a2ps: fix CVE-2001-1539 CVE-2014-0466 also fix FTBFS

srcpkgs/a2ps/patches/CVE-2001-1593.diff

@@ -0,0 +1,69 @@
+Index: b/lib/routines.c
+===================================================================
+--- lib/routines.c
++++ lib/routines.c
+@@ -242,3 +242,50 @@
+   /* Don't complain if you can't unlink.  Who cares of a tmp file? */
+   unlink (filename);
+ }
++
++/*
++ * Securely generate a temp file, and make sure it gets
++ * deleted upon exit.
++ */
++static char **	tempfiles;
++static unsigned	ntempfiles;
++
++static void
++cleanup_tempfiles()
++{
++	while (ntempfiles--)
++		unlink(tempfiles[ntempfiles]);
++}
++
++char *
++safe_tempnam(const char *pfx)
++{
++	char	*dirname, *filename;
++	int	fd;
++
++	if (!(dirname = getenv("TMPDIR")))
++		dirname = "/tmp";
++
++	tempfiles = (char **) realloc(tempfiles,
++			(ntempfiles+1) * sizeof(char *));
++	if (tempfiles == NULL)
++		return NULL;
++
++	filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX"));
++	if (!filename)
++		return NULL;
++
++	sprintf(filename, "%s/%sXXXXXX", dirname, pfx);
++
++	if ((fd = mkstemp(filename)) < 0) {
++		free(filename);
++		return NULL;
++	}
++	close(fd);
++
++	if (ntempfiles == 0)
++		atexit(cleanup_tempfiles);
++	tempfiles[ntempfiles++] = filename;
++
++	return filename;
++}
+Index: b/lib/routines.h
+===================================================================
+--- lib/routines.h
++++ lib/routines.h
+@@ -255,7 +255,8 @@
+ /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */
+ #define tempname_ensure(Str)				\
+ do {							\
+-  (Str) = (Str) ? (Str) : tempnam (NULL, "a2_");	\
++  (Str) = (Str) ? (Str) : safe_tempnam("a2_");	\
+ } while (0)
++char * safe_tempnam(const char *);
+ 
+ #endif

srcpkgs/a2ps/patches/CVE-2014-0466.diff

@@ -0,0 +1,30 @@
+Description: CVE-2014-0466: fixps does not invoke gs with -dSAFER
+ A malicious PostScript file could delete files with the privileges of
+ the invoking user.
+Origin: vendor
+Bug-Debian: http://bugs.debian.org/742902
+Author: Salvatore Bonaccorso <carnil@debian.org>
+Last-Update: 2014-03-28
+
+--- contrib/fixps.in
++++ contrib/fixps.in
+@@ -389,7 +389,7 @@
+   	eval "$command" ;;
+       gs)
+         $verbose "$program: making a full rewrite of the file ($gs)." >&2
+-  	$gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
++  	$gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
+     esac
+   )
+ fi
+--- contrib/fixps.m4
++++ contrib/fixps.m4
+@@ -307,7 +307,7 @@
+   	eval "$command" ;;
+       gs)
+         $verbose "$program: making a full rewrite of the file ($gs)." >&2
+-  	$gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
++  	$gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
+     esac
+   )
+ fi

srcpkgs/a2ps/template

@@ -1,20 +1,21 @@
 # Template file for 'a2ps'
-pkgname="a2ps"
-version="4.14"
-revision=4
-build_style=gnu-configure
-short_desc="Any to PS filter"
-maintainer="Carlo Dormeletti <carlo.dormeletti@alice.it>"
-license="GPL-3"
-hostmakedepends="perl gperf"
-makedepends="ghostscript psutils groff cups"
-depends="${makedepends}"
+pkgname=a2ps
+version=4.14
+revision=5
 configure_args="--sysconfdir=/etc/a2ps --enable-shared --with-medium=A4"
-LDFLAGS="-lm"
-conf_files="/etc/a2ps/a2ps.cfg /etc/a2ps/a2ps-site.cfg"
+build_style=gnu-configure
+hostmakedepends="perl gperf m4"
+makedepends="ghostscript psutils groff cups"
+depends="$makedepends"
+short_desc="Any to PS filter"
+maintainer="Orphaned <orphan@voidlinux.eu>"
+license="GPL-3.0-or-later"
 homepage="http://www.gnu.org/software/a2ps/"
-distfiles="${GNU_SITE}/$pkgname/$pkgname-$version.tar.gz"
-checksum="f3ae8d3d4564a41b6e2a21f237d2f2b104f48108591e8b83497500182a3ab3a4"
+distfiles="${GNU_SITE}/${pkgname}/${pkgname}-${version}.tar.gz"
+checksum=f3ae8d3d4564a41b6e2a21f237d2f2b104f48108591e8b83497500182a3ab3a4
+conf_files="/etc/a2ps/a2ps.cfg /etc/a2ps/a2ps-site.cfg"
+
+LDFLAGS="-lm"
 
 pre_configure() {
 	sed -i "s/GPERF --version |/& head -n 1 |/" ./configure