f68b9ae2a5046f3e42e3c360faabb3f7c7581afdf9bf2b20da8609e8d3513135ee1de98329cd4fb1713fce23c5a03fac28c976b9
@ -422,3 +420,6 @@ SHA512 (upmendex.doc.tar.xz) = ec4d1670ff84680fcab88e29ca5f4306f44450ccca9cba062
SHA512 (digestif.doc.tar.xz) = fabc6d0ea5a1e55b7ecd6430b2373c15e413c985485331bd7bd5bca437947a76ac7d8ac6ed2ea3d6afe687284aef673b0e302a1c9925737c6e1d95cecf2ea8cb
SHA512 (digestif.tar.xz) = 098d625749cee42f965d21ef5ec2843211db36fd0f4cced882ed15f32a20a2d70bf292b01e6797e7ca097adfadf2fd40d3c5eef6c694da39e8302770cfb784d3
SHA512 (texaccents.source.tar.xz) = 8bf5d4957008833d54f87eff9feb14f60694ea02e7e9fd2cd5c5d2e2db3f6de3a33784121208ffab516763fbf578125399cbd6f39750e6bb0162a65c2fc44f24
SHA512 (luatex.doc.tar.xz) = f77425653668fc4cc76383862c67a7a170d0021a7d946f55ee399e2400357083ea4524862f8c40360fe9f6c39d6d2c2dfc2babfb43db66a783649d0f4358b059
SHA512 (luatex.tar.xz) = a857a84fa4d2b03a1ba8a7890dd52eb42c44174cf2117ea9ab1fb6d946decedacfa51af4cadcfe30580bc20152ca0403db641c5c61a5b86b726e994d0b4114c8
SHA512 (build-svn66984.tar.gz) = f17e97c11dcd5ccb5bc29c6ffaaff7f9f888b80f4f9b17199d3ff7fcde4f10659c4cf042a55b811e7ba58d34dc45124a1e3e4f648755f5a1855fc3aabbd674cc

View File

@ -1,12 +1,34 @@
diff -up texlive-base-20230311/source/texk/kpathsea/texmf.cnf.texinfo-fix texlive-base-20230311/source/texk/kpathsea/texmf.cnf
--- texlive-base-20230311/source/texk/kpathsea/texmf.cnf.texinfo-fix 2023-03-20 16:38:58.133974316 -0400
+++ texlive-base-20230311/source/texk/kpathsea/texmf.cnf 2023-03-20 16:41:17.124855944 -0400
--- texlive-base-20230311/source/texk/kpathsea/texmf.cnf.texinfo-fix 2023-05-25 10:49:55.510891474 -0400
+++ texlive-base-20230311/source/texk/kpathsea/texmf.cnf 2023-05-25 11:44:59.261966579 -0400
@@ -59,7 +59,7 @@
% SELFAUTOPARENT (its grandparent = /usr/local/texlive/YYYY), and
% SELFAUTOGRANDPARENT (its great-grandparent = /usr/local/texlive).
% Sorry for the off-by-one-generation names.
-TEXMFROOT = $SELFAUTOPARENT
+TEXMFROOT = /usr/share/texlive
% The main tree of distributed packages and programs:
TEXMFDIST = $TEXMFROOT/texmf-dist
@@ -69,10 +69,10 @@ TEXMFDIST = $TEXMFROOT/texmf-dist
TEXMFMAIN = $TEXMFDIST
% Local additions to the distribution trees.
-TEXMFLOCAL = $SELFAUTOGRANDPARENT/texmf-local
+TEXMFLOCAL = /usr/share/texlive/texmf-local
% TEXMFSYSVAR, where *-sys store cached runtime data.
-TEXMFSYSVAR = $TEXMFROOT/texmf-var
+TEXMFSYSVAR = /var/lib/texmf
% TEXMFSYSCONFIG, where *-sys store configuration data.
TEXMFSYSCONFIG = $TEXMFROOT/texmf-config
@@ -83,6 +83,9 @@ TEXMFSYSCONFIG = $TEXMFROOT/texmf-config
% to %USERPROFILE% on Windows, $HOME otherwise.
TEXMFHOME = ~/texmf
+% Texinfo on Fedora lives out of $TEXMFROOT
+TEXINFOHOME = $SELFAUTODIR/share/texmf
+TEXINFOHOME = /usr/share/texmf
+
% TEXMFVAR, where texconfig/updmap/fmtutil store cached runtime data.
TEXMFVAR = ~/.texlive2023/texmf-var
@ -16,7 +38,7 @@ diff -up texlive-base-20230311/source/texk/kpathsea/texmf.cnf.texinfo-fix texliv
% ever defined (the 99% common case), no extra elements will be added to
% the search paths. tlmgr takes care to end any value with a trailing comma.
-TEXMF = {$TEXMFAUXTREES$TEXMFCONFIG,$TEXMFVAR,$TEXMFHOME,!!$TEXMFLOCAL,!!$TEXMFSYSCONFIG,!!$TEXMFSYSVAR,!!$TEXMFDIST}
+TEXMF = {$TEXMFAUXTREES$TEXMFCONFIG,$TEXMFVAR,$TEXMFHOME,$TEXINFOHOME,$TEXINFOHOME,!!$TEXMFLOCAL,!!$TEXMFSYSCONFIG,!!$TEXMFSYSVAR,!!$TEXMFDIST}
+TEXMF = {$TEXMFAUXTREES$TEXMFCONFIG,$TEXMFVAR,$TEXMFHOME,!!$TEXINFOHOME,!!$TEXMFLOCAL,!!$TEXMFSYSCONFIG,!!$TEXMFSYSVAR,!!$TEXMFDIST}
% Where to look for, and where mktexlsr creates, ls-R files. By default,
% this is all and only the !! elements of TEXMF, so that mktexlsr does not

View File

@ -0,0 +1,20 @@
diff -up ./scripts/context/perl/mptopdf.pl.fix-scripts ./scripts/context/perl/mptopdf.pl
--- ./scripts/context/perl/mptopdf.pl.fix-scripts 2023-05-25 11:52:19.149713294 -0400
+++ ./scripts/context/perl/mptopdf.pl 2023-05-25 11:53:05.379317240 -0400
@@ -1,5 +1,4 @@
-eval '(exit $?0)' && eval 'exec perl -S $0 ${1+"$@"}' && eval 'exec perl -S $0 $argv:q'
- if 0;
+#! /usr/bin/perl -w
# MikTeX users can set environment variable TEXSYSTEM to "miktex".
diff -up ./scripts/thumbpdf/thumbpdf.pl.fix-scripts ./scripts/thumbpdf/thumbpdf.pl
--- ./scripts/thumbpdf/thumbpdf.pl.fix-scripts 2023-05-25 11:53:23.018547680 -0400
+++ ./scripts/thumbpdf/thumbpdf.pl 2023-05-25 11:53:44.086822918 -0400
@@ -1,5 +1,4 @@
-eval '(exit $?0)' && eval 'exec perl -S $0 ${1+"$@"}' && eval 'exec perl -S $0 $argv:q'
- if 0;
+#! /usr/bin/perl -w
use strict;
$^W=1; # turn warning on
#

View File

@ -1,6 +1,8 @@
%global shortname texlive
%global source_date 20230311
%global source_name texlive-%{source_date}-source
%global source_svn svn66984
# %%global source_name texlive-%%{source_date}-source
%global source_name texlive-source-build-%{source_svn}
%{!?_texdir: %global _texdir %{_datadir}/%{shortname}}
%{!?_texmf_var: %global _texmf_var %{_var}/lib/texmf}
@ -23,14 +25,17 @@
Name: %{shortname}-base
Version: %{source_date}
Release: 72%{?dist}
Release: 73%{?dist}
Epoch: 11
Summary: TeX formatting system
# The only files in the base package are directories, cache, and license texts
# So we'll just list the license texts. This is also a bit of a lie, since most of these license texts do not apply to themselves.
License: Apache-2.0 AND Artistic-2.0 AND BSD AND GFDL-1.1-or-later AND GPL-1.0-or-later AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND Knuth-CTAN AND LGPL-2.1-or-later AND LGPL-3.0-or-later AND LPPL-1.2 AND LPPL-1.3 AND LPPL-1.3c AND MIT AND OFL-1.1 AND LicenseRef-Fedora-Public-Domain
URL: http://tug.org/texlive/
Source0: https://ctan.math.illinois.edu/systems/texlive/Source/%{source_name}.tar.xz
# Source0: https://ctan.math.illinois.edu/systems/texlive/Source/%%{source_name}.tar.xz
# Using a specific tag to fix the LuaTeX CVE-2023-32700
Source0: https://github.com/TeX-Live/texlive-source/archive/refs/tags/build-%{source_svn}.tar.gz
Source1: macros.texlive
Source2: http://tug.ctan.org/systems/texlive/tlnet/tlpkg/texlive.tlpdb
Source3: texlive-licenses.tar.xz
@ -514,6 +519,12 @@ Patch37: texlive-base-libpaperv2.patch
# Fix issue where off_t could be set incorrectly on i686 due to order of header load
Patch44: texlive-base-20220321-pdf-header-order-fix.patch
# Fix texmfcnf.lua for Fedora layout (thanks to Preining Norbert)
Patch45: texlive-fedora-texmfcnf.lua.patch
# Fix interpreter on perl scripts (thanks again to Debian)
Patch46: texlive-base-20230311-fix-scripts.patch
# Can't do this because it causes everything else to be noarch
# BuildArch: noarch
BuildRequires: make
@ -4219,7 +4230,7 @@ Requires: texlive-hyph-utf8
LuaTeX with just-in-time (jit) compiler, with and without HarfBuzz.
%package -n %{shortname}-luatex
Version: svn66546
Version: svn66967
Provides: texlive-luatex = %{epoch}:%{source_date}-%{release}
Provides: tex-luatex = %{epoch}:%{source_date}-%{release}
Provides: texlive-luatex-bin = %{epoch}:%{source_date}-%{release}
@ -8235,7 +8246,8 @@ LaTeX file remains on the archive.)
%prep
%setup -q -c -T
xz -dc %{SOURCE0} | tar x
# xz -dc %%{SOURCE0} | tar x
tar xf %{SOURCE0}
[ -e %{source_name} ] && mv %{source_name} source
%patch -P1 -p0
%patch -P2 -p1 -b .format
@ -8496,6 +8508,13 @@ pushd %{buildroot}%{_texdir}/texmf-dist
# neuter tlmgr a bit
patch -p1 < %{_sourcedir}/texlive-20190410-tlmgr-ignore-warning.patch
# Fix texmfcnf.lua
patch -p1 < %{_sourcedir}/texlive-fedora-texmfcnf.lua.patch
# Fix interpreter on perl scripts
patch -p1 < %{_sourcedir}/texlive-base-20230311-fix-scripts.patch
popd
# config files in /etc symlinked
@ -8644,7 +8663,7 @@ ln -s /usr/share/texlive/texmf-dist/scripts/digestif/digestif.texlua digestif
rm -f mtxrun
cat > mtxrun << EOF
#!/bin/sh
env LUATEXDIR=/usr/shared/texlive/texmf-dist/scripts/context/lua luatex --luaonly mtxrun.lua "\$@"
env LUATEXDIR=/usr/share/texlive/texmf-dist/scripts/context/lua luatex --luaonly mtxrun.lua "\$@"
EOF
chmod 0755 mtxrun
@ -11084,6 +11103,12 @@ yes | %{_bindir}/updmap-sys --quiet --syncwithtrees >/dev/null 2>&1 || :
%doc %{_texdir}/texmf-dist/doc/latex/yplan/
%changelog
* Thu May 25 2023 Tom Callaway <spot@fedoraproject.org> - 11:20230311-73
- update to svn66984 source tree to fix CVE-2023-32700
- fix mtxrun stub
- patch texmfcnf.lua
- fix mptopdf.pl and thumbpdf.pl to have proper interpreter lines
* Fri Apr 14 2023 Tom Callaway <spot@fedoraproject.org> - 11:20230311-72
- fix Requires for texlive-fontools (bz 2185284)

View File

@ -0,0 +1,59 @@
diff -up ./web2c/texmfcnf.lua.fedora ./web2c/texmfcnf.lua
--- ./web2c/texmfcnf.lua.fedora 2023-05-25 10:25:41.195939763 -0400
+++ ./web2c/texmfcnf.lua 2023-05-25 10:33:33.761097942 -0400
@@ -11,6 +11,7 @@ return {
comment = "ConTeXt MkIV and LMTX configuration file",
author = "Hans Hagen, PRAGMA-ADE, Hasselt NL",
target = "texlive",
+ -- modified for Fedora, based on Preining Norbert's work in Debian
content = {
@@ -52,7 +53,7 @@ return {
TEXMFVAR = "home:" .. hiddentexlivepath .. "/texmf-var",
TEXMFCONFIG = "home:" .. hiddentexlivepath .. "/texmf-config",
- TEXMFSYSVAR = "selfautoparent:texmf-var",
+ TEXMFSYSVAR = "/var/lib/texmf",
TEXMFCACHE = "$TEXMFSYSVAR;$TEXMFVAR",
-- I don't like this texmf under home and texmf-home would make more sense. One never knows
@@ -62,7 +63,7 @@ return {
-- By using prefixes we don't get expanded paths in the cache __path__ entry. This makes the
-- tex root relocatable.
- TEXMFOS = "selfautodir:",
+ -- TEXMFOS = "selfautodir:",
-- standalone:
@@ -73,14 +74,15 @@ return {
-- texlive:
- TEXMFDIST = "selfautoparent:texmf-dist",
- TEXMFSYSCONFIG = "selfautoparent:texmf-config",
+ TEXMFDIST = "/usr/share/texlive/texmf-dist",
+ TEXMFFEDORA = "/usr/share/texmf",
+ TEXMFSYSCONFIG = "/usr/share/texlive/texmf-config",
-- The texmf-local path is only used for (maybe) some additional configuration file.
- TEXMFLOCAL = "selfautoparent:texmf-local",
- TEXMFFONTS = "selfautoparent:texmf-fonts",
- TEXMFPROJECT = "selfautoparent:texmf-project",
+ TEXMFLOCAL = "/usr/share/texlive/texmf-local",
+ -- TEXMFFONTS = "selfautoparent:texmf-fonts",
+ -- TEXMFPROJECT = "selfautoparent:texmf-project",
TEXMFHOME = "home:texmf",
-- TEXMFHOME = os.name == "macosx" and "home:Library/texmf" or "home:texmf",
@@ -94,7 +96,7 @@ return {
-- texlive:
- TEXMF = "{$TEXMFCONFIG,$TEXMFHOME,!!$TEXMFSYSCONFIG,!!$TEXMFSYSVAR,!!$TEXMFPROJECT,!!$TEXMFFONTS,!!$TEXMFLOCAL,!!$TEXMFDIST}",
+ TEXMF = "{$TEXMFCONFIG,$TEXMFHOME,!!$TEXMFSYSCONFIG,!!$TEXMFSYSVAR,!!$TEXMFLOCAL,!!$TEXMFFEDORA,!!$TEXMFDIST}",
TEXFONTMAPS = ".;$TEXMF/fonts/data//;$TEXMF/fonts/map/{pdftex,dvips}//",
ENCFONTS = ".;$TEXMF/fonts/data//;$TEXMF/fonts/enc/{dvips,pdftex}//",