--- xsok-1.02.orig/debian/changelog +++ xsok-1.02/debian/changelog @@ -0,0 +1,211 @@ +xsok (1.02-14) unstable; urgency=low + + * QA upload. + * Decompress .gz files in /usr/share/games/xsok/ (Closes: #291513) + * usr/share/games/xsok added to debian/dirs + + -- Emanuele Rocca Fri, 21 Jan 2005 12:41:03 +0100 + +xsok (1.02-13) unstable; urgency=low + + * QA upload. + * chown user.group replaced with user:group in debian/rules and + debian/postinst (Closes: #287994) + * Updated Standards Version. + * Fixed synopsis. + * debian/conffiles removed. + * dh_installmanpages is deprecated; replaced with dh_installman. + + -- Emanuele Rocca Sun, 9 Jan 2005 12:22:27 +0100 + +xsok (1.02-12) unstable; urgency=low + + * Orphaned. + + -- Joel Rosdahl Sun, 4 Apr 2004 21:03:36 +0200 + +xsok (1.02-11) unstable; urgency=high + + * Use dpatch for patch management. + * Standards-Version 3.6.0. + * Fixed CAN-2003-0949: Privilege escalation to group games. Bug fix by + Steve Kemp. + * Build-depend on libxaw7-dev instead of libxaw-dev. + + -- Joel Rosdahl Thu, 20 Nov 2003 12:19:02 +0100 + +xsok (1.02-10) unstable; urgency=low + + * Changed build dependency on xlib6g-dev to xlibs-dev. Closes: + bug#170160. + * Standards-Version 3.5.8. + + -- Joel Rosdahl Sat, 25 Jan 2003 22:51:09 +0100 + +xsok (1.02-9) unstable; urgency=low + + * Added menu hint "Sokoban". Closes: bug#128756. + + -- Joel Rosdahl Fri, 11 Jan 2002 17:18:56 +0100 + +xsok (1.02-8) unstable; urgency=low + + * Fixed buffer overflow when reading environment variable LANG. + * Fixed spelling error in copyright file. + * Use DH_COMPAT 3. + + -- Joel Rosdahl Wed, 12 Dec 2001 20:46:35 +0100 + +xsok (1.02-7) unstable; urgency=low + + * Move whole /var/lib/games/xsok to /var/games/xsok. Fixes: bug#94968. + + -- Joel Rosdahl Mon, 23 Apr 2001 14:30:31 +0200 + +xsok (1.02-6) unstable; urgency=low + + * Moved files in /var/lib/games to /var/games. + * Moved files in /usr/lib/games to /usr/share/games. + + -- Joel Rosdahl Mon, 9 Apr 2001 22:38:19 +0200 + +xsok (1.02-5) unstable; urgency=low + + * Standards-Version 3.5.2. + * Put app-defaults in /etc/X11/app-defaults. Closes: bug#86332. + * Added app-defaults file as conffile. + * Don't use suidmanager anymore. + + -- Joel Rosdahl Thu, 22 Feb 2001 22:39:45 +0100 + +xsok (1.02-4) unstable; urgency=low + + * Added build dependency on xutils (for xmkmf). Closes: bug#84890. + + -- Joel Rosdahl Mon, 5 Feb 2001 00:20:47 +0100 + +xsok (1.02-3) unstable; urgency=low + + * Removed outdated build dependency. Closes: bug#84652. + * Standards-Version: 3.2.1. + * Added Lintian override. + + -- Joel Rosdahl Sat, 3 Feb 2001 11:18:57 +0100 + +xsok (1.02-2) unstable; urgency=low + + * Improved build target in debian/rules. + * Added Build-Depends field to debian/control. + + -- Joel Rosdahl Sat, 13 May 2000 00:51:16 +0200 + +xsok (1.02-1) unstable; urgency=low + + * Found version 1.02... + * Standards-Version 3.1.1 + + -- Joel Rosdahl Sun, 12 Mar 2000 00:58:38 +0100 + +xsok (1.01-11) unstable; urgency=low + + * Converted to debhelper. + * Standards-Version 2.4.1 + + -- Joel Rosdahl Sun, 26 Jul 1998 16:57:46 +0200 + +xsok (1.01-10) unstable; urgency=low + + * Rebuilt to fix some warnings from Lintian about wrong file permissions + * Moved back man-page. :P + + -- Joel Rosdahl Sun, 8 Mar 1998 22:58:28 +0100 + +xsok (1.01-9) unstable; urgency=low + + * Standards-Version 2.4.0.0 + * Moved man-page to /usr/X11R6/man + * Fixed some problems reported by Lintian + + -- Joel Rosdahl Sun, 8 Mar 1998 14:27:06 +0100 + +xsok (1.01-8) unstable; urgency=low + + * Fixed debian/rules (bug #15539) + + -- Joel Rosdahl Wed, 3 Dec 1997 21:43:01 +0100 + +xsok (1.01-7) unstable; urgency=low + + * Changed priority from Extra to Optional. + + -- Joel Rosdahl Wed, 26 Nov 1997 01:06:05 +0100 + +xsok (1.01-6) unstable; urgency=low + + * Recompiled (fixes bug #15260) + + -- Joel Rosdahl Tue, 25 Nov 1997 23:40:03 +0100 + +xsok (1.01-5) unstable; urgency=low + + * Recompiled against the the new xlib6 and xpm4 libraries (fixes + bugs #12709 and #12916) + + -- Joel Rosdahl Wed, 24 Sep 1997 20:43:10 +0200 + +xsok (1.01-4) unstable; urgency=low + + * Changed maintainer + * Updated to Standards-Version 2.1.2.2 + * Added entry in Debian's menu system + * Added default username in AppDefaults + * Fixed a path in the manpage + * Fixed savedir resource name (fixing bug #8966) + * Added a prerm script that cleans up the global highscore directory + * Updated debian/rules to use debstd + + -- Joel Rosdahl Thu, 14 Aug 1997 20:33:35 +0200 + +xsok (1.01-3) unstable; urgency=low + + * Updated to Standards-Version 2.1.0.0. + + -- Sven Rudolph Thu, 24 Oct 1996 15:14:57 +0200 + +Wed Jul 24 22:12:38 1996 Sven Rudolph + + * corrected extended description (Bug#3669) + + * added multi-architecture support + +Tue Feb 20 00:03:35 1996 Sven Rudolph + + * upgraded to xsok 1.01 + + * converted to ELF + + * runs setgid games again + +Mon Aug 28 17:06:32 1995 Sven Rudolph + + * releasing xsok-1.00-2 + + * src/Xaw-main.c: added temporary change of euid for + XtAppInitialize + +Thu Aug 17 22:42:29 1995 Sven Rudolph + + * releasing xsok-1.00-1 + +Tue Aug 15 21:31:57 1995 Sven Rudolph + + * src/X-widget.c: dont use getenv("LANG") + + * src/Imakefile: added: install -d $(XSOKMANDIR) + do not install copyright files into doc + + * Makefile (all): commented out 'make testname' + + * changed file locations according to FSSTND + + * added Debian GNU/Linux package maintenance system files --- xsok-1.02.orig/debian/docs +++ xsok-1.02/debian/docs @@ -0,0 +1,2 @@ +README +doc/xsok.tex --- xsok-1.02.orig/debian/copyright +++ xsok-1.02/debian/copyright @@ -0,0 +1,26 @@ +This is Debian GNU/Linux's prepackaged version of xsok. +xsok was written by Michael Bischoff . + +The upstream source was downloaded from + +ftp://ftp.io.com/pub/mirror/FreeBSD/ports/distfiles/xsok-1.02-src.tar.gz + +Current Debian maintainer: Joel Rosdahl + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. (The file COPYRIGHT.GNU) + + You should have received a copy of the GNU General Public License + along with this program; if not, write to Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA + 02111-1307, USA. + +On Debian GNU/Linux systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. --- xsok-1.02.orig/debian/rules +++ xsok-1.02/debian/rules @@ -0,0 +1,74 @@ +#!/usr/bin/make -f + +#export DH_VERBOSE=1 +export DH_COMPAT=3 + +include /usr/share/dpatch/dpatch.make + +build: build-stamp +build-stamp: patch-stamp + dh_testdir + $(MAKE) XSOKLIBDIR=/usr/share/games/xsok \ + XSOKSAVEDIR=/var/games/xsok + touch build-stamp + +clean: clean1 unpatch + +clean1: + dh_testdir + dh_testroot + -rm -f build-stamp + -$(MAKE) -i clean + dh_clean + +# Build architecture-independent files here. +binary-indep: build +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build +# dh_testversion + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + $(MAKE) BINDIR=../debian/xsok/usr/games \ + LIBDIR=../debian/xsok/usr/X11R6/lib/X11 \ + XSOKLIBDIR=../debian/xsok/usr/share/games/xsok \ + XSOKMANDIR=../debian/xsok/usr/share/man/man6 \ + XSOKSAVEDIR=../debian/xsok/var/games/xsok \ + XSOKDOCDIR=../debian/xsok/usr/share/doc/xsok \ + XAPPLOADDIR=../debian/xsok/etc/X11/app-defaults install + + cp debian/override.Lintian debian/xsok/usr/share/lintian/overrides/xsok + dh_installdocs + dh_installexamples + dh_installmenu +# dh_installinit + dh_installcron + dh_installman +# dh_undocumented + dh_installchangelogs + dh_strip + dh_compress + dh_fixperms + + chown -R root:games debian/xsok/var/games/xsok + chown root:games debian/xsok/usr/games/xsok + chmod 2775 debian/xsok/var/games/xsok + chmod 2755 debian/xsok/usr/games/xsok + gunzip debian/xsok/usr/share/games/xsok/*.gz + + dh_installdeb + dh_shlibdeps + dh_gencontrol +# dh_makeshlibs + dh_md5sums + dh_builddeb + +source diff: + @echo >&2 'source and diff are obsolete - use dpkg-source -b'; false + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary patch unpatch clean1 --- xsok-1.02.orig/debian/control +++ xsok-1.02/debian/control @@ -0,0 +1,18 @@ +Source: xsok +Priority: optional +Section: games +Maintainer: Debian QA Group +Standards-Version: 3.6.1 +Build-Depends: dpatch, debhelper (>= 4.1.16), xlibs-dev, xutils, libxaw7-dev + +Package: xsok +Architecture: any +Depends: ${shlibs:Depends} +Description: generic Sokoban game for X11 + xsok is a single player strategic game, a superset of the + well-known Sokoban game. + . + The target of Sokoban is to push all the objects into the + score area of each level using the mouse or the arrow + keys. For the other level subsets, there are different + kinds of objects, and special effect squares. --- xsok-1.02.orig/debian/dirs +++ xsok-1.02/debian/dirs @@ -0,0 +1,2 @@ +usr/share/lintian/overrides +usr/share/games/xsok --- xsok-1.02.orig/debian/postinst +++ xsok-1.02/debian/postinst @@ -0,0 +1,22 @@ +#!/bin/sh + +set -e + +# In older versions, /var/lib/games/xsok/* were -rw-r--r-- games.root + +if [ -d /var/lib/games/xsok ] ; then + chown root:games /var/lib/games/xsok /var/lib/games/xsok/* + chmod 2775 /var/lib/games/xsok + chmod 664 /var/lib/games/xsok/* +fi + +# /var/lib/games/xsok changed location to /var/games/xsok. + +if [ -d /var/lib/games/xsok ]; then + rm -rf /var/games/xsok + cp -a /var/lib/games/xsok /var/games + rm -rf /var/lib/games/xsok +fi + + +#DEBHELPER# --- xsok-1.02.orig/debian/menu +++ xsok-1.02/debian/menu @@ -0,0 +1 @@ +?package(xsok):needs="x11" section="Games/Puzzles" title="Xsokoban" command="xsok" hints="Sokoban" --- xsok-1.02.orig/debian/prerm +++ xsok-1.02/debian/prerm @@ -0,0 +1,16 @@ +#!/bin/bash -e + +case "$1" in + remove) + rm -f /var/games/xsok/* + ;; + + upgrade|deconfigure|failed-upgrade) + ;; + + *) + echo "prerm called with unknown argument \`$1'" >&2 + ;; +esac + +#DEBHELPER# --- xsok-1.02.orig/debian/override.Lintian +++ xsok-1.02/debian/override.Lintian @@ -0,0 +1,2 @@ +xsok: non-standard-executable-perm usr/games/xsok 0755 != 2755 +xsok: non-standard-dir-perm var/games/xsok/ 2775 != 0755 --- xsok-1.02.orig/debian/patches/00list +++ xsok-1.02/debian/patches/00list @@ -0,0 +1,2 @@ +10_lots_of_stuff +20_gunzip_exploit_fix --- xsok-1.02.orig/debian/patches/10_lots_of_stuff.dpatch +++ xsok-1.02/debian/patches/10_lots_of_stuff.dpatch @@ -0,0 +1,148 @@ +#!/bin/sh -e +## lots_of_stuff.dpatch by Joel Rosdahl +## +## All lines beginning with `## DP:' are a description of the patch. +## +## DP: All changes from xsok 1.02-10. This patch should maybe be split +## DP: up into a set of orthogonal patches. + +if [ $# -ne 1 ]; then + echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 + exit 1 +fi +case "$1" in + -patch) patch -f --no-backup-if-mismatch -p1 < $0;; + -unpatch) patch -f --no-backup-if-mismatch -R -p1 < $0;; + *) + echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 + exit 1;; +esac + +exit 0 + +--- xsok-1.02.orig/src/Tableau.h ++++ xsok-1.02/src/Tableau.h +@@ -12,8 +12,8 @@ + #define XtCXsokdir "Xsokdir" + #define XtNxpmdir "xpmdir" + #define XtCXpmdir "Xpmdir" +-#define XtNsavedir "xsokdir" +-#define XtCSavedir "Xsokdir" ++#define XtNsavedir "xsavedir" ++#define XtCSavedir "Xsavedir" + #define XtNmessageFile "messageFile" + #define XtCMessageFile "MessageFile" + #define XtNkeyboardFile "keyboardFile" +--- xsok-1.02.orig/src/xsok.man ++++ xsok-1.02/src/xsok.man +@@ -53,7 +53,7 @@ + .TP 4 + .B \-xsokdir \fIxsokdir\fP + This option sets the root of the \fBxsok\fP data file tree. The default is +-\fB/usr/games/lib/xsok\fP. ++\fB/usr/share/games/xsok\fP. + + .TP 4 + .B \-xpmdir \fIxpmdir\fP +@@ -180,18 +180,18 @@ + .SH FILES + (Directories may differ on your system.) + +- \fB/usr/games/bin/xsok\fP ++ \fB/usr/games/xsok\fP + \fB/var/games/xsok/\fP\fItype\fP\fB.score\fP + \fB/var/games/xsok/\fP\fItype\fP\fB.\fP\fInn\fP\fB.{sv,bs,mp,mm}\fP +- \fB/usr/doc/xsok/COPYRIGHT.{GNU,xsok,xpm}\fP +- \fB/usr/doc/xsok/xsok.dvi\fP +- \fB/usr/doc/xsok/cyberbox.doc\fP +- \fB/usr/games/lib/xsok/floor.xpm.gz\fP +- \fB/usr/games/lib/xsok/objects.xpm.gz\fP +- \fB/usr/games/lib/xsok/keys\fP +- \fB/usr/games/lib/xsok/keys.help\fP +- \fB/usr/games/lib/xsok/\fP\fItype\fP\fB.def.gz\fP +- \fB/usr/games/lib/xsok/\fP\fItype\fP\fB.help\fP ++ \fB/usr/share/doc/xsok/copyright\fP ++ \fB/usr/share/doc/xsok/xsok.tex.gz\fP ++ \fB/usr/share/doc/xsok/cyberbox.doc\fP ++ \fB/usr/share/games/xsok/floor.xpm.gz\fP ++ \fB/usr/share/games/xsok/objects.xpm.gz\fP ++ \fB/usr/share/games/xsok/keys\fP ++ \fB/usr/share/games/xsok/keys.help\fP ++ \fB/usr/share/games/xsok/\fP\fItype\fP\fB.def.gz\fP ++ \fB/usr/share/games/xsok/\fP\fItype\fP\fB.help\fP + + Where \fItype\fP is one of \fBSokoban\fP, \fBXsok\fP, \fBCyberbox\fP, and + possibly others. +--- xsok-1.02.orig/src/X-gfx.c ++++ xsok-1.02/src/X-gfx.c +@@ -13,7 +13,7 @@ + #include "X-sok.h" + + /*#include */ +-#include ++#include + + #ifndef DELAY + #define DELAY 50 /* time to sleep (in ms) between auto-moves & replay */ +--- xsok-1.02.orig/src/Imakefile ++++ xsok-1.02/src/Imakefile +@@ -103,7 +103,7 @@ + ALLTARGETS = username combine showscore mergescores $(MYPROG) + DEFINES = $(HELP_OPTION) $(SOUND_OPTION) $(XPMINCLUDE) $(NET_DEFINE) \ + $(PIPE_DEFINE) -DXSOKDIR=\"$(XSOKLIBDIR)\" -DXSOKSAVE=\"$(XSOKSAVEDIR)\" \ +- $(SLEEP_DEFINE) ++ $(SLEEP_DEFINE) -DDEBIAN + + # Dependencies: + # *.c require version.h xsok.h +@@ -133,15 +133,15 @@ + # the install targets require that make has been run in the lib directory + install:: $(MYPROGS) + (umask 022 && mkdirhier $(XSOKLIBDIR)) +- # chmod 755 $(XSOKLIBDIR) ++# chmod 755 $(XSOKLIBDIR) + (umask 022 && mkdirhier $(XSOKSAVEDIR)) + chmod 777 $(XSOKSAVEDIR) + (cd ../lib; tar cf - $(LIBCONTS) | (cd $(XSOKLIBDIR); tar xf -)) + chown -R root $(XSOKLIBDIR) $(XSOKSAVEDIR) + chmod -R a+r $(XSOKLIBDIR) +- (cd ../lib && ../src/mergescores $(XSOKSAVEDIR)/Xsok.score \ +- $(XSOKSAVEDIR)/Sokoban.score $(XSOKSAVEDIR)/Cyberbox.score) +- chmod 666 $(XSOKSAVEDIR)/[A-z]*.score ++# (cd ../lib && ../src/mergescores $(XSOKSAVEDIR)/Xsok.score \ ++# $(XSOKSAVEDIR)/Sokoban.score $(XSOKSAVEDIR)/Cyberbox.score) ++# chmod 666 $(XSOKSAVEDIR)/[A-z]*.score + (umask 022 && mkdirhier $(XSOKDOCDIR)) + if [ -r ../doc/xsok.dvi ]; then cp ../doc/xsok.dvi $(XSOKDOCDIR); fi + cp ../doc/cyberbox.doc $(XSOKDOCDIR) +@@ -173,6 +173,6 @@ + chmod 755 $(LXSOKBINDIR)/xsok + cp xsok.man $(LXSOKMANDIR)/xsok.6x + chmod 644 $(LXSOKMANDIR)/xsok.6x +- (cd ../lib && ../src/mergescores $(XSOKSAVEDIR)/Xsok.score \ +- $(XSOKSAVEDIR)/Sokoban.score $(XSOKSAVEDIR)/Cyberbox.score) +- chmod 666 $(XSOKSAVEDIR)/[A-z]*.score ++# (cd ../lib && ../src/mergescores $(XSOKSAVEDIR)/Xsok.score \ ++# $(XSOKSAVEDIR)/Sokoban.score $(XSOKSAVEDIR)/Cyberbox.score) ++# chmod 666 $(XSOKSAVEDIR)/[A-z]*.score +--- xsok-1.02.orig/src/loadsave.c ++++ xsok-1.02/src/loadsave.c +@@ -42,7 +42,7 @@ + const char *s; + char p[100]; + if ((s = getenv("LANG"))) { +- sprintf(p, "%s/%s", xsokdir, s); ++ snprintf(p, 100, "%s/%s", xsokdir, s); + if (!access(p, F_OK)) { /* langdir does exist */ + langdir = s; + return; +--- xsok-1.02.orig/src/XSok.ad ++++ xsok-1.02/src/XSok.ad +@@ -16,6 +16,7 @@ + XSok*Tableau.messageFile: messages + XSok*Tableau.background: black + XSok*Tableau.rules: Sokoban ++XSok*Tableau.username: A lucky Debian user + XSok*Viewport.allowHoriz: False + XSok*Viewport.allowVert: False + XSok*Viewport.useBottom: True --- xsok-1.02.orig/debian/patches/20_gunzip_exploit_fix.dpatch +++ xsok-1.02/debian/patches/20_gunzip_exploit_fix.dpatch @@ -0,0 +1,59 @@ +#!/bin/sh -e +## gunzip_exploit_fix.dpatch by Joel Rosdahl +## +## All lines beginning with `## DP:' are a description of the patch. +## +## DP: Drop group privileges before calling gunzip to avoid privilege +## DP: escalation. CAN-2003-0949. Patch from Steve Kemp. + +if [ $# -ne 1 ]; then + echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" + exit 1 +fi + +[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts +patch_opts="${patch_opts:--f --no-backup-if-mismatch}" + +case "$1" in + -patch) patch $patch_opts -p1 < $0;; + -unpatch) patch $patch_opts -p1 -R < $0;; + *) + echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" + exit 1;; +esac + +exit 0 + +@DPATCH@ +diff -urNad /home/joel/debian/xsok-1.02/src/xfopen.c xsok-1.02/src/xfopen.c +--- /home/joel/debian/xsok-1.02/src/xfopen.c 1994-11-24 12:00:00.000000000 +0100 ++++ xsok-1.02/src/xfopen.c 2003-11-17 08:41:41.000000000 +0100 +@@ -14,6 +14,8 @@ + #define _POSIX_SOURCE + #endif + ++#include ++ + #ifdef HAVE_POPEN /* extra prototype (they are not POSIX.1) */ + + #include "xsok.h" +@@ -45,6 +47,11 @@ + int filedes[2]; + char zname[MAXXSOKDIRLEN+17]; + FILE *fp; ++ struct passwd *pw = NULL; ++ ++ pw = getpwuid(getuid()); ++ if (pw == NULL ) ++ return NULL; + + sprintf(zname, "%s.gz", filename); + if (access(zname, R_OK)) +@@ -68,6 +75,7 @@ + dup(filedes[1]); + close(filedes[0]); + close(filedes[1]); ++ setgid(pw->pw_gid); /* Drop gid(games) privileges. */ + execlp(GUNZIP_PATH, "gunzip", "-c", zname, NULL); + exit(1); /* if exec failed! */ + default: /* we are the main process */