gnu: texlive: Fix CVE-2016-10243.

* gnu/packages/patches/texlive-texmf-CVE-2016-10243.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/tex.scm (texlive-texmf-src): Use it.
2017-03-05 20:41:36 -05:00 · 2017-03-05 20:41:36 -05:00 · e20784e65e
parent e2948ef5c1
commit e20784e65e
3 changed files with 21 additions and 0 deletions
--- a/gnu/local.mk
+++ b/gnu/local.mk
@ -930,6 +930,7 @@ dist_patch_DATA =						\
  %D%/packages/patches/tcsh-fix-autotest.patch			\
  %D%/packages/patches/tcsh-fix-out-of-bounds-read.patch	\
  %D%/packages/patches/teensy-loader-cli-help.patch		\
+  %D%/packages/patches/texlive-texmf-CVE-2016-10243.patch	\
  %D%/packages/patches/texi2html-document-encoding.patch	\
  %D%/packages/patches/texi2html-i18n.patch			\
  %D%/packages/patches/tidy-CVE-2015-5522+5523.patch		\
--- a/gnu/packages/patches/texlive-texmf-CVE-2016-10243.patch
+++ b/gnu/packages/patches/texlive-texmf-CVE-2016-10243.patch
@ -0,0 +1,18 @@
+Fix CVE-2016-10243:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10243
+
+Patch adapted from upstream commit:
+
+https://www.tug.org/svn/texlive?view=revision&revision=42605
+
+--- trunk/Master/texmf-dist/web2c/texmf.cnf	2016/11/29 23:10:33	42604
+++ trunk/Master/texmf-dist/web2c/texmf.cnf	2016/11/29 23:27:53	42605
+@@ -568,7 +568,6 @@ extractbb,\
+ gregorio,\
+ kpsewhich,\
+ makeindex,\
+-mpost,\
+ repstopdf,\
+ 
+ % we'd like to allow:
--- a/gnu/packages/tex.scm
+++ b/gnu/packages/tex.scm
@ -72,6 +72,8 @@
  (origin
    (method url-fetch)
    (uri "ftp://tug.org/historic/systems/texlive/2016/texlive-20160523b-texmf.tar.xz")
+    (patches (search-patches "texlive-texmf-CVE-2016-10243.patch"))
+    (patch-flags '("-p2"))
    (sha256 (base32
              "1dv8vgfzpczqw82hv9g7a8djhhyzywljmrarlcyy6g2qi5q51glr"))))