svn commit: r406304 - in head/textproc/py-pygments: . files
Raphael Kubo da Costa
rakuco at FreeBSD.org
Sun Jan 17 12:03:38 UTC 2016
Author: rakuco
Date: Sun Jan 17 12:03:37 2016
New Revision: 406304
URL: https://svnweb.freebsd.org/changeset/ports/406304
Log:
Add upstream patch to fix CVE-2015-8557.
PR: 206072
Approved by: ports-secteam (miwi)
Security: 5f276780-b6ce-11e5-9731-5453ed2e2b49
Added:
head/textproc/py-pygments/files/
head/textproc/py-pygments/files/patch-CVE-2015-8557 (contents, props changed)
Modified:
head/textproc/py-pygments/Makefile
Modified: head/textproc/py-pygments/Makefile
==============================================================================
--- head/textproc/py-pygments/Makefile Sun Jan 17 11:41:36 2016 (r406303)
+++ head/textproc/py-pygments/Makefile Sun Jan 17 12:03:37 2016 (r406304)
@@ -3,6 +3,7 @@
PORTNAME= pygments
PORTVERSION= 2.0.2
+PORTREVISION= 1
CATEGORIES= textproc python
MASTER_SITES= CHEESESHOP
PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX}
Added: head/textproc/py-pygments/files/patch-CVE-2015-8557
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/textproc/py-pygments/files/patch-CVE-2015-8557 Sun Jan 17 12:03:37 2016 (r406304)
@@ -0,0 +1,49 @@
+# HG changeset patch
+# User Tim Hatch <tim at timhatch.com>
+# Date 1445007300 25200
+# Node ID 0036ab1c99e256298094505e5e92fdacdfc5b0a8
+# Parent c0c0d4049a7c325cd69b764c6ceb7747d319212d
+Avoid the shell entirely when finding fonts.
+
+Manually tested on OS X.
+
+--- pygments/formatters/img.py.orig 2014-11-10 19:17:51 UTC
++++ pygments/formatters/img.py
+@@ -15,6 +15,8 @@ from pygments.formatter import Formatter
+ from pygments.util import get_bool_opt, get_int_opt, get_list_opt, \
+ get_choice_opt, xrange
+
++import subprocess
++
+ # Import this carefully
+ try:
+ from PIL import Image, ImageDraw, ImageFont
+@@ -75,14 +77,11 @@ class FontManager(object):
+ self._create_nix()
+
+ def _get_nix_font_path(self, name, style):
+- try:
+- from commands import getstatusoutput
+- except ImportError:
+- from subprocess import getstatusoutput
+- exit, out = getstatusoutput('fc-list "%s:style=%s" file' %
+- (name, style))
+- if not exit:
+- lines = out.splitlines()
++ proc = subprocess.Popen(['fc-list', "%s:style=%s" % (name, style), 'file'],
++ stdout=subprocess.PIPE, stderr=None)
++ stdout, _ = proc.communicate()
++ if proc.returncode == 0:
++ lines = stdout.splitlines()
+ if lines:
+ path = lines[0].strip().strip(':')
+ return path
+@@ -197,7 +196,7 @@ class ImageFormatter(Formatter):
+ bold and italic fonts will be generated. This really should be a
+ monospace font to look sane.
+
+- Default: "Bitstream Vera Sans Mono"
++ Default: "Bitstream Vera Sans Mono" on Windows, Courier New on *nix
+
+ `font_size`
+ The font size in points to be used.
More information about the svn-ports-head
mailing list