debian/0000755000000000000000000000000012153327223007166 5ustar debian/pptout0000644000000000000000000000142111401252652010440 0ustar # Size of reshape handles ReshapeBoxSize = 7 # Default image resolution DefaultResolution = 72 # Default page zoom level ZoomLevel = 50 # Default start page in a new document StartPage = 1 # Landscape format is default Landscape = false # White is transparent FakeTransparency = true # Pages are single-sided SingleSided = false # Default paper PaperName = "A4" # Printing command PrintCommand = "lpr" # Path to look for XSLT files in StylesheetPath = "/usr/share/xml/passepartout/" # Default text stylesheet DefaultStylesheet = "" # Default document template DocTemplatePath = "" # Command to run Ghostscript PSInterpreter = "gs" # Command to run external PS viewer PSViewer = "/usr/share/passepartout/pptout-see" # Default unit for measuring lengths LengthUnit = "pt" debian/watch0000644000000000000000000000055611401252652010223 0ustar # Example watch control file for uscan # Rename this file to "watch" and then you can run the "uscan" command # to check for upstream updates and more. # Site Directory Pattern Version Script version=2 #http://www.stacken.kth.se/project/pptout/files/passepartout-(.*).tar.gz http://ftp.gnome.org/pub/GNOME/sources/passepartout/([0-9.]*)/passepartout-(.*).tar.gz debian/passepartout.install0000644000000000000000000000007511401252652013310 0ustar debian/pptout-see /usr/share/passepartout debian/pptout /etc debian/rules0000755000000000000000000000446711401753703010262 0ustar #!/usr/bin/make -f # -*- makefile -*- # Sample debian/rules that uses debhelper. # GNU copyright 1997 to 1999 by Joey Hess. # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 # These are used for cross-compiling and for saving the configure script # from having to guess our platform (since we know it already) DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) CFLAGS = -Wall -g ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) CFLAGS += -O0 else CFLAGS += -O2 endif ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) INSTALL_PROGRAM += -s endif config.status: configure dh_testdir dh_autotools-dev_updateconfig CFLAGS="$(CFLAGS)" ./configure --host=$(DEB_HOST_GNU_TYPE) \ --build=$(DEB_BUILD_GNU_TYPE) \ --prefix=/usr \ --mandir=\$${prefix}/share/man \ --infodir=\$${prefix}/share/info \ --with-gnome build: build-stamp build-stamp: config.status dh_testdir $(MAKE) touch build-stamp clean: dh_testdir dh_testroot rm -f build-stamp [ ! -f Makefile ] || $(MAKE) distclean dh_autotools-dev_restoreconfig dh_clean install: build dh_testdir dh_testroot dh_prep dh_installdirs $(MAKE) install DESTDIR=$(CURDIR)/debian/passepartout # Build architecture-independent files here. binary-indep: build install # We have nothing to do by default. # Build architecture-dependent files here. binary-arch: build install dh_testdir dh_testroot dh_installchangelogs dh_installdocs # dh_installexamples dh_install # remove examinepdf, it does not do anything useful to users and has # no documentation rm -f $(CURDIR)/debian/passepartout/usr/bin/examinepdf # make pptout-see script executable chmod +x $(CURDIR)/debian/passepartout/usr/share/passepartout/pptout-see dh_installmenu # dh_installdebconf # dh_installlogrotate # dh_installemacsen # dh_installpam # dh_installmime # dh_installinit # dh_installcron # dh_installinfo # dh_installman dh_link dh_strip dh_compress dh_fixperms # dh_perl # dh_python # dh_makeshlibs dh_installdeb dh_shlibdeps dh_gencontrol dh_md5sums dh_builddeb binary: binary-indep binary-arch .PHONY: build clean binary-indep binary-arch binary install debian/README.Debian0000644000000000000000000000076111401252652011231 0ustar README for Debian package passepartout ====================================== ~/.pptout and /etc/pptout ------------------------- Passepartout reads /etc/pptout and ~/.pptout for configuration data. You can set the paths to ghostscript and your preferred postscript-viewer there. You can also adjust the default paths for XSLT-Stylesheets and Fonts. ~/.pptout is created automatically upon the first invocation of pptout. -- Gaudenz Steinlin , Wed Oct 29 14:44:21 2003 debian/doc-base0000644000000000000000000000050211401753352010564 0ustar Document: passepartout Title: Passepartout Manual Author: Fredrik Arnerup , Rasmus Kaj Abstract: This manual describes what passepartout is and how it can be used. Section: Office Format: HTML Index: /usr/share/doc/passepartout/users_guide.html Files: /usr/share/doc/passepartout/*.html debian/menu0000644000000000000000000000017211401753352010056 0ustar ?package(passepartout):needs="X11" section="Applications/Office" \ title="Passepartout" command="/usr/bin/passepartout" debian/copyright0000644000000000000000000000316511401252652011124 0ustar This package was debianized by Gaudenz Steinlin on Fri, 24 Oct 2003 18:29:23 +0200. It was downloaded from http://ftp.gnome.org/pub/GNOME/sources/passepartout/ Upstream Authors: Fredrik Arnerup , Rasmus Kaj , Sven Herzberg Copyright: Copyright (c) 2002, 2003, Fredrik Arnerup & Rasmus Kaj All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY FREDRIK ARNERUP AND RASMUS KAJ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. debian/pptout-see0000644000000000000000000000007111401252652011212 0ustar #!/bin/sh set -e /usr/bin/see application/postscript:$1 debian/docs0000644000000000000000000000002111401252652010030 0ustar BUGS NEWS README debian/source/0000755000000000000000000000000011401753352010467 5ustar debian/source/format0000644000000000000000000000001411401753352011675 0ustar 3.0 (quilt) debian/patches/0000755000000000000000000000000012153326313010614 5ustar debian/patches/0001-Safe-handling-of-gs-calls-with-external-eps-files.patch0000644000000000000000000000674211401753404023447 0ustar From: Gaudenz Steinlin Date: Thu, 3 Jun 2010 13:43:26 +0200 Subject: [PATCH] Safe handling of gs calls with external eps files This removes the -dSAFE/-dSAFER option from the gs calls actually rendering the EPS files. The generation in imageframe.cc did not work previously and the -dSAFE option in postscriptviewent.cc had no effect. Without the -dSAFER option passepartout is vulnerable to malicious EPS files. This vulnerability is avoided by only allowing read access to the EPS file being rendered and then locking the SAFER option. Additionally this patch adds -P- to all gs calls to avoid reading accidentially reading library files from the current directory. It also adds -dSAFER to the call detecting the pngalpha driver. --- src/pptout/document/imageframe.cc | 13 ++++++++++++- src/pptout/postscriptviewent.cc | 4 ++-- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/src/pptout/document/imageframe.cc b/src/pptout/document/imageframe.cc index 20e81f8..8047b9f 100644 --- a/src/pptout/document/imageframe.cc +++ b/src/pptout/document/imageframe.cc @@ -165,7 +165,7 @@ void ImageFrame::print_pdf(PDF::Content::Ptr pdf) const { std::vector argv; argv.push_back("gs"); argv.push_back("-q"); - argv.push_back("-dSAFER"); + argv.push_back("-P-"); argv.push_back("-dNOPAUSE"); argv.push_back("-dBATCH"); argv.push_back("-sDEVICE=pdfwrite"); @@ -177,6 +177,11 @@ void ImageFrame::print_pdf(PDF::Content::Ptr pdf) const { argv.push_back("-"); Process proc = ProcessManager::instance().run(argv); + // Only allow reading of the associated eps file and the lock gs into + // safer mode. + proc->get_cin() << "<> " + << "setuserparams .locksafe\n"; + // Just like generate_picture, but without applying the matrix // (that is done when calling the xobject) /// \todo genereate_picture should ingore the matrix, then it could be @@ -287,6 +292,12 @@ void ImageFrame::generate_picture(std::ostream& psstream) const { throw GenPicError(ASSOCIATION, "Can't read " + association); const Matrix &m = get_matrix(); + + // Only allow reading of the associated eps file and the lock gs into + // safer mode. + psstream << "<> " + << "setuserparams .locksafe\n"; + // We don't have to write the image data to gs, just tell it where it's at. // The save/restore/showpage stuff is so there is one and only one effective // showpage sent to gs. diff --git a/src/pptout/postscriptviewent.cc b/src/pptout/postscriptviewent.cc index 9b85e57..ff4786a 100644 --- a/src/pptout/postscriptviewent.cc +++ b/src/pptout/postscriptviewent.cc @@ -33,7 +33,7 @@ namespace { " PSInterpreter property set."); if(ProcessManager::instance() - .system(psinterpreter + " -q -dBATCH -sDEVICE=pngalpha") == 0) + .system(psinterpreter + " -P- -dSAFER -q -dBATCH -sDEVICE=pngalpha") == 0) devicename = "pngalpha"; else devicename = "ppmraw"; @@ -132,7 +132,7 @@ bool PostscriptViewent::regenerate_bg() { std::ostringstream tmp; tmp << psinterpreter //assuming it is ghostscript - << " -q -dSAFE -dNOPAUSE -dBATCH" + << " -q -P- -dNOPAUSE -dBATCH" << " -sDEVICE=" << preferredDeviceName(); // gs doesn't use fontconfig, so give font paths as parameters -- debian/patches/series0000644000000000000000000000012312153326313012025 0ustar 0001-Safe-handling-of-gs-calls-with-external-eps-files.patch 0002-link-order.patch debian/patches/0002-link-order.patch0000644000000000000000000000756612153326313014300 0ustar Index: b/src/pptout/Makefile.am =================================================================== --- a/src/pptout/Makefile.am +++ b/src/pptout/Makefile.am @@ -37,14 +37,14 @@ passepartout_CXXFLAGS += -I$(top_srcdir)/src -D'XMLPATH=$(xmldir)' -passepartout_LDADD = $(XMLPP_LIBS) $(GTKMM_LIBS) $(GNOMECANVAS_LIBS) \ - $(GTHREAD_LIBS) $(GNOME_LIBS) $(GNOMEVFS_LIBS) - pptpartlibs= document/libdocument.a ../xml2ps/libxml2ps.a \ ../fonts/libfonts.a ../ps/libps.a \ ../util/libpptutil.a widget/libwidget.a -passepartout_LDADD += $(pptpartlibs) +passepartout_LDADD = $(pptpartlibs) + +passepartout_LDADD += $(XMLPP_LIBS) $(GTKMM_LIBS) $(GNOMECANVAS_LIBS) \ + $(GTHREAD_LIBS) $(GNOME_LIBS) $(GNOMEVFS_LIBS) # Extra dependencies for builddate, so it is rebuilt every time anything else # is rebuilt Index: b/src/pptout/Makefile.in =================================================================== --- a/src/pptout/Makefile.in +++ b/src/pptout/Makefile.in @@ -246,8 +246,8 @@ passepartout_CXXFLAGS = $(XMLPP_CFLAGS) $(GTKMM_CFLAGS) \ $(GNOMECANVAS_CFLAGS) $(GNOME_CFLAGS) $(GNOMEVFS_CFLAGS) \ -I$(top_srcdir)/src -D'XMLPATH=$(xmldir)' -passepartout_LDADD = $(XMLPP_LIBS) $(GTKMM_LIBS) $(GNOMECANVAS_LIBS) \ - $(GTHREAD_LIBS) $(GNOME_LIBS) $(GNOMEVFS_LIBS) $(pptpartlibs) +passepartout_LDADD = $(pptpartlibs) $(XMLPP_LIBS) $(GTKMM_LIBS) $(GNOMECANVAS_LIBS) \ + $(GTHREAD_LIBS) $(GNOME_LIBS) $(GNOMEVFS_LIBS) pptpartlibs = document/libdocument.a ../xml2ps/libxml2ps.a \ ../fonts/libfonts.a ../ps/libps.a \ ../util/libpptutil.a widget/libwidget.a Index: b/src/ps/Makefile.am =================================================================== --- a/src/ps/Makefile.am +++ b/src/ps/Makefile.am @@ -15,8 +15,8 @@ libps_a_CXXFLAGS += -I$(top_srcdir)/src examinepdf_CXXFLAGS = $(libps_a_CXXFLAGS) -examinepdf_LDADD = $(GTKMM_LIBS) \ - -L. -lps -L../fonts -lfonts -lps -L../util -lpptutil +examinepdf_LDADD = -L. -lps -L../fonts -lfonts -lps -L../util -lpptutil \ + $(GTKMM_LIBS) examinepdf_DEPENDENCIES = libps.a #libps_a_LIBADD = $(GTKMM_LIBS) Index: b/src/ps/Makefile.in =================================================================== --- a/src/ps/Makefile.in +++ b/src/ps/Makefile.in @@ -202,8 +202,8 @@ libps_a_CXXFLAGS = $(GTKMM_CFLAGS) $(FREETYPE_CFLAGS) \ -I$(top_srcdir)/src examinepdf_CXXFLAGS = $(libps_a_CXXFLAGS) -examinepdf_LDADD = $(GTKMM_LIBS) \ - -L. -lps -L../fonts -lfonts -lps -L../util -lpptutil +examinepdf_LDADD = -L. -lps -L../fonts -lfonts -lps -L../util -lpptutil \ + $(GTKMM_LIBS) examinepdf_DEPENDENCIES = libps.a runtest_SOURCES = test_glyphlist.cc Index: b/src/xml2ps/Makefile.am =================================================================== --- a/src/xml2ps/Makefile.am +++ b/src/xml2ps/Makefile.am @@ -20,8 +20,9 @@ xml2ps_CXXFLAGS = $(libxml2ps_a_CXXFLAGS) -xml2ps_LDADD = $(XMLPP_LIBS) $(GTKMM_LIBS) $(GNOMECANVAS_LIBS)\ - libxml2ps.a ../fonts/libfonts.a ../ps/libps.a ../util/libpptutil.a +xml2ps_LDADD = libxml2ps.a ../fonts/libfonts.a ../ps/libps.a \ + ../util/libpptutil.a \ + $(XMLPP_LIBS) $(GTKMM_LIBS) $(GNOMECANVAS_LIBS) #install DTDs and XSLTs in $(datadir)/xml/passepartout/ (xmldir is defined in configure.ac) dist_xml_DATA = xml2ps.dtd xhtml.xslt docbook.xslt Index: b/src/xml2ps/Makefile.in =================================================================== --- a/src/xml2ps/Makefile.in +++ b/src/xml2ps/Makefile.in @@ -211,8 +211,9 @@ libxml2ps_a_CXXFLAGS = $(XMLPP_CFLAGS) $(GTKMM_CFLAGS) \ $(GNOMECANVAS_CFLAGS) -I$(top_srcdir)/src xml2ps_CXXFLAGS = $(libxml2ps_a_CXXFLAGS) -xml2ps_LDADD = $(XMLPP_LIBS) $(GTKMM_LIBS) $(GNOMECANVAS_LIBS)\ - libxml2ps.a ../fonts/libfonts.a ../ps/libps.a ../util/libpptutil.a +xml2ps_LDADD = libxml2ps.a ../fonts/libfonts.a ../ps/libps.a \ + ../util/libpptutil.a \ + $(XMLPP_LIBS) $(GTKMM_LIBS) $(GNOMECANVAS_LIBS) #install DTDs and XSLTs in $(datadir)/xml/passepartout/ (xmldir is defined in configure.ac) debian/compat0000644000000000000000000000000211401753352010365 0ustar 7 debian/control0000644000000000000000000000272611401755451010603 0ustar Source: passepartout Section: gnome Priority: optional Maintainer: Gaudenz Steinlin Build-Depends: debhelper (>= 7), libxml++2.6-dev, libgtkmm-2.4-dev, libgnomecanvasmm-2.6-dev, libsigc++-2.0-dev, libgnome2-dev, xsltproc, docbook-xml, libfreetype6-dev, autotools-dev Standards-Version: 3.8.4 Vcs-Git: git://git.debian.org/collab-maint/passepartout.git Vcs-Browser: http://git.debian.org/?p=collab-maint/passepartout.git;a=summary Package: passepartout Architecture: any Depends: ${shlibs:Depends}, xsltproc, ghostscript, ${misc:Depends} Recommends: mime-support, gv | postscript-viewer Homepage: http://www.stacken.kth.se/project/pptout/ Description: XML-based Desktop Publishing Application Passepartout is an Open Source Desktop Publishing application. The goal is to provide a simple and user-friendly, yet powerful tool for creating printed material. Passepartout combines a WYSIWYG layout editor with a high-quality typesetting engine. . You do not use Passepartout for writing text, because it is only a layout editor. Basically speaking, Passepartout is in the business of taking the different parts that make up a page, such as text, photos, graphics, and "gluing" them on piece of paper. Passepartout can import from several different bitmapped image formats as well as EPS files. You write the text in your favorite text editor (e.g. Emacs or VI) in an XML-based format. The XML file is then typeset using a typesetting engine called xml2ps. debian/changelog0000644000000000000000000001305412153326362011046 0ustar passepartout (0.7.1-1.1) unstable; urgency=low * Non-maintainer upload. * Fix link order to list libraries after other libraries that require them (closes: #641417, LP: #770825). -- Colin Watson Tue, 04 Jun 2013 10:01:36 +0100 passepartout (0.7.1-1) unstable; urgency=high * Acknowledge NMUs: Thanks to Cyril Brulebois and David Paleino * New upstream version - Works with libxml++2.6 (Closes: #472396) * transition project URL to Homepage field * Add XS-Vcs-Svn and XS-Vcs-Browser control fields * update watch file or new download location at ftp.gnome.org (Closes: #449996) * update copyright file * add build dependency on docbook-xml for building the FAQ * remove dpatch and all patches, the are mostly upstream now * Switch to dpkg-source 3.0 (quilt) format * Safe handling of gs calls with external eps files (Closes: #584023) * Depend on ghostscript instead of gs (Closes: #539666) * Change menu and doc-base section to Office * Increase debhelper compatibility level to 7 * Update to Standards-Version 3.8.4 * Replace custom handling of config.{guess|sub} with debhelper -- Gaudenz Steinlin Thu, 03 Jun 2010 18:30:10 +0200 passepartout (0.7.0-1.2) unstable; urgency=low * Non-maintainer upload. * debian/patches/gcc-4.4.dpatch added, fixes FTBFS because of missing includes, thanks to Martin Michlmayr (Closes: #505021) * debian/control: depend on ghostscript instead of gs, otherwise it would be uninstallable on sid -- David Paleino Mon, 21 Dec 2009 17:44:36 +0100 passepartout (0.7.0-1.1) unstable; urgency=low * Non-maintainer upload. * Fix FTBFS with gcc-4.3 by fixing missing includes (Closes: #455623): + Add debian/patches/gcc-4.3.dpatch * Move the Homepage from the description to a source field. -- Cyril Brulebois Mon, 17 Mar 2008 03:36:00 +0100 passepartout (0.7.0-1) unstable; urgency=low * New upstream version - remove 01_gnomecanvasmm.dpatch, 02_gcc-4.0.dpatch, 03_windowmenus.dpatch, 05_clean_doc.dpatch, 06_freetype_makefile.dpatch, 07_gcc-4.1.dpatch (all included ubstream) - obsoletes 99_autotools.dpatch * add gcc-4.2.dpatch to fix building with GCC 4.2 (closes: #370549) * build with --with-gnome - obsoletes 04_webbrowser.dpatch * fix handling of EPS files by calling gs without -dSAFER * change menu section to Applications * upgrade standards version to 3.7.2.2 (no changes needed) * Use pixel-based sizes for PostscriptViewents (fix taken form upstream bugtracker) * Thanks to tbm for his NMU for gcc 4.1 (closes: #358075) -- Gaudenz Steinlin Fri, 14 Sep 2007 21:13:37 +0200 passepartout (0.6-3.1) unstable; urgency=low * NMU as part of the GCC 4.1 transition. * patches/07_gcc-4.1.dpatch: Remove extra qualification from C++ header file (Closes: #358075) -- Martin Michlmayr Fri, 26 May 2006 20:05:18 +0200 passepartout (0.6-3) unstable; urgency=low * "The kudos to vorlon release!" * partialy Apply patch from Steve Langasek with various fixes (see below) (Closes: #341914) * not built with libxml++2.6 because xml2ps does not work with it [ Steve Langasek ] * Build-depend on autoconf instead of on the horrid autoconf2.13 (autoconf2.13 doesn't even work, it doesn't support configure.ac!) * 06_autotools.dpatch: Roll up autogenerated changes so that ./debian/rules build clean restores the pristine source as required by policy. * Add missing build-dependency on libfreetype6-dev. [ Gaudenz Steinlin ] * add 05_clean_doc.dpatch to clean doc/ from generated files on clean * remove automatic regeneration of configure, add 06_autotools.dpatch instead * remove build-dependency on automake1.7 and autoconf2.13 -- Gaudenz Steinlin Wed, 21 Dec 2005 01:20:56 +0100 passepartout (0.6-2) unstable; urgency=low * applied patches from passepartout CVS to make it compile with gnomecanvasmm-2.6, gtkmm-2.4 and sigc++-2.0 (closes: #325211) * applied patch from passepartout CVS to make it compile with gcc-4.0 (closes: #302603) * added build dependency on dpatch, automake1.7 and autoconf2.13 * changed maintainer to my debian adress * update to standards-version 3.6.2 (no changes) -- Gaudenz Steinlin Fri, 23 Sep 2005 22:22:28 +0200 passepartout (0.6-1) unstable; urgency=low * New upstream release (closes: #284565) * Remove /usr/bin/examinepdf from package. It's not used anywhere and has no documentation. * patch doc/Makefile.am to add a working clean target * Add xsltproc to build dependencies (Sebastian Ley) -- Gaudenz Steinlin Mon, 20 Dec 2004 18:40:12 +0100 passepartout (0.5-1) unstable; urgency=low * New upstream release * Added now required libgnomecanvasmm2.0-dev build dependency * quote menu items -- Gaudenz Steinlin Tue, 11 May 2004 12:14:25 +0200 passepartout (0.4-1) unstable; urgency=low * New upstream release (closes: #225925, #228088) * command renamed to passepartout upstream (closes: #226082) * NEWS corrected upstream (closes: #225551) * manpages now included upstream * updated configuration file /etc/pptout -- Gaudenz Steinlin Fri, 16 Jan 2004 17:15:56 +0100 passepartout (0.2-1) unstable; urgency=low * Initial Release. (Closes: 214216) * Applied "thread" and "assert" patch from upstream website -- Gaudenz Steinlin Wed, 19 Nov 2003 18:30:06 +0100