On Mon Nov 11, 2019 at 08:27:37PM +0100, Frederic Cambus wrote:
> Hi ports@,
>
> Here is a diff to update transfig to 3.2.7b.
>
> This fixes CVE-2018-16140 and CVE-2019-14275.
>
> Since version 3.2.7a, the X bitmaps files are not installed anymore.
>
> From upstream CHANGES:
>
> o Distribute the X bitmaps files within fig2dev, no need to install
> these files. The files were needed for Tk and Perl/Tk output.
>
> Tested with a graphics/xfig update (see following mail), and by successfully
> rebuilding graphics/enblend-enfuse which uses it as BUILD_DEPENDS.
>
> Comments? OK?
With https OK rsadowski@
>
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/print/transfig/Makefile,v
> retrieving revision 1.46
> diff -u -p -r1.46 Makefile
> --- Makefile 12 Jul 2019 20:48:57 -0000 1.46
> +++ Makefile 11 Nov 2019 16:53:40 -0000
> @@ -2,7 +2,7 @@
>
> COMMENT= tools to convert Xfig's .fig files #'
>
> -VERSION= 3.2.6
> +VERSION= 3.2.7b
> DISTNAME= fig2dev-${VERSION}
> EXTRACT_SUFX = .tar.xz
> PKGNAME= transfig-${VERSION}
> @@ -24,8 +24,6 @@ MAKE_FLAGS= CC="${CC}"
> CONFIGURE_STYLE=gnu
> CONFIGURE_ARGS = --enable-transfig
> CONFIGURE_ENV = LDFLAGS=-L${LOCALBASE}/lib CPPFLAGS=-I${LOCALBASE}/include
> -
> -MAKE_FLAGS = bitmapsdir=${LOCALBASE}/lib/X11/xfig/bitmaps
>
> FLAVORS= a4
> FLAVOR?=
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/print/transfig/distinfo,v
> retrieving revision 1.8
> diff -u -p -r1.8 distinfo
> --- distinfo 24 Apr 2018 12:07:26 -0000 1.8
> +++ distinfo 11 Nov 2019 16:53:40 -0000
> @@ -1,2 +1,2 @@
> -SHA256 (fig2dev-3.2.6.tar.xz) = ij0X7aQdZzOvRP2IwY6J4Ekrnvg/BcJg+A/XGXDqrsA=
> -SIZE (fig2dev-3.2.6.tar.xz) = 406288
> +SHA256 (fig2dev-3.2.7b.tar.xz) = R9wbRCChvFA7N3GZPhnNr3USDTi+ZUhwn32E97B9aLI=
> +SIZE (fig2dev-3.2.7b.tar.xz) = 512224
> Index: patches/patch-fig2dev_Makefile_in
> ===================================================================
> RCS file: /cvs/ports/print/transfig/patches/patch-fig2dev_Makefile_in,v
> retrieving revision 1.1
> diff -u -p -r1.1 patch-fig2dev_Makefile_in
> --- patches/patch-fig2dev_Makefile_in 24 Apr 2018 12:07:26 -0000 1.1
> +++ patches/patch-fig2dev_Makefile_in 11 Nov 2019 16:53:40 -0000
> @@ -3,22 +3,12 @@ $OpenBSD: patch-fig2dev_Makefile_in,v 1.
> Index: fig2dev/Makefile.in
> --- fig2dev/Makefile.in.orig
> +++ fig2dev/Makefile.in
> -@@ -118,8 +118,7 @@ PROGRAMS = $(bin_PROGRAMS)
> +@@ -125,7 +125,7 @@ PROGRAMS = $(bin_PROGRAMS)
> am_fig2dev_OBJECTS = arrow.$(OBJEXT) bound.$(OBJEXT) colors.$(OBJEXT) \
> creationdate.$(OBJEXT) fig2dev.$(OBJEXT) free.$(OBJEXT) \
> - iso2tex.$(OBJEXT) localmath.$(OBJEXT) psfonts.$(OBJEXT) \
> -- read1_3.$(OBJEXT) read.$(OBJEXT) trans_spline.$(OBJEXT) \
> -- getopt.$(OBJEXT)
> -+ read1_3.$(OBJEXT) read.$(OBJEXT) trans_spline.$(OBJEXT)
> + iso2tex.$(OBJEXT) localmath.$(OBJEXT) read1_3.$(OBJEXT) \
> +- read.$(OBJEXT) trans_spline.$(OBJEXT) getopt.$(OBJEXT)
> ++ read.$(OBJEXT) trans_spline.$(OBJEXT)
> fig2dev_OBJECTS = $(am_fig2dev_OBJECTS)
> LIBOBJDIR = ../fig2dev/lib/
> - fig2dev_DEPENDENCIES = $(LIBOBJS) dev/libdrivers.a
> -@@ -365,7 +364,7 @@ fig2dev_SOURCES = alloc.h arrow.c bound.h bound.c colo
> - iso2tex.c localmath.h localmath.c object.h psfonts.c read1_3.c read.h \
> - read.c trans_spline.h trans_spline.c pi.h getopt.c
> -
> --fig2dev_LDADD = $(LIBOBJS) dev/libdrivers.a
> -+fig2dev_LDADD = $(LIBOBJS) dev/libdrivers.a -liconv
> - dist_bin_SCRIPTS = fig2ps2tex pic2tpic
> - all: all-recursive
> -
> + am__dirstamp = $(am__leading_dot)dirstamp
> Index: patches/patch-fig2dev_fig2dev_c
> ===================================================================
> RCS file: /cvs/ports/print/transfig/patches/patch-fig2dev_fig2dev_c,v
> retrieving revision 1.1
> diff -u -p -r1.1 patch-fig2dev_fig2dev_c
> --- patches/patch-fig2dev_fig2dev_c 24 Apr 2018 12:07:26 -0000 1.1
> +++ patches/patch-fig2dev_fig2dev_c 11 Nov 2019 16:53:40 -0000
> @@ -3,21 +3,21 @@ $OpenBSD: patch-fig2dev_fig2dev_c,v 1.1
> Index: fig2dev/fig2dev.c
> --- fig2dev/fig2dev.c.orig
> +++ fig2dev/fig2dev.c
> -@@ -42,7 +42,7 @@
> - #include <fcntl.h>
> - #endif
> +@@ -45,7 +45,7 @@
> + #include "read.h"
>
> --extern int fig_getopt(int nargc, char **nargv, char *ostr);
> + /* the three lines below could go into a getopt.h file */
> +-extern int fig_getopt(int nargc, char **nargv, char *ostr); /* getopt.c */
> +#include <unistd.h>
> - extern char *optarg;
> - extern int optind;
> - static int parse_gridspec(char *string, float *numer, float *denom,
> -@@ -208,7 +208,7 @@ get_args(int argc, char *argv[])
> + extern char *optarg; /* getopt.c */
> + extern int optind; /* getopt.c */
> +
> +@@ -219,7 +219,7 @@ get_args(int argc, char *argv[])
> if (argc == 1)
> - fprintf(stderr,Usage,prog,prog);
> + fprintf(stderr, Usage, prog, prog);
> /* sum of all arguments */
> - while ((c = fig_getopt(argc, argv, ARGSTRING)) != EOF) {
> + while ((c = getopt(argc, argv, ARGSTRING)) != EOF) {
>
> /* global (all drivers) option handling */
> - switch (c) {
> + switch (c) {
> Index: pkg/PLIST
> ===================================================================
> RCS file: /cvs/ports/print/transfig/pkg/PLIST,v
> retrieving revision 1.10
> diff -u -p -r1.10 PLIST
> --- pkg/PLIST 24 Apr 2018 12:07:26 -0000 1.10
> +++ pkg/PLIST 11 Nov 2019 16:53:40 -0000
> @@ -3,57 +3,6 @@
> bin/fig2ps2tex
> bin/pic2tpic
> @bin bin/transfig
> -lib/X11/xfig/
> -lib/X11/xfig/bitmaps/
> -lib/X11/xfig/bitmaps/bricks.bmp
> -lib/X11/xfig/bitmaps/circles.bmp
> -lib/X11/xfig/bitmaps/crosshatch.bmp
> -lib/X11/xfig/bitmaps/crosshatch30.bmp
> -lib/X11/xfig/bitmaps/crosshatch45.bmp
> -lib/X11/xfig/bitmaps/dash.bmp
> -lib/X11/xfig/bitmaps/dashDot.bmp
> -lib/X11/xfig/bitmaps/dashDotDot.bmp
> -lib/X11/xfig/bitmaps/dashDotDotDot.bmp
> -lib/X11/xfig/bitmaps/dot.bmp
> -lib/X11/xfig/bitmaps/fishscales.bmp
> -lib/X11/xfig/bitmaps/hexagons.bmp
> -lib/X11/xfig/bitmaps/horiz_saw.bmp
> -lib/X11/xfig/bitmaps/horizontal.bmp
> -lib/X11/xfig/bitmaps/left30.bmp
> -lib/X11/xfig/bitmaps/left45.bmp
> -lib/X11/xfig/bitmaps/leftshingle.bmp
> -lib/X11/xfig/bitmaps/octagons.bmp
> -lib/X11/xfig/bitmaps/p13.bmp
> -lib/X11/xfig/bitmaps/right30.bmp
> -lib/X11/xfig/bitmaps/right45.bmp
> -lib/X11/xfig/bitmaps/rightshingle.bmp
> -lib/X11/xfig/bitmaps/small_fishscales.bmp
> -lib/X11/xfig/bitmaps/sp0.bmp
> -lib/X11/xfig/bitmaps/sp1.bmp
> -lib/X11/xfig/bitmaps/sp10.bmp
> -lib/X11/xfig/bitmaps/sp11.bmp
> -lib/X11/xfig/bitmaps/sp12.bmp
> -lib/X11/xfig/bitmaps/sp13.bmp
> -lib/X11/xfig/bitmaps/sp14.bmp
> -lib/X11/xfig/bitmaps/sp15.bmp
> -lib/X11/xfig/bitmaps/sp16.bmp
> -lib/X11/xfig/bitmaps/sp17.bmp
> -lib/X11/xfig/bitmaps/sp18.bmp
> -lib/X11/xfig/bitmaps/sp19.bmp
> -lib/X11/xfig/bitmaps/sp2.bmp
> -lib/X11/xfig/bitmaps/sp20.bmp
> -lib/X11/xfig/bitmaps/sp3.bmp
> -lib/X11/xfig/bitmaps/sp4.bmp
> -lib/X11/xfig/bitmaps/sp5.bmp
> -lib/X11/xfig/bitmaps/sp6.bmp
> -lib/X11/xfig/bitmaps/sp7.bmp
> -lib/X11/xfig/bitmaps/sp8.bmp
> -lib/X11/xfig/bitmaps/sp9.bmp
> -lib/X11/xfig/bitmaps/vert_bricks.bmp
> -lib/X11/xfig/bitmaps/vert_leftshingle.bmp
> -lib/X11/xfig/bitmaps/vert_rightshingle.bmp
> -lib/X11/xfig/bitmaps/vert_saw.bmp
> -lib/X11/xfig/bitmaps/vertical.bmp
> @man man/man1/fig2dev.1
> @man man/man1/fig2ps2tex.1
> @man man/man1/pic2tpic.1
> @@ -76,7 +25,8 @@ share/fig2dev/i18n/ko_KR.ps
> share/fig2dev/i18n/korean.ps
> share/fig2dev/i18n/pl_PL.ps
> share/fig2dev/i18n/ro_RO.ps
> +share/fig2dev/i18n/ru_RU.CP1251.ps
> share/fig2dev/i18n/ru_RU.KOI8-R.ps
> share/fig2dev/i18n/sk_SK.ps
> share/fig2dev/i18n/sl_SI.ps
> -share/fig2dev/rgb.txt
> +share/fig2dev/i18n/uk_UA.KOI8-U.ps
>
