commit texlive for openSUSE:Leap:15.2

2020-06-04 Thread root 
Hello community,

here is the log from the commit of package texlive for openSUSE:Leap:15.2 
checked in at 2020-06-04 16:01:02

Comparing /work/SRC/openSUSE:Leap:15.2/texlive (Old)
 and  /work/SRC/openSUSE:Leap:15.2/.texlive.new.3606 (New)


Package is "texlive"

Thu Jun  4 16:01:02 2020 rev:51 rq:810291 version:unknown

Changes:

--- /work/SRC/openSUSE:Leap:15.2/texlive/texlive.changes2020-03-20 
05:52:23.080042631 +0100
+++ /work/SRC/openSUSE:Leap:15.2/.texlive.new.3606/texlive.changes  
2020-06-04 16:01:03.942917008 +0200
@@ -1,0 +2,5 @@
+Thu May 14 08:46:23 UTC 2020 - Dr. Werner Fink 
+
+- Correct permissions of wrapper of e.g. mktexlsr (boo#1171341) 
+
+---



Other differences:
--
++ texlive.spec ++
--- /var/tmp/diff_new_pack.DC6Za4/_old  2020-06-04 16:01:05.374921934 +0200
+++ /var/tmp/diff_new_pack.DC6Za4/_new  2020-06-04 16:01:05.378921948 +0200
@@ -4010,12 +4010,11 @@
 fi
 
 %posttrans
-test -f /var/run/texlive/run-update || exit 0
 %if %{with zypper_posttrans}
 test -z "$ZYPP_IS_RUNNING" || exit 0
 %endif
+test -d /var/run/texlive || exit 0
 VERBOSE=false %{_texmfdistdir}/texconfig/update || :
-rm -f /var/run/texlive/run-update
 
 %post   -n libkpathsea6 -p /sbin/ldconfig
 %postun -n libkpathsea6 -p /sbin/ldconfig
@@ -4396,7 +4395,7 @@
 %{_bindir}/mktexpk
 %{_bindir}/mktextfm
 %{_bindir}/texhash
-%attr(0755,root,%{texgrp}) %{_libexecdir}/mktex/public
+%attr(2755,root,%{texgrp}) %{_libexecdir}/mktex/public
 %{_libexecdir}/mktex/*tex*
 
 %files lacheck-bin

commit texlive for openSUSE:Leap:15.2

2020-03-19 Thread root 
Hello community,

here is the log from the commit of package texlive for openSUSE:Leap:15.2 
checked in at 2020-03-20 05:52:17

Comparing /work/SRC/openSUSE:Leap:15.2/texlive (Old)
 and  /work/SRC/openSUSE:Leap:15.2/.texlive.new.3160 (New)


Package is "texlive"

Fri Mar 20 05:52:17 2020 rev:50 rq:781745 version:unknown

Changes:

--- /work/SRC/openSUSE:Leap:15.2/texlive/texlive.changes2020-01-15 
16:06:41.608029544 +0100
+++ /work/SRC/openSUSE:Leap:15.2/.texlive.new.3160/texlive.changes  
2020-03-20 05:52:23.080042631 +0100
@@ -1,0 +2,15 @@
+Thu Feb 20 06:21:10 UTC 2020 - Dr. Werner Fink 
+
+- Switch also to user mktex in fmtutil script (boo#1159740, CVE-2020-8016)
+
+---
+Wed Feb  5 06:56:24 UTC 2020 - Dr. Werner Fink 
+
+- Check passwd not group file for user mktex 
+
+---
+Fri Jan 31 12:32:25 UTC 2020 - Dr. Werner Fink 
+
+- Introduce a user mktex as replacement for user nobody (boo#1159740, 
CVE-2020-8016)
+
+---



Other differences:
--
++ texlive.spec ++
--- /var/tmp/diff_new_pack.6q72t0/_old  2020-03-20 05:52:26.160044683 +0100
+++ /var/tmp/diff_new_pack.6q72t0/_new  2020-03-20 05:52:26.164044685 +0100
@@ -304,7 +304,9 @@
 %define _appdefdir %{_x11data}/app-defaults
 #
 %define texgrp mktex
+%define texusr mktex
 #%define texgid505
+#%define texuid505
 #
 %description
 After installing texlive and the package texlive-latex, find a large
@@ -3648,7 +3650,7 @@
 
 # compile public
 mkdir -p ${prefix}/lib/mktex
-$CC ${RPM_OPT_FLAGS} -DTEXGRP='"%{texgrp}"' 
-DMKTEX='"%{_libexecdir}/mktex"' -fPIE -pie -o ${prefix}/lib/mktex/public 
%{S:50}
+$CC ${RPM_OPT_FLAGS} -DTEXGRP='"%{texgrp}"' -DTEXUSR='"%{texusr}"' 
-DMKTEX='"%{_libexecdir}/mktex"' -fPIE -pie -o ${prefix}/lib/mktex/public 
%{S:50}
 
 # install our own scripts
 mkdir -p ${prefix}/bin
@@ -3969,8 +3971,14 @@
 %endif
 
 %pre kpathsea-bin
-if test "$1" = 1 -a -z "$(%{_bindir}/getent group %{texgrp} 2>/dev/null)"; then
+if test "$1" = 1
+then
+if test -z "$(%{_bindir}/getent group %{texgrp} 2>/dev/null)"; then
 %{_sbindir}/groupadd -r %{?texgid:-g %texgid} %{texgrp}
+fi
+if test -z "$(%{_bindir}/getent passwd %{texusr} 2>/dev/null)"; then
+   %{_sbindir}/useradd -r %{?texuid:-u %texuid} -g %{texgrp} -d 
%{_fontcache} -s /bin/false %{texusr}
+fi
 fi
 
 %post kpathsea-bin
@@ -3978,6 +3986,17 @@
 %set_permissions %{_libexecdir}/mktex/public
 %endif
 
+%pre
+if test "$1" = 1
+then
+if test -z "$(%{_bindir}/getent group %{texgrp} 2>/dev/null)"; then
+   %{_sbindir}/groupadd -r %{?texgid:-g %texgid} %{texgrp}
+fi
+if test -z "$(%{_bindir}/getent passwd %{texusr} 2>/dev/null)"; then
+   %{_sbindir}/useradd -r %{?texuid:-u %texuid} -g %{texgrp} -d 
%{_fontcache} -s /bin/false %{texusr}
+fi
+fi
+
 %post
 mkdir -p /var/run/texlive
 > /var/run/texlive/run-mktexlsr

++ public.8 ++
--- /var/tmp/diff_new_pack.6q72t0/_old  2020-03-20 05:52:26.224044726 +0100
+++ /var/tmp/diff_new_pack.6q72t0/_new  2020-03-20 05:52:26.228044728 +0100
@@ -17,9 +17,9 @@
 .\"
 .TH NOBODY 8 "Apr 27, 2012" "" "Linux System Administrator's Manual"
 .SH NAME
-public \- for user root run specific TeX programs as user \fInobody\fP
+public \- for user root run specific TeX programs as user \fImktex\fP
 .br
-public \- for all users run specific TeX programs as group \fIpublic\fP
+public \- for all users run specific TeX programs as group \fImktex\fP
 .SH SYNOPSIS
 .B public
 .RB \->\ [ texhash | mktexlsr | mktexmf | mktexpk | mktextfm ]

++ public.c ++
--- /var/tmp/diff_new_pack.6q72t0/_old  2020-03-20 05:52:26.248044741 +0100
+++ /var/tmp/diff_new_pack.6q72t0/_new  2020-03-20 05:52:26.248044741 +0100
@@ -1,5 +1,5 @@
 /*
- * Public  For user root run a specific program as user nobody
+ * Public  For user root run a specific program as user mktex
  * for user root and others use group public and umask 0002
  *
  * Usage:  public -> [texhash|mktexlsr|mktexmf|mktexpk|mktextfm]
@@ -36,7 +36,10 @@
 #include 
 
 #ifndef TEXGRP
-# define TEXGRP "public"
+# define TEXGRP "mktex"
+#endif
+#ifndef TEXUSR
+# define TEXUSR "mktex"
 #endif
 #ifndef MKTEX
 # define "/usr/lib/mktex"
@@ -122,10 +125,10 @@
 if ((grp = getgrnam(TEXGRP)) == (struct group*)0)
goto err;
 
-if (ruid == 0 || euid == 0) {   /* If user is root switch over to 
nobody:public */
+if (ruid == 0 || euid == 0) {   /* If user is root switch over to 
mktex:mktex */
int initgrp = 0;
 
-   if ((pwd = getpwn