Revision bump including upstream patches for fixing security bugs in dvi backend, libdocument segfaults and problem with pk fonts after applying security patch. Remove old.

Package-Manager: portage-2.1.9.31/cvs/Linux x86_64

9 files changed, 302 insertions, 235 deletions

diff --git a/app-text/evince/ChangeLog b/app-text/evince/ChangeLog
index 4dc968450efe..6be7f8281c7d 100644
--- a/app-text/evince/ChangeLog
+++ b/app-text/evince/ChangeLog
@@ -1,6 +1,17 @@
 # ChangeLog for app-text/evince
-# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-text/evince/ChangeLog,v 1.204 2010/12/07 19:38:52 eva Exp $
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/app-text/evince/ChangeLog,v 1.205 2011/01/18 09:04:51 pacho Exp $
+
+*evince-2.32.0-r1 (18 Jan 2011)
+
+  18 Jan 2011; Pacho Ramos <pacho@gentoo.org> -evince-2.26.2.ebuild,
+  -files/evince-2.27.4-smclient-configure.patch, -evince-2.28.2.ebuild,
+  +evince-2.32.0-r1.ebuild, +files/evince-2.32.0-dvi-CVEs.patch,
+  +files/evince-2.32.0-libdocument-segfault.patch,
+  +files/evince-2.32.0-pk-fonts.patch:
+  Revision bump including upstream patches for fixing security bugs in dvi
+  backend, libdocument segfaults and problem with pk fonts after applying
+  security patch. Remove old.
 
   07 Dec 2010; Gilles Dartiguelongue <eva@gentoo.org> evince-2.32.0.ebuild:
   Re-drop hppa keyword, thanks to Mr_Bones for reminding.
diff --git a/app-text/evince/Manifest b/app-text/evince/Manifest
index f3257a6021d6..fc029c10d36f 100644
--- a/app-text/evince/Manifest
+++ b/app-text/evince/Manifest
@@ -2,22 +2,21 @@
 Hash: SHA1
 
 AUX evince-0.7.1-display-menu.patch 476 RMD160 a16a5e1f32490a7db219442b23cbcf77773e6bdd SHA1 73a97e83b12ad80f6645339978717bcf8c7da575 SHA256 1f450dfe57ef3325cb4642141d76fc8e7bf837c221d81a2593214913af058f4d
-AUX evince-2.27.4-smclient-configure.patch 1994 RMD160 75e5952b1c4f74682c3e19e635849b29db4ff32a SHA1 1c9c65b4a6a66a5761055a90b0ac311c2624eaee SHA256 45d0323ef245bb50f7a64a6e457548356dbe4a5c07f798b5ebaab4ad310b2d65
+AUX evince-2.32.0-dvi-CVEs.patch 3386 RMD160 af5b7e0f74566716b86974a1e2efc34e1b925be5 SHA1 3c4084017e790ed5f0a1a422c1c742e97f89918f SHA256 49d1ed8adc734a005d4d8fdc1912bb115d97f734071d64bcae0aae60f2b5626a
+AUX evince-2.32.0-libdocument-segfault.patch 1388 RMD160 be7abf45994904b6a5f5d2bc2a95574b7d7cf9f9 SHA1 af144209e2064397f53eae5fab6d8597a67d8cf3 SHA256 e9889a7920a8e6bd16b168333d120dfff1a2a2fcfed559d0d2f3678d9d234e74
+AUX evince-2.32.0-pk-fonts.patch 1005 RMD160 bf3db4170d868ed72887e9ab83e031d4184c667b SHA1 77080e8546fed686b8bdb30f6290267a99daec09 SHA256 a8eba65d0a00fae77d85fec202b60762afa82a71695119a66f24a4ab0974fc82
 AUX gconf-2.m4 1579 RMD160 48aa5e5e77d4c024efb70b643403bec8969fe815 SHA1 5e3c4701f63b1b4614f48d94d03440af7155f119 SHA256 2c9a981afe5bba4486c8e0ddb66433aef4af953168bd254f6a5ba1c6692f80f8
-DIST evince-2.26.2.tar.bz2 2033141 RMD160 00dd3dfa006dc019f8f951a356d7260283bf8bab SHA1 1a789e078b4c95f3e3387a45092ae2f222135013 SHA256 5165adb77af7dd355c600bc1fce4bcc7de2538ed02d0f87028660096a61af489
-DIST evince-2.28.2.tar.bz2 2029085 RMD160 981757c9cf9ef9e1bedda70a8387f3b112b40587 SHA1 fccb214cf5649ba8343c4a33e4cd95cafd4878cb SHA256 1c592a978db9951aacdc848c87fa6c2f63216c097669efddf75013b97e5af72b
 DIST evince-2.30.3.tar.bz2 2180874 RMD160 67b5a9ba2da16f20946447cfcbd482505b2f4fc0 SHA1 381730a6fc66bbd823edbd0aa50b480e5d40f130 SHA256 daddd9720bf8fc0156d9a4a5a85485c232393896376707cf7fcedfcbc515732f
 DIST evince-2.32.0.tar.bz2 2295272 RMD160 a2d52685ac119b70cf40f320de457b3dfbac2587 SHA1 2f06a2b9dfd8667f4b4c6e90be3c49f6fe026fc8 SHA256 2a4c91ae38f8b5028cebb91b9da9ddc50ea8ae3f3d429df89ba351da2d787ff7
-EBUILD evince-2.26.2.ebuild 1883 RMD160 2ff2f8d81f724c1f10f8d1b42e214e0dc27ce667 SHA1 643921a3a3580454e65b12acae029151f5645a17 SHA256 b0035b20f725a292fb7be328ab995c56cad92490780beb13ebd7d462bbc1596a
-EBUILD evince-2.28.2.ebuild 2900 RMD160 2bdb8fdf010c1f1c6c2e0737f7e3146cb481535c SHA1 f08fc5c0cebd711be0ec1ced349c156ec645c41f SHA256 3e5f290a18258e17e4f47eff749b1151e5452d075561d87a3f6eab9f8ccd1bcf
 EBUILD evince-2.30.3.ebuild 2831 RMD160 58b5d91ee911d45490b5c65c4b05c6e7664e244d SHA1 993d982d3427ee1dbc898133093861c940550825 SHA256 f18663bde708d7fc7646484270c427e356f7b4e84b84166e5b79f3f948f1abc9
+EBUILD evince-2.32.0-r1.ebuild 3345 RMD160 330b5efdcc4ea70a3574175aded06951f5e59512 SHA1 5aba78c9b922bba2525c807a69479adb187a9d65 SHA256 7c91b639bf365b8a4c6f13e7358e5e1a4101f2c22e257a50fb376d7fb59b57e6
 EBUILD evince-2.32.0.ebuild 2990 RMD160 1ea538d64214d9943de86d6f0d633afee56b2afb SHA1 b93f9ed07352e4ef791f10c45f584df4b708a7f9 SHA256 d9ddd5c8f25fc5ef1c1502c634e256cf1679153945edac28329b915dcdce08ad
-MISC ChangeLog 29385 RMD160 577ffd5a617058597b5c033b9ac4ba04c98b6b90 SHA1 8af7fedcbfe365e93ab38cb814dca7005f0c1dc7 SHA256 107d31123964f94c8993c5166fe7c9576d0af0bd70bf90115ac2788d343591e6
+MISC ChangeLog 29896 RMD160 8bd07f972fd84de5de2786b40dee2d0dd0b8cf8e SHA1 cec68b87875deaa2142eb4288567281d8de8a944 SHA256 6ee31424ada90b77a3cbe7f4888b792ded678c931872e87f602ab917ddd96d8f
 MISC metadata.xml 704 RMD160 86b7f170da9780a261a10f31ca336bc727511962 SHA1 76786146716c3d6ff74232b11f79a9258b82fa8b SHA256 c331692598dc31958f7913fd9948522a3b9c0335f0354bb58d990eeaf8052047
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.16 (GNU/Linux)
 
-iEYEARECAAYFAkz+jVEACgkQ1fmVwcYIWAY2mwCgya5Q3Rk5Q3lFc5qsQnfsYBUb
-XYkAoO2Qvav3FD6lMDUW82K4EHSB8qL3
-=17qj
+iEYEARECAAYFAk01V7gACgkQCaWpQKGI+9QkTACeMcfzgktZ1XJihEbNDOXM8MFc
+UtkAnjMyqnjgQ7pd+0m4svl9G0/gZtyn
+=1sCA
 -----END PGP SIGNATURE-----
diff --git a/app-text/evince/evince-2.26.2.ebuild b/app-text/evince/evince-2.26.2.ebuild
deleted file mode 100644
index 213c70abc563..000000000000
--- a/app-text/evince/evince-2.26.2.ebuild
+++ /dev/null
@@ -1,71 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-text/evince/evince-2.26.2.ebuild,v 1.9 2010/07/20 02:51:29 jer Exp $
-
-EAPI="2"
-
-inherit eutils gnome2
-
-DESCRIPTION="Simple document viewer for GNOME"
-HOMEPAGE="http://www.gnome.org/projects/evince/"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="alpha amd64 ia64 ppc ppc64 sparc x86 ~x86-fbsd"
-IUSE="dbus debug djvu doc dvi gnome-keyring nautilus t1lib tiff"
-
-# FIXME: enable gobject-introspection when we have an ebuild for it.
-# Since 2.26.2, can handle poppler without cairo support. Make it optional ?
-RDEPEND="
-	>=app-text/libspectre-0.2.0
-	>=dev-libs/glib-2.18.0
-	>=dev-libs/libxml2-2.5
-	>=gnome-base/gconf-2
-	>=x11-libs/gtk+-2.12
-	>=x11-libs/libSM-1
-	>=x11-themes/gnome-icon-theme-2.17.1
-	dbus? ( >=dev-libs/dbus-glib-0.71 )
-	gnome-keyring? ( >=gnome-base/gnome-keyring-2.22.0 )
-	nautilus? ( >=gnome-base/nautilus-2.10 )
-	>=app-text/poppler-0.12.3-r3[cairo]
-	dvi? (
-		virtual/tex-base
-		t1lib? ( >=media-libs/t1lib-5.0.0 ) )
-	tiff? ( >=media-libs/tiff-3.6 )
-	djvu? ( >=app-text/djvu-3.5.17 )"
-DEPEND="${RDEPEND}
-	app-text/scrollkeeper
-	>=app-text/gnome-doc-utils-0.3.2
-	~app-text/docbook-xml-dtd-4.1.2
-	>=dev-util/pkgconfig-0.9
-	>=dev-util/intltool-0.35
-	doc? ( dev-util/gtk-doc )"
-
-DOCS="AUTHORS ChangeLog NEWS README TODO"
-ELTCONF="--portage"
-RESTRICT="test"
-
-pkg_setup() {
-	G2CONF="${G2CONF}
-		--disable-scrollkeeper
-		--disable-introspection
-		--enable-pdf
-		--enable-comics
-		--enable-impress
-		--enable-thumbnailer
-		--with-gconf
-		$(use_enable dbus)
-		$(use_enable djvu)
-		$(use_enable dvi)
-		$(use_with gnome-keyring keyring)
-		$(use_enable t1lib)
-		$(use_enable tiff)
-		$(use_enable nautilus)"
-}
-
-src_prepare() {
-	gnome2_src_prepare
-
-	# Fix .desktop file so menu item shows up
-	epatch "${FILESDIR}"/${PN}-0.7.1-display-menu.patch
-}
diff --git a/app-text/evince/evince-2.28.2.ebuild b/app-text/evince/evince-2.28.2.ebuild
deleted file mode 100644
index 180d52626a74..000000000000
--- a/app-text/evince/evince-2.28.2.ebuild
+++ /dev/null
@@ -1,103 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-text/evince/evince-2.28.2.ebuild,v 1.9 2010/08/18 20:42:55 maekke Exp $
-
-EAPI="2"
-
-inherit autotools eutils gnome2
-
-DESCRIPTION="Simple document viewer for GNOME"
-HOMEPAGE="http://www.gnome.org/projects/evince/"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="alpha amd64 arm ia64 ~ppc ~ppc64 sparc x86 ~x86-fbsd ~x86-freebsd ~x86-interix ~amd64-linux ~x86-linux ~x64-solaris"
-IUSE="dbus debug djvu doc dvi gnome gnome-keyring nautilus t1lib tiff"
-# tests introspection
-
-# Since 2.26.2, can handle poppler without cairo support. Make it optional ?
-# not mature enough
-#	introspection? ( >=dev-libs/gobject-introspection-0.6 )
-RDEPEND="
-	>=app-text/libspectre-0.2.0
-	>=dev-libs/glib-2.18.0
-	>=dev-libs/libxml2-2.5
-	>=x11-libs/gtk+-2.14
-	>=x11-libs/libSM-1
-	>=x11-themes/gnome-icon-theme-2.17.1
-	dbus? ( >=dev-libs/dbus-glib-0.71 )
-	gnome? ( >=gnome-base/gconf-2 )
-	gnome-keyring? ( >=gnome-base/gnome-keyring-2.22.0 )
-	nautilus? ( >=gnome-base/nautilus-2.10 )
-	>=app-text/poppler-0.12.3-r3[cairo]
-	dvi? (
-		virtual/tex-base
-		t1lib? ( >=media-libs/t1lib-5.0.0 ) )
-	tiff? ( >=media-libs/tiff-3.6 )
-	djvu? ( >=app-text/djvu-3.5.17 )"
-DEPEND="${RDEPEND}
-	app-text/scrollkeeper
-	>=app-text/gnome-doc-utils-0.3.2
-	~app-text/docbook-xml-dtd-4.1.2
-	>=dev-util/pkgconfig-0.9
-	sys-devel/gettext
-	>=dev-util/intltool-0.35
-	dev-util/gtk-doc-am
-	doc? ( dev-util/gtk-doc )"
-
-DOCS="AUTHORS ChangeLog NEWS README TODO"
-ELTCONF="--portage"
-
-# Needs dogtail and pyspi from http://fedorahosted.org/dogtail/
-# Releases: http://people.redhat.com/zcerza/dogtail/releases/
-RESTRICT="test"
-
-pkg_setup() {
-	G2CONF="${G2CONF}
-		--disable-introspection
-		--disable-scrollkeeper
-		--disable-static
-		--disable-tests
-		--enable-pdf
-		--enable-comics
-		--enable-impress
-		--enable-thumbnailer
-		--with-smclient=xsmp
-		--with-platform=gnome
-		$(use_enable dbus)
-		$(use_enable djvu)
-		$(use_enable dvi)
-		$(use_with gnome gconf)
-		$(use_with gnome-keyring keyring)
-		$(use_enable t1lib)
-		$(use_enable tiff)
-		$(use_enable nautilus)"
-#		$(use_enable introspection)
-}
-
-src_prepare() {
-	gnome2_src_prepare
-
-	# Fix .desktop file so menu item shows up
-	epatch "${FILESDIR}"/${PN}-0.7.1-display-menu.patch
-
-	# Fix bug #279591, compilation error with
-	# --with-smclient=xsmp gave to the configure script
-	epatch "${FILESDIR}"/${PN}-2.27.4-smclient-configure.patch
-
-	# Make it libtool-1 compatible
-	rm -v m4/lt* m4/libtool.m4 || die "removing libtool macros failed"
-
-	# gconf-2.m4 is needed for autoconf; bug 291339
-	if ! use gnome; then
-		cp "${FILESDIR}/gconf-2.m4" m4/ || die "Copying gconf-2.m4 failed!"
-	fi
-
-	intltoolize --force --automake --copy || die "intltoolized failed"
-	eautoreconf
-}
-
-src_install() {
-	gnome2_src_install
-	find "${D}" -name "*.la" -delete || die "remove of la files failed"
-}
diff --git a/app-text/evince/evince-2.32.0-r1.ebuild b/app-text/evince/evince-2.32.0-r1.ebuild
new file mode 100644
index 000000000000..6ab1d87b217a
--- /dev/null
+++ b/app-text/evince/evince-2.32.0-r1.ebuild
@@ -0,0 +1,112 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-text/evince/evince-2.32.0-r1.ebuild,v 1.1 2011/01/18 09:04:51 pacho Exp $
+
+EAPI="3"
+GCONF_DEBUG="yes"
+
+inherit eutils gnome2
+
+DESCRIPTION="Simple document viewer for GNOME"
+HOMEPAGE="http://projects.gnome.org/evince/"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd ~x86-freebsd ~x86-interix ~amd64-linux ~x86-linux ~x64-solaris"
+
+IUSE="dbus debug djvu doc dvi gnome gnome-keyring +introspection nautilus t1lib tiff"
+
+# Since 2.26.2, can handle poppler without cairo support. Make it optional ?
+# not mature enough
+RDEPEND="
+	>=app-text/libspectre-0.2.0
+	>=dev-libs/glib-2.25.11:2
+	>=dev-libs/libxml2-2.5
+	>=x11-libs/gtk+-2.21.5:2[introspection?]
+	>=x11-libs/libSM-1
+	|| (
+		>=x11-themes/gnome-icon-theme-2.17.1
+		>=x11-themes/hicolor-icon-theme-0.10 )
+	>=x11-libs/cairo-1.9.10
+	>=app-text/poppler-0.14[cairo]
+	djvu? ( >=app-text/djvu-3.5.17 )
+	dvi? (
+		virtual/tex-base
+		t1lib? ( >=media-libs/t1lib-5.0.0 ) )
+	gnome? ( >=gnome-base/gconf-2[introspection?] )
+	gnome-keyring? ( >=gnome-base/gnome-keyring-2.22.0 )
+	introspection? ( >=dev-libs/gobject-introspection-0.6 )
+	nautilus? ( >=gnome-base/nautilus-2.10[introspection?] )
+	tiff? ( >=media-libs/tiff-3.6 )
+"
+DEPEND="${RDEPEND}
+	app-text/scrollkeeper
+	>=app-text/gnome-doc-utils-0.3.2
+	~app-text/docbook-xml-dtd-4.1.2
+	>=dev-util/pkgconfig-0.9
+	sys-devel/gettext
+	>=dev-util/intltool-0.35
+	>=dev-util/gtk-doc-am-1.13
+	doc? ( >=dev-util/gtk-doc-1.13 )"
+
+ELTCONF="--portage"
+
+# Needs dogtail and pyspi from http://fedorahosted.org/dogtail/
+# Releases: http://people.redhat.com/zcerza/dogtail/releases/
+RESTRICT="test"
+
+pkg_setup() {
+	# Passing --disable-help would drop offline help, that would be inconsistent
+	# with helps of the most of Gnome apps that doesn't require network for that.
+	G2CONF="${G2CONF}
+		--disable-scrollkeeper
+		--disable-static
+		--disable-tests
+		--enable-pdf
+		--enable-comics
+		--enable-impress
+		--enable-thumbnailer
+		--with-smclient=xsmp
+		--with-platform=gnome
+		--with-gtk=2.0
+		--enable-help
+		--disable-maintainer-mode
+		$(use_enable dbus)
+		$(use_enable djvu)
+		$(use_enable dvi)
+		$(use_with gnome gconf)
+		$(use_with gnome-keyring keyring)
+		$(use_enable introspection)
+		$(use_enable nautilus)
+		$(use_enable t1lib)
+		$(use_enable tiff)"
+	DOCS="AUTHORS ChangeLog NEWS README TODO"
+}
+
+src_prepare() {
+	gnome2_src_prepare
+
+	# Check for NULL in synctex_backward_search preventing segfault, upstream bug #630845
+	epatch "${FILESDIR}"/${P}-libdocument-segfault.patch
+
+	# Fix multiple security issues with dvi backend, bug #350681
+	epatch "${FILESDIR}"/${P}-dvi-CVEs.patch
+
+	# Fix problem with some pk fonts, upstream bug #639746
+	epatch "${FILESDIR}"/${PN}-2.32.0-pk-fonts.patch
+
+	# Fix intltoolize broken file, see upstream #577133
+	sed "s:'\^\$\$lang\$\$':\^\$\$lang\$\$:g" -i po/Makefile.in.in \
+		|| die "intltoolize sed failed"
+
+	# Do not depend on gnome-icon-theme, bug #326855
+	sed 's/gnome-icon-theme//' -i configure.ac configure || die "sed failed"
+
+	# Fix .desktop file so menu item shows up
+	epatch "${FILESDIR}"/${PN}-0.7.1-display-menu.patch
+}
+
+src_install() {
+	gnome2_src_install
+	find "${ED}" -name "*.la" -delete || die "remove of lafiles failed"
+}
diff --git a/app-text/evince/files/evince-2.27.4-smclient-configure.patch b/app-text/evince/files/evince-2.27.4-smclient-configure.patch
deleted file mode 100644
index 532151842065..000000000000
--- a/app-text/evince/files/evince-2.27.4-smclient-configure.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-Prototype of AC_ARG_WITH is the following :
-AC_ARG_WITH (package, help-string, [action-if-given], [action-if-not-given])
-
-action-if-given is executed only if a option --{with,without}-smclient is
-given to the configure script, is nothing is given action-if-not-given is
-executed.
-
-The problem was SMCLIENT_PKGS="sm >= 1.0.0" was assigned ONLY IF nothing was
-given to the configure (default behaviour) so in action-if-not-given.
-If the user gave --with-smclient=stuff "[]" was executed, and then
-SMCLIENT_PKGS was empty, then the PKG_CHECK_MODULES into the if statement
-didn't check it, and necesseraly libSM's cflags and libs wasn't found.
-
- configure.ac |   20 ++++++++++----------
- 1 files changed, 10 insertions(+), 10 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 821c52b..3d8d7c4 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -157,19 +157,19 @@ GDK_TARGET="$($PKG_CONFIG --variable target gdk-2.0)"
- SMCLIENT_PKGS=
- AC_MSG_CHECKING([which smclient backend to use])
- AC_ARG_WITH([smclient],
--  [AS_HELP_STRING([--with-smclient-backend],[which smclient backend to use (no|xsmp|win32|quartz)])],
--  [],
--  [case "$GDK_TARGET" in
--    x11) case "$with_platform" in
--           gnome) with_smclient=xsmp SMCLIENT_PKGS="sm >= 1.0.0" ;;
--           *) with_smclient=no ;;
--         esac ;;
--    win32|quartz) with_smclient=$GDK_TARGET ;;
--    *) with_smclient=no ;;
--   esac])
-+  [AS_HELP_STRING([--with-smclient-backend],[which smclient backend to use (no|xsmp|win32|quartz)])])
- AC_MSG_RESULT([$with_smclient])
- 
- if test "$with_smclient" != "no"; then
-+   case "$GDK_TARGET" in
-+   	x11)
-+	   case "$with_platform" in
-+           	gnome) with_smclient=xsmp SMCLIENT_PKGS="sm >= 1.0.0" ;;
-+           	*) with_smclient=no ;;
-+           esac ;;
-+        win32|quartz) with_smclient=$GDK_TARGET ;;
-+        *) with_smclient=no ;;
-+   esac
-   AC_DEFINE([WITH_SMCLIENT],[1],[Define if smclient is enabled])
- 
-   PKG_CHECK_MODULES([SMCLIENT],[gtk+-2.0 gthread-2.0 $SMCLIENT_PKGS])
diff --git a/app-text/evince/files/evince-2.32.0-dvi-CVEs.patch b/app-text/evince/files/evince-2.32.0-dvi-CVEs.patch
new file mode 100644
index 000000000000..691ee4190a76
--- /dev/null
+++ b/app-text/evince/files/evince-2.32.0-dvi-CVEs.patch
@@ -0,0 +1,97 @@
+From 8e473c9796b9a61b811213e7892fd36fd570303a Mon Sep 17 00:00:00 2001
+From: José Aliste <jaliste@src.gnome.org>
+Date: Tue, 07 Dec 2010 18:56:47 +0000
+Subject: backends: Fix several security issues in the dvi-backend.
+
+See CVE-2010-2640, CVE-2010-2641, CVE-2010-2642 and  CVE-2010-2643.
+---
+diff --git a/backend/dvi/mdvi-lib/afmparse.c b/backend/dvi/mdvi-lib/afmparse.c
+index 164366b..361e23d 100644
+--- a/backend/dvi/mdvi-lib/afmparse.c
++++ b/backend/dvi/mdvi-lib/afmparse.c
+@@ -160,7 +160,7 @@ static char *token(FILE *stream)
+     
+     idx = 0;
+     while (ch != EOF && ch != ' ' && ch != lineterm 
+-           && ch != '\t' && ch != ':' && ch != ';') 
++           && ch != '\t' && ch != ':' && ch != ';' && idx < MAX_NAME)
+     {
+         ident[idx++] = ch;
+         ch = fgetc(stream);
+diff --git a/backend/dvi/mdvi-lib/dviread.c b/backend/dvi/mdvi-lib/dviread.c
+index 97b7b84..ac98068 100644
+--- a/backend/dvi/mdvi-lib/dviread.c
++++ b/backend/dvi/mdvi-lib/dviread.c
+@@ -1537,6 +1537,10 @@ int	special(DviContext *dvi, int opcode)
+ 	Int32	arg;
+ 	
+ 	arg = dugetn(dvi, opcode - DVI_XXX1 + 1);
++	if (arg <= 0) {
++		dvierr(dvi, _("malformed special length\n"));
++		return -1;
++	}
+ 	s = mdvi_malloc(arg + 1);
+ 	dread(dvi, s, arg);
+ 	s[arg] = 0;
+diff --git a/backend/dvi/mdvi-lib/pk.c b/backend/dvi/mdvi-lib/pk.c
+index a579186..08377e6 100644
+--- a/backend/dvi/mdvi-lib/pk.c
++++ b/backend/dvi/mdvi-lib/pk.c
+@@ -469,6 +469,15 @@ static int pk_load_font(DviParams *unused, DviFont *font)
+ 			}
+ 			if(feof(p))
+ 				break;
++
++			/* Although the PK format support bigger char codes,
++                         * XeTeX and other extended TeX engines support charcodes up to
++                         * 65536, while normal TeX engine supports only charcode up to 255.*/
++			if (cc < 0 || cc > 65536) {
++				mdvi_error (_("%s: unexpected charcode (%d)\n"),
++					    font->fontname,cc);
++				goto error;
++			} 
+ 			if(cc < loc)
+ 				loc = cc;
+ 			if(cc > hic)
+@@ -512,7 +521,7 @@ static int pk_load_font(DviParams *unused, DviFont *font)
+ 	}
+ 
+ 	/* resize font char data */
+-	if(loc > 0 || hic < maxch-1) {
++	if(loc > 0 && hic < maxch-1) {
+ 		memmove(font->chars, font->chars + loc, 
+ 			(hic - loc + 1) * sizeof(DviFontChar));
+ 		font->chars = xresize(font->chars,
+diff --git a/backend/dvi/mdvi-lib/tfmfile.c b/backend/dvi/mdvi-lib/tfmfile.c
+index 73ebf26..8c2a30b 100644
+--- a/backend/dvi/mdvi-lib/tfmfile.c
++++ b/backend/dvi/mdvi-lib/tfmfile.c
+@@ -172,7 +172,8 @@ int	tfm_load_file(const char *filename, TFMInfo *info)
+ 	/* We read the entire TFM file into core */
+ 	if(fstat(fileno(in), &st) < 0)
+ 		return -1;
+-	if(st.st_size == 0)
++	/* according to the spec, TFM files are smaller than 16K */
++	if(st.st_size == 0 || st.st_size >= 16384)
+ 		goto bad_tfm;
+ 
+ 	/* allocate a word-aligned buffer to hold the file */
+diff --git a/backend/dvi/mdvi-lib/vf.c b/backend/dvi/mdvi-lib/vf.c
+index fb49847..a5ae3bb 100644
+--- a/backend/dvi/mdvi-lib/vf.c
++++ b/backend/dvi/mdvi-lib/vf.c
+@@ -165,6 +165,12 @@ static int vf_load_font(DviParams *params, DviFont *font)
+ 			cc = fuget1(p);
+ 			tfm = fuget3(p);
+ 		}
++		if (cc < 0 || cc > 65536) {
++			/* TeX engines do not support char codes bigger than 65535 */
++			mdvi_error(_("(vf) %s: unexpected character %d\n"),
++				   font->fontname, cc);
++			goto error;
++		}
+ 		if(loc < 0 || cc < loc)
+ 			loc = cc;
+ 		if(hic < 0 || cc > hic)
+--
+cgit v0.8.3.1
diff --git a/app-text/evince/files/evince-2.32.0-libdocument-segfault.patch b/app-text/evince/files/evince-2.32.0-libdocument-segfault.patch
new file mode 100644
index 000000000000..bef8d80ccefb
--- /dev/null
+++ b/app-text/evince/files/evince-2.32.0-libdocument-segfault.patch
@@ -0,0 +1,35 @@
+From a933a516e9b6a4199d22055f9041747e00498901 Mon Sep 17 00:00:00 2001
+From: José Aliste <jaliste@src.gnome.org>
+Date: Wed, 29 Sep 2010 16:22:32 +0000
+Subject: [libdocument] Check for NULL in synctex_backward_search.
+
+Fixes bug #630845
+---
+diff --git a/libdocument/ev-document.c b/libdocument/ev-document.c
+index 70349dc..742b51c 100644
+--- a/libdocument/ev-document.c
++++ b/libdocument/ev-document.c
+@@ -419,11 +419,16 @@ ev_document_synctex_backward_search (EvDocument *document,
+                 /* We assume that a backward search returns either zero or one result_node */
+                 node = synctex_next_result (scanner);
+                 if (node != NULL) {
+-                        result = g_new (EvSourceLink, 1);
+-                        result->filename = synctex_scanner_get_name (scanner,
+-                                                                     synctex_node_tag (node));
+-                        result->line = synctex_node_line (node);
+-                        result->col = synctex_node_column (node);
++			const gchar *filename;
++
++			filename = synctex_scanner_get_name (scanner, synctex_node_tag (node));
++			
++			if (filename) {
++				result = g_new (EvSourceLink, 1);
++				result->filename = filename;
++				result->line = synctex_node_line (node);
++				result->col = synctex_node_column (node);
++			}
+                 }
+         }
+ 
+--
+cgit v0.8.3.1
diff --git a/app-text/evince/files/evince-2.32.0-pk-fonts.patch b/app-text/evince/files/evince-2.32.0-pk-fonts.patch
new file mode 100644
index 000000000000..8379e7453c03
--- /dev/null
+++ b/app-text/evince/files/evince-2.32.0-pk-fonts.patch
@@ -0,0 +1,37 @@
+From 0a6e8aabcc46d47b5d84e5414cd0e07d57ef171b Mon Sep 17 00:00:00 2001
+From: José Aliste <jaliste@src.gnome.org>
+Date: Mon, 17 Jan 2011 17:30:00 +0000
+Subject: Fix problem with some pk fonts.
+
+---
+diff --git a/backend/dvi/mdvi-lib/pk.c b/backend/dvi/mdvi-lib/pk.c
+index 08377e6..a911613 100644
+--- a/backend/dvi/mdvi-lib/pk.c
++++ b/backend/dvi/mdvi-lib/pk.c
+@@ -328,13 +328,14 @@ static int pk_load_font(DviParams *unused, DviFont *font)
+ {
+ 	int	i;
+ 	int	flag_byte;
+-	int	loc, hic, maxch;
++	int	hic, maxch;
+ 	Int32	checksum;
+ 	FILE	*p;
+ #ifndef NODEBUG
+ 	char	s[256];
+ #endif
+ 	long	alpha, beta, z;
++	unsigned int loc;
+ 
+ 	font->chars = xnalloc(DviFontChar, 256);
+ 	p = font->in;
+@@ -521,7 +522,7 @@ static int pk_load_font(DviParams *unused, DviFont *font)
+ 	}
+ 
+ 	/* resize font char data */
+-	if(loc > 0 && hic < maxch-1) {
++	if(loc > 0 || hic < maxch-1) {
+ 		memmove(font->chars, font->chars + loc, 
+ 			(hic - loc + 1) * sizeof(DviFontChar));
+ 		font->chars = xresize(font->chars,
+--
+cgit v0.8.3.1