* New features: gropdf(1), pdfmom(1)
* Lots of our patches were accepted upstream, lots of upstream bug fixes.
Tested by landry@ and pascal@, ok landry@ and sthen@.
do not print "OpenBSD 5.0" but "OpenBSD ports".
While here, remove some noise from the groff build log.
Bump the groff package.
Technically, this changes the contents of all packages that USE_GROFF,
but please refrain from bumping the world: Having "OpenBSD 5.0" in
the footers of some ports manual until they are updated the next time,
or until the next libc bump if they aren't, is not a real problem.
string "OpenBSD ports" suggested and patch ok'ed by sthen@
Build fonts before using them; fixes parallel builds as tested by naddy@.
In case we ever support PDF, don't break parallel builds; ok pascal@.
These are all purely build system fixes; no package change, no bump.
* Unbreak groff manuals by using tbl(1); reported by pascal@.
* Deal with our Mdocdate cvs keyword; as designed by jmc@ in 2007.
* Use troffrc for OpenBSD config changes; suggested by Werner Lemberg.
* Unbreak the hdtbl examples; from upstream.
* Volume names in man(7) page headers; suggested by Yuri Pankov.
* Update various string tables; coordinated with upstream.
* Add a README explaining local changes; using feedback from pascal@.
* Better description and bump.
ok pascal@, and tested in an i386 bulk build by naddy@, thanks!
because mandoc(1) doesn't like them, with the exception
of groff_mdoc(7), which is derived from the traditional
mdoc.samples(7) and which is just fine with mandoc(1).
Problem reported and fix tested by <Pascal dot Stumpf at cubes dot de>.
naddy@ and deraadt@ agree with the general direction
Solar Designer did an audit of temp file handling in groff-1.20.
He found and fixed *lots* of ugliness, but most does not look
exploitable and some was already improved in groff-1.21.
This is my own fix for the only one that, with a huge amount of extra
paranoia, might be worth patching. To mount an exploit, the attacker
would need to trick root into setting an unusable TMPDIR (or similar)
variable in the environment such that mktemp -d fails, then convince
root to run pdfroff (*you* don't run that as root, do you?), then
handle a race condition to find the PID and predict the temp file
name to mount a symlink attack.
"I think we should still go for the fix" jasper@
Lots of new functionality, lots of bug fixes, and bringing in
significant maintenance efforts from upstream.
To name just one specific example, the number of arguments mdoc(7)
macros can take is no longer limited.
Two of the more tricky patches contributed by naddy@, thanks!
Tested in bulk builds by landry@.
Tested on sparc (GCC 2) by phessler@ and on alpha (GCC 3) by naddy@.
ok naddy@, landry@
Before using this to build ports, make sure you install
the src/usr.sbin/pkg_add/OpenBSD/PackingElement.pm patch
i'm going to commit right afterwards as well, or you will end up
with ports manuals containing ANSI escape sequences.
