Bug#709146: several security issues due embedded t1lib
Hi Norbert,
On Wed, May 22, 2013 at 3:17 AM, Norbert Preining <preining@logic.at> wrote:
> On Di, 21 Mai 2013, Ondřej Surý wrote:
>> Thanks, there's also an issue of embedded freetype1 which get's
>> compiled into ttf2pk, which is the most horrible one, since freetype1
>> is unsupported for several years now.
>
> Yeah, I know. Fortunately xdvik was converted, but ttf2pk
> is still not. Any suggestion what to do?
Switch these:
configure: Assuming `--enable-ttf2pk=yes'
configure: Assuming `--enable-ttf2pk2=no'
e.g.
diff --git a/debian/rules b/debian/rules
index 389b60f..c8af93e 100755
--- a/debian/rules
+++ b/debian/rules
@@ -76,6 +76,8 @@ override_dh_auto_configure:
--disable-pmx \
--disable-m-tx \
--disable-texdoctk \
+ --disable-ttf2pk \
+ --enable-ttf2pk2 \
--enable-ipc
override_dh_auto_install:
diff --git a/debian/texlive-binaries.links b/debian/texlive-binaries.links
index 945b3b8..4c6f491 100644
--- a/debian/texlive-binaries.links
+++ b/debian/texlive-binaries.links
@@ -1,2 +1,3 @@
usr/bin/pdftex usr/bin/etex
usr/bin/pdftex usr/bin/pdfetex
+usr/bin/ttf2pk2 usr/bin/ttf2pk
I have a meeting now, but I am doing trial build, will report after it finishes.
If this works, I suggest to run this through a security team and do a
security update of the wheezy.
O.
--
Ondřej Surý <ondrej@sury.org>
Reply to: