SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for transfig-debugsource-3.2.9-2.1.x86_64.rpm :

* Mon Feb 26 2024 pgajdosAATTsuse.com- Use %patch -P N instead of deprecated %patchN
* Fri Sep 15 2023 Dr. Werner Fink - Update to fig2dev version 3.2.9 (Aug 2023) o Write utf8-encoded postscript and tex-outputs. Ticket numbers refer to https://sourceforge.net/p/mcj/tickets/#. o Include sys/wait.h to build on some bsds. o Process crafted input files, tickets #142, #145, #146, #147, #148, and #152. o Correctly scale dxf output, ticket #91. o Correct a typo causing incorrect eps import, ticket #137. o Regression, pass driver names to driver, ticket #139.- Port and rename patch transfig-3.2.8.dif which is now transfig-3.2.9.dif- Port patches
* fig2dev-3.2.6-fig2mpdf.patch
* transfig-fix-afl.patch- Remove patches now upstream
* 0001-Make-ModDate-and-CreationDate-in-PDF-reproducible.patch
* 1b09a8.patch
* Sat Mar 18 2023 Stefan Brüns - Drop obsolete fig2dev-3.2.6a-RGBFILE.patch.- Set correct path for X11 rgb.txt file (no longer in /etc), recommend rgb package.- Fix typo for enable-scale-pict2e option.- Remove obsolsete hunks from transfig-3.2.8.dif, rebase fig2dev-3.2.6-fig2mpdf.patch.- Avoid epstopdf dependency, add 0001-Use-native-fig2dev-pdf-output-instead-of-epstopdf.patch This also fixes unreproducible figures created by fig2mpdf.- Fix CFLAGS checks, -Wformat-security requires -Wformat.
* Thu Mar 09 2023 Stefan Brüns - Make PDF output via ghostscript (for large parts) reproducible, add 0001-Make-ModDate-and-CreationDate-in-PDF-reproducible.patch
* Thu Mar 09 2023 Stefan Brüns - Fix fig2mpdf documentation:
* rerun latex to get references right.
* uudecode images for html documentation.- Clean up spec file, remove parts for EOLed SLE 11.- Depend on texlive-epstopdf only if texlive is installed.- Use weak dependency on ghostscript, vector output formats like EPS, PS and SVG do not depend on it.
* Wed Oct 06 2021 Dr. Werner Fink - Update to fig2dev version 3.2.8 Patchlevel 8b (Aug 2021) o Detect the output language from the output file name. o On the command line, a minus (-) as input or output file name refers to standard input or standard output. o Correct buffer overflows and segfaults, mainly due to maliciously crafted input files, tickets #113-117, #122, #123, #125-#135. o With -Lepic -P, generate a complete tex file. o Correctly produce a gif if a transparent color is given, ticket #121. o Return with error if no space is left on the device. Ticket #101.- Remove patch 6827c09d.patch now upstream- Add patch 1b09a8.patch from upstream (for ticket #137)- Port patch fig2dev-3.2.6-fig2mpdf.patch back- This Update includes the fixes for
* bsc#1190618, CVE-2020-21529: stack buffer overflow in the bezier_spline function in genepic.c.
* bsc#1190615, CVE-2020-21530: segmentation fault in the read_objects function in read.c.
* bsc#1190617, CVE-2020-21531: global buffer overflow in the conv_pattern_index function in gencgm.c.
* bsc#1190616, CVE-2020-21532: global buffer overflow in the setfigfont function in genepic.c.
* bsc#1190612, CVE-2020-21533: stack buffer overflow in the read_textobject function in read.c.
* bsc#1190611, CVE-2020-21534: global buffer overflow in the get_line function in read.c.
* bsc#1190607, CVE-2020-21535: segmentation fault in the gencgm_start function in gencgm.c.
* bsc#1192019, CVE-2021-32280: NULL pointer dereference in compute_closed_spline() in trans_spline.c
* Mon Aug 16 2021 Dr. Werner Fink - Skip requirement of texlive-epstopdf as SLE-12 does not have that
* Wed Aug 11 2021 Dr. Werner Fink - Skip build of documentation of fig2mpdf on SLE-12
* Fri Jun 18 2021 Dr. Werner Fink - Make spec file build with older SLE versions as well
* This version is used by xfig 3.2.8 and above
* Fri May 21 2021 Dr. Werner Fink - Add upstream commit as patch 6827c09d.patch Global buffer overflow in fig2dev/read.c in function read_colordef() (boo#1186329, CVE-2021-3561)
* Thu Apr 01 2021 Dr. Werner Fink - Update to fig2dev version 3.2.8 Patchlevel 8a (Mar 2021) o Allow closed splines with three points. o Fix build under Darwin.- Correct hunk offsets of the patch o transfig-3.2.8.dif
* Fri Feb 12 2021 Dr. Werner Fink - Update to fig2dev version 3.2.8 (Patchlevel 8 (Dec 2020) o Use deflate to embed image data into eps output, often substantially reducing file size. o Embed pdf files into ps output by converting the pdf to eps. o Allow negative arrow widths. This might be useful for asymmetric arrow tips, which can thus be mirrored around the corresponding line. Ticket numbers refer to https://sourceforge.net/p/mcj/tickets/#. o Reject negative text font sizes. Fixes ticket #86. o Allow fig files ending without previous eol character. Fixes #83, #84. o Accept text and ellipse angles only within -2
*pi to 2
*pi. Fixes #76. o Allow -1 as default TeX font, not only 0. Fixes #71, #75, #81. o Do not allow ASCII NUL anywhere in input. Fixes #65, #68, #73, #80. o Use getline() to improve input scanning. Fixes tickets #58, #59, #61, #62, #67, #78, #79, #82. o Correctly scan embedded pdfs for /MediaBox value. o Convert polygons having too few points to polylines. Ticket #56. o Reject huge arrow types causing integer overflow. Ticket #57. o Allow Fig v2 text strings ending with multiple ^A. Ticket #55. o Embed images in pdfs with their original compression type, i.e., leave the gs switch \"-dAutoFilterColorImages\" at its default value \"true\".- This update includes the fixes for bsc#1159293 - CVE-2019-19797: transfig,xfig: out-of-bounds write in read_colordef in read.c bsc#1161698 - CVE-2019-19555: transfig,xfig: stack-based buffer overflow because of an incorrect sscanf bsc#1159130 - CVE-2019-19746: transfig,xfig: segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type bsc#1189343 - CVE-2020-21680: transfig: A stack-based buffer overflow in the put_arrow() component in genpict2e.c bsc#1189345 - CVE-2020-21681: transfig: A global buffer overflow in the set_color component in genge.c bsc#1189325 - CVE-2020-21683: transfig: A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c bsc#1189346 - CVE-2020-21682: transfig: A global buffer overflow in the set_fill component in genge.c and many more- Port and rename patch transfig-3.2.6.dif which is now transfig-3.2.8.dif- Remove patches now obsolete
* 00cded.patch
* 100e27.patch
* 2f8d1a.patch
* 3065eb.patch
* 3165d8.patch
* 421afa.patch
* 4d4e1f.patch
* 639c36.patch
* CVE-2019-19555.patch
* CVE-2019-19746.patch
* CVE-2019-19797.patch
* acccc8.patch
* c379fe.patch
* ca48cc.patch
* d6a10d.patch
* d70e4b.patch
* e3cee2.patch
* transfig.3.2.5-binderman.dif
* transfig.3.2.5d-mediaboxrealnb.dif- Port patches
* fig2dev-3.2.6-fig2mpdf.patch
* fig2dev-3.2.6a-RGBFILE.patch
  
ICM