Changeset 322b688


Ignore:
Timestamp:
10/09/2018 06:43:22 PM (6 years ago)
Author:
Ken Moffat <ken@…>
Branches:
10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 8.4, 9.0, 9.1, bdubbs/svn, elogind, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, lazarus, lxqt, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
Children:
ecbf490
Parents:
91219185
Message:

Texlive - update patch for vulnerability fixes, and to build with poppler-0.68.0, 0.69.0. Tested on 8.3/p-0.67, svn/p-0.68, 8.2/p-0.62, 8.1 with shipped poppler, p-0.57 was too old. Thanks to Douglas for notifying me of this.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@20608 af4574ff-66df-0310-9fd7-8a98e5e911e0

Files:
3 edited

Legend:

Unmodified
Added
Removed

  • general.ent

    r91219185 r322b688  
    11<!-- $LastChangedBy$ $Date$ -->
    22
    3 <!ENTITY day          "08">                   <!-- Always 2 digits -->
     3<!ENTITY day          "09">                   <!-- Always 2 digits -->
    44<!ENTITY month        "10">                   <!-- Always 2 digits -->
    55<!ENTITY year         "2018">
     
    77<!ENTITY copyholder   "The BLFS Development Team">
    88<!ENTITY version      "&year;-&month;-&day;">
    9 <!ENTITY releasedate  "October 8th, &year;">
     9<!ENTITY releasedate  "October 9th, &year;">
    1010<!ENTITY pubdate      "&year;-&month;-&day;"> <!-- metadata req. by TLDP -->
    1111<!ENTITY blfs-version "svn">                  <!-- svn|[release #] -->

  • introduction/welcome/changelog.xml

    r91219185 r322b688  
    4444
    4545    <listitem>
     46      <para>October 7th, 2018</para>
     47      <itemizedlist>
     48        <listitem>
     49          <para>[ken] - Update texlive patch (security fix) and allow it to
     50          build with both poppler-0.68.0 and -0.69.0. Fixes
     51          <ulink url="&blfs-ticket-root;11223">#11223</ulink>.</para>
     52        </listitem>
     53      </itemizedlist>
     54    </listitem>
     55
     56    <listitem>
    4657      <para>October 8th, 2018</para>
    4758      <itemizedlist>

  • pst/typesetting/texlive.xml

    r91219185 r322b688  
    104104      <listitem>
    105105        <para>Required patch: <ulink
    106         url="&patch-root;/texlive-&texlive-version;-source-upstream_fixes-1.patch"/></para>
     106        url="&patch-root;/texlive-&texlive-version;-source-upstream_fixes-2.patch"/></para>
    107107      </listitem>
    108108    </itemizedlist>
     
    162162        variable to let <systemitem class="username">root</systemitem> use it.
    163163      </para>
     164
     165      <para>
     166        If you came here to update an old system (because of the recent
     167        vulnerability) where the poppler version is before 0.62.0, such as
     168        BLFS-8.1, do NOT use the commands in the <literal>MYPOPPLER</literal>
     169        block of instructions, nor the <literal>--with-system-poppler</literal>
     170        or <literal>--with-system-xpdf</literal> options when configuring.
     171      </para>
    164172    </note>
    165173
     
    169177<screen><userinput>export TEXARCH=$(uname -m | sed -e 's/i.86/i386/' -e 's/$/-linux/') &amp;&amp;
    170178
    171 patch -Np1 -i ../texlive-&texlive-version;-source-upstream_fixes-1.patch &amp;&amp;
    172 
    173 mv -v texk/web2c/pdftexdir/pdftoepdf{-newpoppler,}.cc &amp;&amp;
    174 mv -v texk/web2c/pdftexdir/pdftosrc{-newpoppler,}.cc  &amp;&amp;
     179patch -Np1 -i ../texlive-&texlive-version;-source-upstream_fixes-2.patch &amp;&amp;
     180
     181let MYPOPPLER=$(pkg-config --modversion poppler | cut -d '.' -f2)
     182mv -v texk/web2c/pdftexdir/pdftosrc{-newpoppler,}.cc
     183if [ $MYPOPPLER -lt 68 ]; then
     184  mv -v texk/web2c/pdftexdir/pdftoepdf{-newpoppler,}.cc
     185elif [ $MYPOPPLER -lt 69 ]; then
     186  mv -v texk/web2c/pdftexdir/pdftoepdf{-poppler0.68.0,}.cc
     187else
     188  mv -v texk/web2c/pdftexdir/pdftoepdf{-poppler0.69.0,}.cc
     189fi &amp;&amp;
     190unset MYPOPPLER &amp;&amp;
    175191
    176192mkdir texlive-build &amp;&amp;
     
    260276
    261277    <para>
    262       <command>patch -Np1 -i ../texlive-&texlive-version;-source-upstream_fixes-1.patch</command>:
     278      <command>patch -Np1 -i ../texlive-&texlive-version;-source-upstream_fixes-2.patch</command>:
    263279      various problems have come to light since the shipped source was frozen to
    264280      be committed to DVDs. In particular, a segmentation fault in dvipdfm-x from
    265       XeTeX and changes in upstream poppler-0.64.0.
    266     </para>
    267 
    268     <para>
    269       <command>mv -v texk/web2c/pdftexdir/pdftoepdf{-newpoppler,}.cc ...</command>:
    270       The &texlive-year; version of texlive ships with support for poppler-0.57.0
    271       and older, but it includes alternative newpoppler files which enable building
    272       with poppler-0.62.0 or newer.
     281      XeTeX and changes in newer versions of <application>poppler</application>,
     282      also an important vulnerability fix.
     283    </para>
     284
     285    <para>
     286      <command>let MYPOPPLER=...</command>: Because the vulnerability fix applies to
     287      many past years of <application>texlive</application>, the tests aim to allow
     288      updating using system versions of poppler since 0.62.0. The amended files for
     289      newer versions of poppler need to be copied over the original versions,
     290      depending on which version is being used.
    273291    </para>
    274292
Note: See TracChangeset for help on using the changeset viewer.