Date: Sun, 17 Jan 2016 12:03:37 +0000 (UTC) From: Raphael Kubo da Costa <rakuco@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r406304 - in head/textproc/py-pygments: . files Message-ID: <201601171203.u0HC3bDc077302@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rakuco Date: Sun Jan 17 12:03:37 2016 New Revision: 406304 URL: https://svnweb.freebsd.org/changeset/ports/406304 Log: Add upstream patch to fix CVE-2015-8557. PR: 206072 Approved by: ports-secteam (miwi) Security: 5f276780-b6ce-11e5-9731-5453ed2e2b49 Added: head/textproc/py-pygments/files/ head/textproc/py-pygments/files/patch-CVE-2015-8557 (contents, props changed) Modified: head/textproc/py-pygments/Makefile Modified: head/textproc/py-pygments/Makefile ============================================================================== --- head/textproc/py-pygments/Makefile Sun Jan 17 11:41:36 2016 (r406303) +++ head/textproc/py-pygments/Makefile Sun Jan 17 12:03:37 2016 (r406304) @@ -3,6 +3,7 @@ PORTNAME= pygments PORTVERSION= 2.0.2 +PORTREVISION= 1 CATEGORIES= textproc python MASTER_SITES= CHEESESHOP PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} Added: head/textproc/py-pygments/files/patch-CVE-2015-8557 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/textproc/py-pygments/files/patch-CVE-2015-8557 Sun Jan 17 12:03:37 2016 (r406304) @@ -0,0 +1,49 @@ +# HG changeset patch +# User Tim Hatch <tim@timhatch.com> +# Date 1445007300 25200 +# Node ID 0036ab1c99e256298094505e5e92fdacdfc5b0a8 +# Parent c0c0d4049a7c325cd69b764c6ceb7747d319212d +Avoid the shell entirely when finding fonts. + +Manually tested on OS X. + +--- pygments/formatters/img.py.orig 2014-11-10 19:17:51 UTC ++++ pygments/formatters/img.py +@@ -15,6 +15,8 @@ from pygments.formatter import Formatter + from pygments.util import get_bool_opt, get_int_opt, get_list_opt, \ + get_choice_opt, xrange + ++import subprocess ++ + # Import this carefully + try: + from PIL import Image, ImageDraw, ImageFont +@@ -75,14 +77,11 @@ class FontManager(object): + self._create_nix() + + def _get_nix_font_path(self, name, style): +- try: +- from commands import getstatusoutput +- except ImportError: +- from subprocess import getstatusoutput +- exit, out = getstatusoutput('fc-list "%s:style=%s" file' % +- (name, style)) +- if not exit: +- lines = out.splitlines() ++ proc = subprocess.Popen(['fc-list', "%s:style=%s" % (name, style), 'file'], ++ stdout=subprocess.PIPE, stderr=None) ++ stdout, _ = proc.communicate() ++ if proc.returncode == 0: ++ lines = stdout.splitlines() + if lines: + path = lines[0].strip().strip(':') + return path +@@ -197,7 +196,7 @@ class ImageFormatter(Formatter): + bold and italic fonts will be generated. This really should be a + monospace font to look sane. + +- Default: "Bitstream Vera Sans Mono" ++ Default: "Bitstream Vera Sans Mono" on Windows, Courier New on *nix + + `font_size` + The font size in points to be used.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201601171203.u0HC3bDc077302>