diff options
-rw-r--r-- | gnu/local.mk | 3 | ||||
-rw-r--r-- | gnu/packages/patches/texlive-bin-CVE-2018-17407.patch | 249 | ||||
-rw-r--r-- | gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch | 188 | ||||
-rw-r--r-- | gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch | 31 | ||||
-rw-r--r-- | gnu/packages/tex.scm | 36 |
5 files changed, 269 insertions, 238 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index ec82877970..1844fbd404 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1276,9 +1276,8 @@ dist_patch_DATA = \ %D%/packages/patches/teeworlds-use-latest-wavpack.patch \ %D%/packages/patches/texinfo-perl-compat.patch \ %D%/packages/patches/texinfo-5-perl-compat.patch \ + %D%/packages/patches/texlive-bin-CVE-2018-17407.patch \ %D%/packages/patches/texlive-bin-luatex-poppler-compat.patch \ - %D%/packages/patches/texlive-bin-pdftex-poppler-compat.patch \ - %D%/packages/patches/texlive-bin-xetex-poppler-compat.patch \ %D%/packages/patches/telegram-purple-adjust-test.patch \ %D%/packages/patches/texi2html-document-encoding.patch \ %D%/packages/patches/texi2html-i18n.patch \ diff --git a/gnu/packages/patches/texlive-bin-CVE-2018-17407.patch b/gnu/packages/patches/texlive-bin-CVE-2018-17407.patch new file mode 100644 index 0000000000..63646d420c --- /dev/null +++ b/gnu/packages/patches/texlive-bin-CVE-2018-17407.patch @@ -0,0 +1,249 @@ +This patch adds support for newer versions of Poppler and some upstream +TexLive fixes, including one for CVE-2018-17407. + +It is taken from Linux From Scratch: +<http://www.linuxfromscratch.org/patches/blfs/svn/texlive-20180414-source-upstream_fixes-3.patch>. + +Submitted By: Ken Moffat <ken at linuxfromscratch dot org> +Date: 2018-12-26 +Initial Package Version: 20180414 +Upstream Status: Applied +Origin: Upstream +Description: Two fixes, cherry-picked from svn plus a CVE fix. +I have removed the partial fixes for various system versions of poppler. + +r47469 Fix segfault in dvipdfm-x (XeTeX) on 1/2/4-bit transparent indexed PNGs. + +r47477 Fix a ptex regression for discontinuous kinsoku table. + +Also, via fedora (I got lost in svn) a critical fix for CVE-2018-17407 + +"A buffer overflow in the handling of Type 1 fonts allows arbitrary code +execution when a malicious font is loaded by one of the vulnerable tools: +pdflatex, pdftex, dvips, or luatex." + +diff -Naur a/texk/dvipdfm-x/pngimage.c b/texk/dvipdfm-x/pngimage.c +--- a/texk/dvipdfm-x/pngimage.c 2018-02-17 08:41:35.000000000 +0000 ++++ b/texk/dvipdfm-x/pngimage.c 2018-10-09 01:52:01.648670875 +0100 +@@ -964,12 +964,16 @@ + png_bytep trans; + int num_trans; + png_uint_32 i; ++ png_byte bpc, mask, shift; + + if (!png_get_valid(png_ptr, info_ptr, PNG_INFO_tRNS) || + !png_get_tRNS(png_ptr, info_ptr, &trans, &num_trans, NULL)) { + WARN("%s: PNG does not have valid tRNS chunk but tRNS is requested.", PNG_DEBUG_STR); + return NULL; + } ++ bpc = png_get_bit_depth(png_ptr, info_ptr); ++ mask = 0xff >> (8 - bpc); ++ shift = 8 - bpc; + + smask = pdf_new_stream(STREAM_COMPRESS); + dict = pdf_stream_dict(smask); +@@ -981,7 +985,8 @@ + pdf_add_dict(dict, pdf_new_name("ColorSpace"), pdf_new_name("DeviceGray")); + pdf_add_dict(dict, pdf_new_name("BitsPerComponent"), pdf_new_number(8)); + for (i = 0; i < width*height; i++) { +- png_byte idx = image_data_ptr[i]; ++ /* data is packed for 1/2/4 bpc formats, msb first */ ++ png_byte idx = (image_data_ptr[bpc * i / 8] >> (shift - bpc * i % 8)) & mask; + smask_data_ptr[i] = (idx < num_trans) ? trans[idx] : 0xff; + } + pdf_add_stream(smask, (char *)smask_data_ptr, width*height); +diff -Naur a/texk/dvipsk/writet1.c b/texk/dvipsk/writet1.c +--- a/texk/dvipsk/writet1.c 2016-11-25 18:24:26.000000000 +0000 ++++ b/texk/dvipsk/writet1.c 2018-10-09 01:52:01.648670875 +0100 +@@ -1449,7 +1449,9 @@ + *(strend(t1_buf_array) - 1) = ' '; + + t1_getline(); ++ alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE); + strcat(t1_buf_array, t1_line_array); ++ alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE); + strcpy(t1_line_array, t1_buf_array); + t1_line_ptr = eol(t1_line_array); + } +diff -Naur a/texk/web2c/luatexdir/font/writet1.w b/texk/web2c/luatexdir/font/writet1.w +--- a/texk/web2c/luatexdir/font/writet1.w 2016-11-25 18:24:34.000000000 +0000 ++++ b/texk/web2c/luatexdir/font/writet1.w 2018-10-09 01:52:01.648670875 +0100 +@@ -1625,7 +1625,9 @@ + if (sscanf(p, "%i", &i) != 1) { + strcpy(t1_buf_array, t1_line_array); + t1_getline(); ++ alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE); + strcat(t1_buf_array, t1_line_array); ++ alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE); + strcpy(t1_line_array, t1_buf_array); + t1_line_ptr = eol(t1_line_array); + } +diff -Naur a/texk/web2c/luatexdir/image/pdftoepdf.w b/texk/web2c/luatexdir/image/pdftoepdf.w +--- a/texk/web2c/luatexdir/image/pdftoepdf.w 2018-01-17 18:00:12.000000000 +0000 ++++ b/texk/web2c/luatexdir/image/pdftoepdf.w 2018-10-09 01:52:01.648670875 +0100 +@@ -472,10 +472,10 @@ + break; + */ + case objString: +- copyString(pdf, obj->getString()); ++ copyString(pdf, (GooString *)obj->getString()); + break; + case objName: +- copyName(pdf, obj->getName()); ++ copyName(pdf, (char *)obj->getName()); + break; + case objNull: + pdf_add_null(pdf); +diff -Naur a/texk/web2c/luatexdir/lua/lepdflib.cc b/texk/web2c/luatexdir/lua/lepdflib.cc +--- a/texk/web2c/luatexdir/lua/lepdflib.cc 2018-02-14 14:44:38.000000000 +0000 ++++ b/texk/web2c/luatexdir/lua/lepdflib.cc 2018-10-09 01:52:01.649670868 +0100 +@@ -674,7 +674,7 @@ + uin = (udstruct *) luaL_checkudata(L, 1, M_##in); \ + if (uin->pd != NULL && uin->pd->pc != uin->pc) \ + pdfdoc_changed_error(L); \ +- gs = ((in *) uin->d)->function(); \ ++ gs = (GooString *)((in *) uin->d)->function(); \ + if (gs != NULL) \ + lua_pushlstring(L, gs->getCString(), gs->getLength()); \ + else \ +@@ -1813,7 +1813,7 @@ + if (uin->pd != NULL && uin->pd->pc != uin->pc) + pdfdoc_changed_error(L); + if (((Object *) uin->d)->isString()) { +- gs = ((Object *) uin->d)->getString(); ++ gs = (GooString *)((Object *) uin->d)->getString(); + lua_pushlstring(L, gs->getCString(), gs->getLength()); + } else + lua_pushnil(L); +diff -Naur a/texk/web2c/pdftexdir/writet1.c b/texk/web2c/pdftexdir/writet1.c +--- a/texk/web2c/pdftexdir/writet1.c 2016-11-25 18:24:37.000000000 +0000 ++++ b/texk/web2c/pdftexdir/writet1.c 2018-10-09 01:52:01.649670868 +0100 +@@ -1598,7 +1598,9 @@ + *(strend(t1_buf_array) - 1) = ' '; + + t1_getline(); ++ alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE); + strcat(t1_buf_array, t1_line_array); ++ alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE); + strcpy(t1_line_array, t1_buf_array); + t1_line_ptr = eol(t1_line_array); + } +diff -Naur a/texk/web2c/ptexdir/ptex_version.h b/texk/web2c/ptexdir/ptex_version.h +--- a/texk/web2c/ptexdir/ptex_version.h 2018-01-21 03:48:06.000000000 +0000 ++++ b/texk/web2c/ptexdir/ptex_version.h 2018-10-09 01:52:01.649670868 +0100 +@@ -1 +1 @@ +-#define PTEX_VERSION "p3.8.0" ++#define PTEX_VERSION "p3.8.1" +diff -Naur a/texk/web2c/ptexdir/tests/free_ixsp.tex b/texk/web2c/ptexdir/tests/free_ixsp.tex +--- a/texk/web2c/ptexdir/tests/free_ixsp.tex 1970-01-01 01:00:00.000000000 +0100 ++++ b/texk/web2c/ptexdir/tests/free_ixsp.tex 2018-10-09 01:52:01.649670868 +0100 +@@ -0,0 +1,53 @@ ++%#!eptex -ini -etex ++\let\dump\relax ++\batchmode ++\input plain ++ ++\errorstopmode ++\catcode`@=11 ++\newcount\@tempcnta ++\newcount\@tempcntb ++\newcount\@tempcntc ++\mathchardef\LIM=256 ++ ++\def\MYCHAR#1{% ++ \@tempcntc=\numexpr7*#1+"101\relax ++ \@tempcnta=\@tempcntc\divide\@tempcnta 94 ++ \@tempcntb=\numexpr\@tempcntc-94*\@tempcnta+1\relax ++ \ifnum\@tempcntb<0\advance\@tempcntb94 \advance\@tempcnta-1\fi ++ \advance\@tempcnta18 % 18区以降 ++ \CNTA=\kuten\numexpr"100*\@tempcnta+\@tempcntb\relax ++} ++ ++\newcount\CNT\newcount\CNTA ++\CNT=0 ++\loop ++ \MYCHAR\CNT ++ \message{\the\CNT.} ++ \inhibitxspcode\CNTA=1\relax ++ \advance\CNT1\relax ++ \ifnum\CNT<\LIM ++\repeat ++ ++\newcount\CNTB ++ ++\loop ++ \MYCHAR\CNTB ++ \global\inhibitxspcode\CNTA=3 ++{% ++\CNT=0 ++\loop ++ \MYCHAR\CNT ++ \count@=\numexpr 1-\inhibitxspcode\CNTA\relax ++ \ifnum\count@=0\else\ifnum\CNTB=\CNT\else ++ \errmessage{<\the\CNTB, \the\CNT, \the\inhibitxspcode\CNTA>}\fi\fi ++ \advance\CNT1\relax ++ \ifnum\CNT<\LIM ++\repeat ++} ++ \MYCHAR\CNTB ++ \global\inhibitxspcode\CNTA=1\relax ++ \advance\CNTB1\relax ++ \ifnum\CNTB<\LIM ++\repeat ++\bye +diff -Naur a/texk/web2c/ptexdir/tests/free_pena.tex b/texk/web2c/ptexdir/tests/free_pena.tex +--- a/texk/web2c/ptexdir/tests/free_pena.tex 1970-01-01 01:00:00.000000000 +0100 ++++ b/texk/web2c/ptexdir/tests/free_pena.tex 2018-10-09 01:52:01.649670868 +0100 +@@ -0,0 +1,52 @@ ++%#!eptex -ini -etex ++\let\dump\relax ++\batchmode ++\input plain ++ ++\errorstopmode ++\catcode`@=11 ++\newcount\@tempcnta ++\newcount\@tempcntb ++\newcount\@tempcntc ++\mathchardef\LIM=256 ++ ++\def\MYCHAR#1{% ++ \@tempcntc=\numexpr7*#1+"101\relax ++ \@tempcnta=\@tempcntc\divide\@tempcnta 94 ++ \@tempcntb=\numexpr\@tempcntc-94*\@tempcnta+1\relax ++ \ifnum\@tempcntb<0\advance\@tempcntb94 \advance\@tempcnta-1\fi ++ \advance\@tempcnta18 % 18区以降 ++ \CNTA=\kuten\numexpr"100*\@tempcnta+\@tempcntb\relax ++} ++ ++\newcount\CNT\newcount\CNTA ++\CNT=0 ++\loop ++ \MYCHAR\CNT ++ \message{\the\CNT.} ++ \prebreakpenalty\CNTA=\numexpr\CNT+1\relax ++ \advance\CNT1\relax ++ \ifnum\CNT<\LIM ++\repeat ++ ++\newcount\CNTB ++ ++\loop ++ \MYCHAR\CNTB ++ \global\prebreakpenalty\CNTA=0 ++{% ++\CNT=0 ++\loop ++ \MYCHAR\CNT ++ \count@=\numexpr -\CNT-1+\prebreakpenalty\CNTA\relax ++ \ifnum\count@=0\else\ifnum\CNTB=\CNT\else\errmessage{<\the\CNTB, \the\CNT>}\fi\fi ++ \advance\CNT1\relax ++ \ifnum\CNT<\LIM ++\repeat ++} ++ \MYCHAR\CNTB ++ \global\prebreakpenalty\CNTA=\numexpr\CNTB+1\relax ++ \advance\CNTB1\relax ++ \ifnum\CNTB<\LIM ++\repeat ++\bye diff --git a/gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch b/gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch deleted file mode 100644 index eba4733f32..0000000000 --- a/gnu/packages/patches/texlive-bin-pdftex-poppler-compat.patch +++ /dev/null @@ -1,188 +0,0 @@ -Fix compatibility with Poppler 0.72. - -These files are taken from the upstream "poppler0.72.0.cc" variants and -diffed against the "newpoppler" files from the 20180414 distribution. - -See revision 49336: -https://tug.org/svn/texlive/trunk/Build/source/texk/web2c/pdftexdir/ - ---- a/texk/web2c/pdftexdir/pdftoepdf-newpoppler.cc 1970-01-01 01:00:00.000000000 +0100 -+++ b/texk/web2c/pdftexdir/pdftoepdf-newpoppler.cc 2018-12-09 21:14:58.479732695 +0100 -@@ -22,7 +22,7 @@ - https://git.archlinux.org/svntogit/packages.git/plain/texlive-bin/trunk - by Arch Linux. A little modifications are made to avoid a crash for - some kind of pdf images, such as figure_missing.pdf in gnuplot. --The poppler should be 0.59.0 or newer versions. -+The poppler should be 0.72.0 or newer versions. - POPPLER_VERSION should be defined. - */ - -@@ -120,7 +120,7 @@ - - static InObj *inObjList; - static UsedEncoding *encodingList; --static GBool isInit = gFalse; -+static bool isInit = false; - - // -------------------------------------------------------------------- - // Maintain list of open embedded PDF files -@@ -317,7 +317,7 @@ - pdf_puts("<<\n"); - assert(r->type == objFont); // FontDescriptor is in fd_tree - for (i = 0, l = obj->dictGetLength(); i < l; ++i) { -- key = obj->dictGetKey(i); -+ key = (char *)obj->dictGetKey(i); - if (strncmp("FontDescriptor", key, strlen("FontDescriptor")) == 0 - || strncmp("BaseFont", key, strlen("BaseFont")) == 0 - || strncmp("Encoding", key, strlen("Encoding")) == 0) -@@ -427,7 +427,7 @@ - charset = fontdesc.dictLookup("CharSet"); - if (!charset.isNull() && - charset.isString() && is_subsetable(fontmap)) -- epdf_mark_glyphs(fd, (char *)charset.getString()->getCString()); -+ epdf_mark_glyphs(fd, (char *)charset.getString()->c_str()); - else - embed_whole_font(fd); - addFontDesc(fontdescRef.getRef(), fd); -@@ -454,7 +454,7 @@ - for (i = 0, l = obj->dictGetLength(); i < l; ++i) { - fontRef = obj->dictGetValNF(i); - if (fontRef.isRef()) -- copyFont(obj->dictGetKey(i), &fontRef); -+ copyFont((char *)obj->dictGetKey(i), &fontRef); - else if (fontRef.isDict()) { // some programs generate pdf with embedded font object - copyName((char *)obj->dictGetKey(i)); - pdf_puts(" "); -@@ -566,7 +566,7 @@ - pdf_printf("%s", convertNumToPDF(obj->getNum())); - } else if (obj->isString()) { - s = (GooString *)obj->getString(); -- p = s->getCString(); -+ p = (char *)s->c_str(); - l = s->getLength(); - if (strlen(p) == (unsigned int) l) { - pdf_puts("("); -@@ -664,7 +664,7 @@ - ("PDF inclusion: CID fonts are not supported" - " (try to disable font replacement to fix this)"); - } -- if ((s = ((Gfx8BitFont *) r->font)->getCharName(i)) != 0) -+ if ((s = (char *)((Gfx8BitFont *) r->font)->getCharName(i)) != 0) - glyphNames[i] = s; - else - glyphNames[i] = notdef; -@@ -683,7 +683,7 @@ - } - - // get the pagebox according to the pagebox_spec --static PDFRectangle *get_pagebox(Page * page, int pagebox_spec) -+static const PDFRectangle *get_pagebox(Page * page, int pagebox_spec) - { - if (pagebox_spec == pdfboxspecmedia) - return page->getMediaBox(); -@@ -715,7 +715,7 @@ - { - PdfDocument *pdf_doc; - Page *page; -- PDFRectangle *pagebox; -+ const PDFRectangle *pagebox; - #ifdef POPPLER_VERSION - int pdf_major_version_found, pdf_minor_version_found; - #else -@@ -724,8 +724,8 @@ - // initialize - if (!isInit) { - globalParams = new GlobalParams(); -- globalParams->setErrQuiet(gFalse); -- isInit = gTrue; -+ globalParams->setErrQuiet(false); -+ isInit = true; - } - // open PDF file - pdf_doc = find_add_document(image_name); -@@ -849,7 +849,7 @@ - pageObj = xref->fetch(pageRef->num, pageRef->gen); - pageDict = pageObj.getDict(); - rotate = page->getRotate(); -- PDFRectangle *pagebox; -+ const PDFRectangle *pagebox; - // write the Page header - pdf_puts("/Type /XObject\n"); - pdf_puts("/Subtype /Form\n"); -@@ -977,7 +977,7 @@ - } - l = dic1.getLength(); - for (i = 0; i < l; i++) { -- groupDict.dictAdd(copyString(dic1.getKey(i)), -+ groupDict.dictAdd((const char *)copyString(dic1.getKey(i)), - dic1.getValNF(i)); - } - // end modification -@@ -1001,14 +1001,14 @@ - pdf_puts("/Resources <<\n"); - for (i = 0, l = obj1->dictGetLength(); i < l; ++i) { - obj2 = obj1->dictGetVal(i); -- key = obj1->dictGetKey(i); -+ key = (char *)obj1->dictGetKey(i); - if (strcmp("Font", key) == 0) - copyFontResources(&obj2); - else if (strcmp("ProcSet", key) == 0) - copyProcSet(&obj2); - else -- copyOtherResources(&obj2, key); -+ copyOtherResources(&obj2, (char *)key); - } - pdf_puts(">>\n"); - } - ---- a/texk/web2c/pdftexdir/pdftosrc-newpoppler.cc 1970-01-01 01:00:00.000000000 +0100 -+++ b/texk/web2c/pdftexdir/pdftosrc-newpoppler.cc 2018-12-09 21:14:58.479732695 +0100 -@@ -20,7 +20,7 @@ - /* - This is based on the patch texlive-poppler-0.59.patch <2017-09-19> at - https://git.archlinux.org/svntogit/packages.git/plain/texlive-bin/trunk --by Arch Linux. The poppler should be 0.59.0 or newer versions. -+by Arch Linux. The poppler should be 0.72.0 or newer versions. - POPPLER_VERSION should be defined. - */ - -@@ -109,7 +109,7 @@ - fprintf(stderr, "No SourceName found\n"); - exit(1); - } -- outname = (char *)srcName.getString()->getCString(); -+ outname = (char *)srcName.getString()->c_str(); - // We cannot free srcName, as objname shares its string. - // srcName.free(); - } else if (objnum > 0) { -@@ -118,7 +118,7 @@ - fprintf(stderr, "Not a Stream object\n"); - exit(1); - } -- sprintf(buf, "%s", fileName->getCString()); -+ sprintf(buf, "%s", fileName->c_str()); - if ((p = strrchr(buf, '.')) == 0) - p = strchr(buf, 0); - if (objgen == 0) -@@ -128,7 +128,7 @@ - outname = buf; - } else { // objnum < 0 means we are extracting the XRef table - extract_xref_table = true; -- sprintf(buf, "%s", fileName->getCString()); -+ sprintf(buf, "%s", fileName->c_str()); - if ((p = strrchr(buf, '.')) == 0) - p = strchr(buf, 0); - sprintf(p, ".xref"); -@@ -173,9 +173,9 @@ - - // parse the header: object numbers and offsets - objStr.streamReset(); -- str = new EmbedStream(objStr.getStream(), Object(objNull), gTrue, first); -+ str = new EmbedStream(objStr.getStream(), Object(objNull), true, first); - lexer = new Lexer(xref, str); -- parser = new Parser(xref, lexer, gFalse); -+ parser = new Parser(xref, lexer, false); - for (n = 0; n < nObjects; ++n) { - obj1 = parser->getObj(); - obj2 = parser->getObj(); - diff --git a/gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch b/gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch deleted file mode 100644 index cac716cc59..0000000000 --- a/gnu/packages/patches/texlive-bin-xetex-poppler-compat.patch +++ /dev/null @@ -1,31 +0,0 @@ -Fix compatibility with Poppler 0.72. - -Patch taken from upstream: -https://tug.org/svn/texlive/trunk/Build/source/texk/web2c/xetexdir/pdfimage.cpp?r1=44964&r2=48969&diff_format=u - ---- a/texk/web2c/xetexdir/pdfimage.cpp 2017/08/06 07:12:02 44964 -+++ b/texk/web2c/xetexdir/pdfimage.cpp 2018/10/22 04:01:42 48969 -@@ -82,19 +82,19 @@ - switch (pdf_box) { - default: - case pdfbox_crop: -- r = page->getCropBox(); -+ r = (PDFRectangle *)page->getCropBox(); - break; - case pdfbox_media: -- r = page->getMediaBox(); -+ r = (PDFRectangle *)page->getMediaBox(); - break; - case pdfbox_bleed: -- r = page->getBleedBox(); -+ r = (PDFRectangle *)page->getBleedBox(); - break; - case pdfbox_trim: -- r = page->getTrimBox(); -+ r = (PDFRectangle *)page->getTrimBox(); - break; - case pdfbox_art: -- r = page->getArtBox(); -+ r = (PDFRectangle *)page->getArtBox(); - break; - } diff --git a/gnu/packages/tex.scm b/gnu/packages/tex.scm index 5b29937672..e90e64a6ad 100644 --- a/gnu/packages/tex.scm +++ b/gnu/packages/tex.scm @@ -102,21 +102,23 @@ (base32 "0khyi6h015r2zfqgg0a44a2j7vmr1cy42knw7jbss237yvakc07y")) (patches - (list - ;; This is required for compatibility with Poppler 0.64.0 and to fix a - ;; segmentation fault in dvipdfm-x from XeTeX, and also contains a fix - ;; for CVE-2018-17407. - (origin - (method url-fetch) - (uri (string-append "http://www.linuxfromscratch.org/patches/blfs/" - "svn/texlive-" version "-source-upstream_fixes-2.patch")) - (file-name "texlive-poppler-compat.patch") - (sha256 - (base32 - "04sxy1qv9y575mxwyg3y7rx7mh540pfjqx7yni7ncb5wjbq9pq1a"))) - (search-patch "texlive-bin-luatex-poppler-compat.patch") - (search-patch "texlive-bin-pdftex-poppler-compat.patch") - (search-patch "texlive-bin-xetex-poppler-compat.patch"))))) + (let ((arch-patch + (lambda (name revision hash) + (origin + (method url-fetch) + (uri (string-append "https://git.archlinux.org/svntogit/packages.git" + "/plain/trunk/" name "?h=packages/texlive-bin" + "&id=" revision)) + (file-name (string-append "texlive-bin-" name)) + (sha256 (base32 hash))))) + (arch-revision "e1975bce0b9d270d7c9773c5beb7e87d61ee8f57")) + (append (search-patches "texlive-bin-CVE-2018-17407.patch" + "texlive-bin-luatex-poppler-compat.patch") + (list + (arch-patch "pdftex-poppler0.72.patch" arch-revision + "0p46b6xxxg2s3hx67r0wpz16g3qygx65hpc581xs3jz5pvsiq3y7") + (arch-patch "xetex-poppler-fixes.patch" arch-revision + "1jj1p5zkjljb7id9pjv29cw0cf8mwrgrh4ackgzz9c200vaqpsvx"))))))) (build-system gnu-build-system) (inputs `(("texlive-extra-src" ,texlive-extra-src) @@ -195,9 +197,9 @@ #t)) (add-after 'unpack 'use-code-for-new-poppler (lambda _ - (copy-file "texk/web2c/pdftexdir/pdftoepdf-newpoppler.cc" + (copy-file "texk/web2c/pdftexdir/pdftoepdf-poppler0.72.0.cc" "texk/web2c/pdftexdir/pdftoepdf.cc") - (copy-file "texk/web2c/pdftexdir/pdftosrc-newpoppler.cc" + (copy-file "texk/web2c/pdftexdir/pdftosrc-poppler0.72.0.cc" "texk/web2c/pdftexdir/pdftosrc.cc") #t)) (add-after 'unpack 'disable-failing-test |