rpms/texlive-base
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

merge into: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:f42
rpms:f43
rpms:main
rpms:f41
rpms:f40
rpms:f39
rpms:f37
rpms:f38
rpms:f36
rpms:f35
rpms:f34
rpms:f32
rpms:f33
rpms:f30
rpms:f31
rpms:f29
rpms:f28
rpms:eln
...
pull from: rpms:f37
Branches Tags
rpms:f42
rpms:f43
rpms:main
rpms:rawhide
rpms:f41
rpms:f40
rpms:f39
rpms:f37
rpms:f38
rpms:f36
rpms:f35
rpms:f34
rpms:f32
rpms:f33
rpms:f30
rpms:f31
rpms:f29
rpms:f28
rpms:eln
Sign in to create a new pull request.

2 commits
rawhide ... f37

Author SHA1 Message Date
Tom Callaway
fc34f073aa apply upstream fix for CVE-2023-32700 2023-05-26 09:39:34 -04:00
Tom Callaway
d1275f1129 fix Requires for texlive-fontools 2023-04-14 14:08:38 -04:00
2 changed files with 1333 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1316
texlive-2021-CVE-2023-32700.patch Normal file
View file

File diff suppressed because it is too large Load diff

18
texlive-base.spec
View file

@ -20,7 +20,7 @@
Name: %{shortname}-base
Version: %{source_date}
Release: 52%{?dist}
Release: 54%{?dist}
Epoch: 9
Summary: TeX formatting system
# The only files in the base package are directories, cache, and license texts
@ -482,6 +482,9 @@ Patch35: texlive-base-20210325-pdftoepdf-fix-crash.patch
# Poppler 22.08.0
Patch36: texlive-base-20210325-poppler-22.08.0.patch
# fix for CVE-2023-32700
Patch37: texlive-2021-CVE-2023-32700.patch
# Can't do this because it causes everything else to be noarch
# BuildArch: noarch
BuildRequires: make
@ -2530,6 +2533,10 @@ License: GPLv2+
Summary: Tools to simplify using fonts (especially TT/OTF ones)
Requires: texlive-base
Requires: texlive-kpathsea
# for otfinfo
Requires: texlive-lcdftypetools
# For vptovf
Requires: texlive-fontware
Provides: tex(fontools_ly1.enc) = %{epoch}:%{source_date}-%{release}
Provides: tex(fontools_ot1.enc) = %{epoch}:%{source_date}-%{release}
Provides: tex(fontools_t1.enc) = %{epoch}:%{source_date}-%{release}
@ -6752,6 +6759,8 @@ xz -dc %{SOURCE0} | tar x
%patch36 -p1 -b .poppler-22.08.0
%endif
%patch37 -p1 -b .CVE-2023-32700
# Setup copies of the licenses
for l in `unxz -c %{SOURCE3} | tar t`; do
ln -s %{_texdir}/licenses/$l $l
@ -6823,6 +6832,7 @@ cd work
--with-system-libpaper --with-system-potrace --with-pic --with-xdvi-x-toolkit=xaw --with-system-mpfr --with-system-gmp \
--enable-shared --enable-compiler-warnings=max --without-cxx-runtime-hack \
--disable-native-texlive-build --disable-t1utils --enable-psutils --disable-biber --disable-ptexenc --disable-largefile \
--with-banner-add='/CVE-2023-32700 patched' \
%ifarch %{power64} s390 s390x
--disable-luajittex --disable-mfluajit --disable-luajithbtex --disable-mfluajit-nowin \
%endif
@ -9413,6 +9423,12 @@ yes | %{_bindir}/updmap-sys --quiet --syncwithtrees >/dev/null 2>&1 || :
%doc %{_texdir}/texmf-dist/doc/latex/yplan/
%changelog
* Fri May 26 2023 Tom Callaway <spot@fedoraproject.org> - 9:202110325-54
- apply upstream fix for CVE-2023-32700
* Fri Apr 14 2023 Tom Callaway <spot@fedoraproject.org> - 9:202110325-53
- fix Requires for texlive-fontools (bz 2185284)
* Wed Aug 24 2022 Tom Callaway <spot@fedoraproject.org> - 9:202110325-52
- fixup texlive-base-20210325-poppler-22.08.0.patch (bz2121167)