From e26ed71454bd557021f367d67d9177925c305f81 Mon Sep 17 00:00:00 2001
From: Captain Wei <captain.a.wei@gmail.com>
Date: Mon, 11 May 2020 11:30:21 +0800
Subject: [PATCH 1/5] add yaml file

---
 enscript.yaml | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 enscript.yaml

diff --git a/enscript.yaml b/enscript.yaml
new file mode 100644
index 0000000..a0a9e00
--- /dev/null
+++ b/enscript.yaml
@@ -0,0 +1,4 @@
+version_control: git
+src_repo: git://git.savannah.org/enscript.git
+tag_prefix: ^v
+seperator: .
-- 
Gitee


From a9a0a8796a28ab6f3ea9fe0d1452015e3e08b55b Mon Sep 17 00:00:00 2001
From: maminjie <maminjie1@huawei.com>
Date: Fri, 17 Jul 2020 21:25:47 +0800
Subject: [PATCH 2/5] fix yaml file

---
 enscript.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/enscript.yaml b/enscript.yaml
index a0a9e00..35e2c76 100644
--- a/enscript.yaml
+++ b/enscript.yaml
@@ -1,4 +1,4 @@
 version_control: git
-src_repo: git://git.savannah.org/enscript.git
+src_repo: git://git.savannah.gnu.org/enscript.git
 tag_prefix: ^v
 seperator: .
-- 
Gitee


From 4ab3c73c8b846ffd14dddd7cf86ff3e02fdee427 Mon Sep 17 00:00:00 2001
From: baizg1107 <preloyalwhite@163.com>
Date: Mon, 7 Sep 2020 16:57:04 +0800
Subject: [PATCH 3/5] Modify Source

Modify Source0
---
 enscript.spec | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/enscript.spec b/enscript.spec
index bfef6fc..5550bb1 100644
--- a/enscript.spec
+++ b/enscript.spec
@@ -1,10 +1,10 @@
 Name:              enscript
 Version:           1.6.6
-Release:           19
+Release:           20
 Summary:           A plain ASCII to PostScript converter
 License:           GPLv3+
 URL:               http://www.gnu.org/software/enscript
-Source0:           enscript-1.6.6.tar.gz
+Source0:           http://ftp.gnu.org/gnu/enscript/enscript-1.6.6.tar.gz
 Source1:           enscript-ruby-1.6.4.tar.gz
 Source2:           enscript-php-1.6.4.st
 BuildRequires:     gcc autoconf automake gettext gettext-devel
@@ -73,5 +73,8 @@ done
 %{_infodir}/enscript*
 
 %changelog
+* Mon Sep 7 2020 baizhonggui<baizhonggui@huawei.com> - 1.6.6-20
+- Modify Source0
+
 * Thu Nov 21 2019 liujing<liujing144@huawei.com> - 1.6.6-19
 - Package init
-- 
Gitee


From 37e36f30faaa843b77516412235c91820ff31c1a Mon Sep 17 00:00:00 2001
From: lvzhonglin <lvzhonglin@inspur.com>
Date: Wed, 9 Oct 2024 15:56:25 +0800
Subject: [PATCH 4/5] update rpm package description

(cherry picked from commit def532872d8e2dab736952295f27b0f46a3df333)
---
 enscript.spec | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/enscript.spec b/enscript.spec
index 5550bb1..066b111 100644
--- a/enscript.spec
+++ b/enscript.spec
@@ -1,6 +1,6 @@
 Name:              enscript
 Version:           1.6.6
-Release:           20
+Release:           21
 Summary:           A plain ASCII to PostScript converter
 License:           GPLv3+
 URL:               http://www.gnu.org/software/enscript
@@ -28,7 +28,7 @@ which can be used to customize print-outs.
 Summary:          Help documents for enscript
 
 %description      help
-The enscript-help package conatins manual pages and other related files for enscript.
+The enscript-help package contains manual pages and other related files for enscript.
 
 %prep
 %autosetup -p1
@@ -73,6 +73,9 @@ done
 %{_infodir}/enscript*
 
 %changelog
+* Wed Oct 9 2024 lvzhonglin<lvzhonglin@inspur.com> - 1.6.6-21
+- update package description
+
 * Mon Sep 7 2020 baizhonggui<baizhonggui@huawei.com> - 1.6.6-20
 - Modify Source0
 
-- 
Gitee


From 714442866dadde5d1e945b19c684755950fd8418 Mon Sep 17 00:00:00 2001
From: Filpped <pennycng@outlook.com>
Date: Tue, 14 Jan 2025 16:03:58 +0800
Subject: [PATCH 5/5] fix CVE-2018-17942

---
 enscript-CVE-vasnprintf.patch | 15 +++++++++++++++
 enscript.spec                 |  6 +++++-
 2 files changed, 20 insertions(+), 1 deletion(-)
 create mode 100644 enscript-CVE-vasnprintf.patch

diff --git a/enscript-CVE-vasnprintf.patch b/enscript-CVE-vasnprintf.patch
new file mode 100644
index 0000000..623f2ab
--- /dev/null
+++ b/enscript-CVE-vasnprintf.patch
@@ -0,0 +1,15 @@
+diff --git a/intl/vasnprintf.c b/intl/vasnprintf.c
+index 4a8e7f0..65ade71 100644
+--- a/intl/vasnprintf.c
++++ b/intl/vasnprintf.c
+@@ -758,7 +758,9 @@ convert_to_decimal (mpn_t a, size_t extra_zeroes)
+   size_t a_len = a.nlimbs;
+   /* 0.03345 is slightly larger than log(2)/(9*log(10)).  */
+   size_t c_len = 9 * ((size_t)(a_len * (GMP_LIMB_BITS * 0.03345f)) + 1);
+-  char *c_ptr = (char *) malloc (xsum (c_len, extra_zeroes));
++  /* We need extra_zeroes bytes for zeroes, followed by c_len bytes for the
++     digits of a, followed by 1 byte for the terminating NUL.  */
++  char *c_ptr = (char *) malloc (xsum (xsum (extra_zeroes, c_len), 1));
+   if (c_ptr != NULL)
+     {
+       char *d_ptr = c_ptr;
diff --git a/enscript.spec b/enscript.spec
index 066b111..3479fee 100644
--- a/enscript.spec
+++ b/enscript.spec
@@ -1,6 +1,6 @@
 Name:              enscript
 Version:           1.6.6
-Release:           21
+Release:           22
 Summary:           A plain ASCII to PostScript converter
 License:           GPLv3+
 URL:               http://www.gnu.org/software/enscript
@@ -17,6 +17,7 @@ Patch0002:         enscript-1.6.4-rh457720.patch
 Patch0003:         enscript-rh477382.patch
 Patch0004:         enscript-build.patch
 Patch0005:         enscript-bufpos-crash.patch
+Patch0006:         enscript-CVE-vasnprintf.patch
 
 %description
 GNU enscript is a computer program that converts text files to PostScript,
@@ -73,6 +74,9 @@ done
 %{_infodir}/enscript*
 
 %changelog
+* Tue Jan 14 2025 pengjian <pengjian23@mails.ucas.ac.cn> - 1.6.6-22
+- fix CVE-2018-17942
+
 * Wed Oct 9 2024 lvzhonglin<lvzhonglin@inspur.com> - 1.6.6-21
 - update package description
 
-- 
Gitee