From f76824ae012b4b127a11d982d1639ef8169102e3 Mon Sep 17 00:00:00 2001 From: wk333 <13474090681@163.com> Date: Wed, 7 Aug 2024 15:11:19 +0800 Subject: [PATCH] Fix CVE-2023-46048 and sync release --- CVE-2023-46048.patch | 54 ++++++++++++++++++++++++++++++++++++++++++++ texlive-base.spec | 25 ++++++++++++-------- 2 files changed, 70 insertions(+), 9 deletions(-) create mode 100644 CVE-2023-46048.patch diff --git a/CVE-2023-46048.patch b/CVE-2023-46048.patch new file mode 100644 index 0000000..583095f --- /dev/null +++ b/CVE-2023-46048.patch @@ -0,0 +1,54 @@ +Origin: +https://github.com/TeX-Live/texlive-source/commit/33b330bc48ed2df69daf80a81be3cde8bf794816 +https://tug.org/pipermail/tex-live/2023-August/049402.html + +From 33b330bc48ed2df69daf80a81be3cde8bf794816 Mon Sep 17 00:00:00 2001 +From: Karl Berry +Date: Sat, 26 Aug 2023 17:50:10 +0000 +Subject: [PATCH] guard against corrupt pfb in dup tests, pdftex r910 + +git-svn-id: svn://tug.org/texlive/trunk/Build/source@68069 c570f23f-e606-0410-a88d-b1316a301751 +--- + texlive-20180414-source/texk/web2c/pdftexdir/writet1.c | 15 ++++++++++++--- + 1 files changed, 12 insertions(+), 3 deletions(-) + +diff --git a/texlive-20180414-source/texk/web2c/pdftexdir/writet1.c b/texlive-20180414-source/texk/web2c/pdftexdir/writet1.c +index 0444d46be0..f2a8386cab 100644 +--- a/texlive-20180414-source/texk/web2c/pdftexdir/writet1.c ++++ b/texlive-20180414-source/texk/web2c/pdftexdir/writet1.c +@@ -841,7 +841,10 @@ static char **t1_builtin_enc(void) + *t1_buf_array == '/' && valid_code(i)) { + if (strcmp(t1_buf_array + 1, notdef) != 0) + glyph_names[i] = xstrdup(t1_buf_array + 1); +- p = strstr(p, " put") + strlen(" put"); ++ p = strstr(p, " put"); ++ if (!p) ++ pdftex_fail("invalid pfb, no put found in dup"); ++ p += strlen(" put"); + skip(p, ' '); + } + /* +@@ -850,7 +853,10 @@ static char **t1_builtin_enc(void) + else if (sscanf(p, "dup dup %i exch %i get put", &b, &a) == 2 + && valid_code(a) && valid_code(b)) { + copy_glyph_names(glyph_names, a, b); +- p = strstr(p, " get put") + strlen(" get put"); ++ p = strstr(p, " get put"); ++ if (!p) ++ pdftex_fail("invalid pfb, no get put found in dup dup"); ++ p += strlen(" get put"); + skip(p, ' '); + } + /* +@@ -861,7 +867,10 @@ static char **t1_builtin_enc(void) + && valid_code(a) && valid_code(b) && valid_code(c)) { + for (i = 0; i < c; i++) + copy_glyph_names(glyph_names, a + i, b + i); +- p = strstr(p, " putinterval") + strlen(" putinterval"); ++ p = strstr(p, " putinterval"); ++ if (!p) ++ pdftex_fail("invalid pfb, no putinterval found in dup dup"); ++ p += strlen(" putinterval"); + skip(p, ' '); + } + /* diff --git a/texlive-base.spec b/texlive-base.spec index dd798c0..f3f047b 100644 --- a/texlive-base.spec +++ b/texlive-base.spec @@ -4,7 +4,7 @@ Name: texlive-base Version: 20180414 -Release: 36 +Release: 38 Epoch: 7 Summary: TeX formatting system License: ASL 2.0 and LGPL-2.1-only and Zlib and OFL-1.1 and Public Domain and LGPL-2.0-only and GPLv2+ and MPL-1.1 and Libpng and LGPL-3.0-only and BSL-1.0 and GPLv2 and GPLv3 and CPL-1.0 and IJG and MIT and LPPL-1.3c and ICU and psutils @@ -381,6 +381,7 @@ Patch0006: texlive-base-CVE-2018-17407.patch Patch0007: fix-build-error-when-srctopdf-is-ok.patch Patch0008: remove-support-of-poppler.patch Patch0009: CVE-2023-32700.patch +Patch0010: CVE-2023-46048.patch Patch1000: 1000-add-sw_64-support-not-upstream-modified-files.patch BuildRequires: xz libXaw-devel libXi-devel ncurses-devel bison flex file perl(Digest::MD5) texinfo gcc-c++ @@ -5881,7 +5882,7 @@ cd work --enable-shared --enable-compiler-warnings=max --without-cxx-runtime-hack \ --disable-native-texlive-build --disable-t1utils --disable-psutils --disable-biber --disable-ptexenc --disable-largefile \ --disable-xindy --disable-xindy-docs --disable-xindy-make-rules \ -%ifarch aarch64 loongarch64 sw_64 +%ifarch aarch64 riscv64 loongarch64 sw_64 ppc64le --disable-luajittex --disable-mfluajit \ %endif --disable-rpath @@ -7092,7 +7093,7 @@ done <<< "$list" %{_includedir}/synctex/ %{_includedir}/texlua52/ %{_includedir}/texlua53/ -%ifnarch aarch64 loongarch64 sw_64 +%ifnarch aarch64 riscv64 loongarch64 sw_64 ppc64le %{_includedir}/texluajit/ %endif %{_libdir}/*.so @@ -7161,7 +7162,7 @@ done <<< "$list" %files -n texlive-luatex %license gpl2.txt %{_bindir}/dviluatex -%ifnarch aarch64 loongarch64 sw_64 +%ifnarch aarch64 riscv64 loongarch64 sw_64 ppc64le %{_bindir}/luajittex %{_bindir}/texluajit %{_bindir}/texluajitc @@ -7268,7 +7269,7 @@ done <<< "$list" %license gpl2.txt %{_bindir}/mflua %{_bindir}/mflua-nowin -%ifnarch aarch64 loongarch64 sw_64 +%ifnarch aarch64 loongarch64 sw_64 ppc64le %{_bindir}/mfluajit %{_bindir}/mfluajit-nowin %endif @@ -8123,14 +8124,20 @@ done <<< "$list" %doc %{_datadir}/texlive/texmf-dist/doc/latex/yplan/ %changelog +* Mon Aug 05 2024 wangkai <13474090681@163.com> - 7:20180414-38 +- Fix CVE-2023-46048 + +* Mon Mar 18 2024 hefq343 - 7:20180414-37 +- add ppc64le support + * Fri Aug 11 2023 yeqinglong - 7:20180414-36 -- add sw_64 support +- add sw_64 support and fix loongarch64 error * Mon Jul 03 2023 yaoxin - 7:20180414-35 - Fix CVE-2023-32700 -* Mon Feb 6 2023 Wenlong Zhang - 7:20180414-34 -- fix build error for loongarch64 +* Fri Jan 06 2023 misaka00251 - 20180414-34 +- Fix build on riscv64 * Wed Jan 19 2022 xu_ping - 20180414-33 - remove useless BuildRequires poppler @@ -8141,7 +8148,7 @@ done <<< "$list" * Sat Jul 31 2021 Haiwei Li - 20180414-31 - Fix compilation failed due to multiple definition -* Wed 30 Jun 2021 sunguoshuai - 20180414-30 +* Wed Jun 30 2021 sunguoshuai - 20180414-30 - Fix build error when srctopdf is ok * Thu Sep 10 2020 baizhonggui - 20180414-29 -- Gitee