[Debian-tex-commits] SVN tex-common commit + diffs: r4812 - in tex-common/trunk: conf/texmf.d debian debian/po
Norbert Preining
preining at alioth.debian.org
Wed Mar 23 00:43:43 UTC 2011
Author: preining
Date: 2011-03-23 00:43:41 +0000 (Wed, 23 Mar 2011)
New Revision: 4812
Modified:
tex-common/trunk/conf/texmf.d/95NonPath.cnf
tex-common/trunk/debian/changelog
tex-common/trunk/debian/control
tex-common/trunk/debian/po/da.po
Log:
- update da.po
- bump standards version
- disable shell_escape completely, fix for DSA-2198-1, CVE-2011-1400
Modified: tex-common/trunk/conf/texmf.d/95NonPath.cnf
===================================================================
--- tex-common/trunk/conf/texmf.d/95NonPath.cnf 2011-03-18 13:22:21 UTC (rev 4811)
+++ tex-common/trunk/conf/texmf.d/95NonPath.cnf 2011-03-23 00:43:41 UTC (rev 4812)
@@ -45,19 +45,11 @@
% commands listed in shell_escape_commands are allowed. Although this
% is not fully secure either, it is much better, and so useful that we
% enable it for everything but bare tex.
-shell_escape = p
+shell_escape = f
-% Special: convert is the standard command name for ImageMagick, but it
-% is also the name of a dangerous filesystem-changing command on
-% Windows. So enable imgconvert (used in w32tex), but not convert.
-
% No spaces in this command list.
shell_escape_commands = \
-bibtex,bibtex8,dvips,epstopdf,epspdf,etex,fc-match,\
-imgconvert,\
-kpsewhich,makeindex,mkgrkindex,\
-pdfluatex,ps2pdf,ps4pdf,pstopdf,pygmentize,\
-rpdfcrop,texindy,xindy,ulqda\
+false
% plain TeX should remain unenhanced.
shell_escape.tex = f
Modified: tex-common/trunk/debian/changelog
===================================================================
--- tex-common/trunk/debian/changelog 2011-03-18 13:22:21 UTC (rev 4811)
+++ tex-common/trunk/debian/changelog 2011-03-23 00:43:41 UTC (rev 4812)
@@ -1,12 +1,13 @@
tex-common (2.09) unstable; urgency=low
- * UNRELEASED
* fix creation of ls-R files in /usr/local/share/texmf by updmap-sys
which is called in the trigger section of tex-common's postinst.
This fixes a policy violation. (Closes: #607857)
* update Danish translation (Closes: #608423)
+ * disable shell escape completely (fix for CVE-2011-1400, DSA-2198-1)
+ * bump standards version to 3.9.1, no changes necessary
- -- Norbert Preining <preining at debian.org> Sun, 02 Jan 2011 16:57:39 +0900
+ -- Norbert Preining <preining at debian.org> Wed, 23 Mar 2011 09:42:02 +0900
tex-common (2.08) unstable; urgency=low
Modified: tex-common/trunk/debian/control
===================================================================
--- tex-common/trunk/debian/control 2011-03-18 13:22:21 UTC (rev 4811)
+++ tex-common/trunk/debian/control 2011-03-23 00:43:41 UTC (rev 4812)
@@ -5,7 +5,7 @@
Uploaders: Julian Gilbey <jdg at debian.org>, C.M. Connelly <cmc at debian.org>, Atsuhito KOHDA <kohda at debian.org>, Frank Küster <frank at debian.org>, Florent Rougon <frn at debian.org>, Norbert Preining <preining at debian.org>
Build-Depends: debhelper (>= 5.0.0), po-debconf
Build-Depends-Indep: debiandoc-sgml, eperl
-Standards-Version: 3.8.4
+Standards-Version: 3.9.1
Vcs-Svn: svn://svn.debian.org/svn/debian-tex/tex-common/trunk
Vcs-Browser: http://svn.debian.org/wsvn/debian-tex/tex-common/trunk/
Modified: tex-common/trunk/debian/po/da.po
===================================================================
--- tex-common/trunk/debian/po/da.po 2011-03-18 13:22:21 UTC (rev 4811)
+++ tex-common/trunk/debian/po/da.po 2011-03-23 00:43:41 UTC (rev 4812)
@@ -12,6 +12,7 @@
"PO-Revision-Date: 2010-12-30 19:25+0200\n"
"Last-Translator: Joe Hansen <joedalton2 at yahoo.dk>\n"
"Language-Team: Danish <debian-l10n-danish at lists.debian.org>\n"
+"Language: da\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
@@ -45,9 +46,9 @@
"${filename} that is provided by the package should be available as "
"${filename}.ucf-dist."
msgstr ""
-"TeX vil ikke fungere før, at konfigurationsfilerne er rettet. Den udgave "
-"af ${filename}, som følger med pakken, skulle være tilgængelig som "
-"${filename}.ucf-dist."
+"TeX vil ikke fungere før, at konfigurationsfilerne er rettet. Den udgave af "
+"${filename}, som følger med pakken, skulle være tilgængelig som ${filename}."
+"ucf-dist."
#. Type: error
#. Description
@@ -70,5 +71,3 @@
"An essential entry is invalid in ${filename}: ${variable} does not contain:"
msgstr ""
"En essentiel linje er ugyldig i ${filename}: ${variable} indeholder ikke:"
-
-
More information about the Debian-tex-commits
mailing list