textproc/halibut: update 1.2 → 1.3

PR:	282213

security/vuxml/vuln/2024.xml

@@ -2144,6 +2144,48 @@
     </dates>
   </vuln>
 
+  <vuln vid="3152a474-9390-11ef-87ad-a8a15998b5cb">
+    <topic>halibut -- Segmentation fault, denial of service or possibly other unspecified impact via a crafted text document</topic>
+    <affects>
+      <package>
+	<name>halibut</name>
+	<range><eq>1.2</eq></range>
+      </package>
+    </affects>
+    <description>
+	<body xmlns="http://www.w3.org/1999/xhtml">
+	<p>cve@mitre.org reports:</p>
+	<blockquote cite="https://carteryagemann.com/halibut-case-study.html#poc-halibut-text-uaf">
+	  <p>CVE-2021-42612: A use after free in cleanup_index in index.c in Halibut 1.2 allows
+	an attacker to cause a segmentation fault or possibly have other
+	unspecified impact via a crafted text document.</p>
+	</blockquote>
+	<blockquote cite="https://carteryagemann.com/halibut-case-study.html#poc-halibut-winhelp-df">
+	  <p>CVE-2021-42613: A double free in cleanup_index in index.c in Halibut 1.2 allows an
+	attacker to cause a denial of service or possibly have other
+	unspecified impact via a crafted text document.</p>
+	</blockquote>
+	<blockquote cite="https://carteryagemann.com/halibut-case-study.html#poc-halibut-info-uaf">
+	  <p>CVE-2021-42614: A use after free in info_width_internal in bk_info.c in Halibut 1.2
+	allows an attacker to cause a segmentation fault or possibly have
+	unspecified other impact via a crafted text document.</p>
+	</blockquote>
+	</body>
+    </description>
+    <references>
+      <cvename>CVE-2021-42612</cvename>
+      <url>https://nvd.nist.gov/vuln/detail/CVE-2021-42612</url>
+      <cvename>CVE-2021-42613</cvename>
+      <url>https://nvd.nist.gov/vuln/detail/CVE-2021-42613</url>
+      <cvename>CVE-2021-42614</cvename>
+      <url>https://nvd.nist.gov/vuln/detail/CVE-2021-42614</url>
+    </references>
+    <dates>
+      <discovery>2022-05-24</discovery>
+      <entry>2024-10-26</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="fcb0e00f-d7d3-49b6-a4a1-852528230912">
     <topic>electron31 -- multiple vulnerabilities</topic>
     <affects>

textproc/halibut/Makefile

@@ -1,6 +1,5 @@
 PORTNAME=	halibut
-DISTVERSION=	1.2
-PORTREVISION=	1
+DISTVERSION=	1.3
 CATEGORIES=	textproc
 MASTER_SITES=	https://www.chiark.greenend.org.uk/~sgtatham/halibut/halibut-${DISTVERSION}/
 
@@ -11,10 +10,12 @@ WWW=		https://www.chiark.greenend.org.uk/~sgtatham/halibut/
 LICENSE=	MIT
 LICENSE_FILE=	${WRKSRC}/LICENCE
 
-USES=		gmake perl5
+USES=		cmake cpe perl5
+CPE_VENDOR=	halibut_project
 
 CFLAGS+=	-fcommon # ld: error: duplicate symbol: all_fonts
 
+INFO=		halibut*
 PLIST_FILES=	bin/halibut \
 		share/man/man1/halibut.1.gz
 

textproc/halibut/distinfo

@@ -1,3 +1,3 @@
-TIMESTAMP = 1616800039
-SHA256 (halibut-1.2.tar.gz) = 1aedfb6240f27190c36a390fcac9ce732edbdbaa31c85ee675b994e2b083163f
-SIZE (halibut-1.2.tar.gz) = 991975
+TIMESTAMP = 1729367343
+SHA256 (halibut-1.3.tar.gz) = aaa0f7696f17f74f42d97d0880aa088f5d68ed3079f3ed15d13b6e74909d3132
+SIZE (halibut-1.3.tar.gz) = 995916

textproc/halibut/files/patch-Makefile

@@ -1,13 +0,0 @@
---- Makefile.orig	2017-05-15 07:49:44 UTC
-+++ Makefile
-@@ -120,8 +120,8 @@ clean::
- 
- install:
- 	mkdir -p $(prefix) $(bindir)
--	$(INSTALL) -m 755 halibut $(bindir)/halibut
--	$(MAKE) -C ../doc install prefix="$(prefix)" INSTALL="$(INSTALL)"
-+	$(INSTALL) -m 755 halibut $(DESTDIR)$(bindir)/halibut
-+	$(MAKE) -C ../doc install prefix="$(DESTDIR)$(prefix)" INSTALL="$(INSTALL)"
- 
- FORCE: # phony target to force version.o to be rebuilt every time
- 

textproc/halibut/files/patch-doc_Makefile

@@ -1,17 +0,0 @@
---- doc/Makefile.orig	2017-05-15 07:49:44 UTC
-+++ doc/Makefile
-@@ -1,4 +1,4 @@
--mandir=$(prefix)/man
-+mandir=$(prefix)/share/man
- man1dir=$(mandir)/man1
- 
- CHAPTERS := $(SITE) blurb intro running input output licence manpage index
-@@ -16,7 +16,7 @@ halibut.1: manpage.but
- halibut.1: manpage.but
- 	$(HALIBUT) --man=halibut.1 manpage.but
- 
--install:
-+install: halibut.1
- 	mkdir -p $(man1dir)
- 	$(INSTALL) -m 644 halibut.1 $(man1dir)/halibut.1
-