Bug#684228: rubber is broken with bibtex in texlive 2012.20120628-2

Tue, 07 Aug 2012 16:30:17 -0700 

Package: rubber
Version: 1.1+20100306-1
Severity: important
Tags: patch

The lastest version of texlive to move into testing includes a security
feature in bibtex which breaks rubber on any application that uses
bibtex, as far as I can tell.

The issue has to do with a configuration option (openout_any = p) which
keeps bibtex from writing to any path outside of the directory it is
currently working in. This means that if the full path is specified,
bibtex will always fail.

You can see another place this bug has shown up here:

  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=666572

In the case of rubber, the bibtex.py latex_module is passing around the
full path even though it is in a local directory and will work with just
the basename. I've created a patch which use runs the basename function
from os.path on the directory and which, at least on my system, solves
this problem nicely.

Let me know if you have any questions or if there's something else I'm
missing. This is my first time in the rubber source code so let me know
if I've got astray.

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=C (charmap=UTF-8) (ignored: LC_ALL set to 
en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages rubber depends on:
ii  dpkg                1.16.4.3
ii  install-info        4.13a.dfsg.1-10
ii  python              2.7.3~rc2-1
ii  python-support      1.0.15
ii  texlive-latex-base  2012.20120611-3

rubber recommends no packages.

Versions of packages rubber suggests:
ii  imagemagick  8:6.7.7.10-3
pn  sam2p        <none>
pn  transfig     <none>

-- no debconf information

--- src/latex_modules/bibtex.py	2010-08-12 09:46:10.000000000 -0400
+++ /usr/share/pyshared/rubber/latex_modules/bibtex.py	2012-08-07 19:06:01.000000000 -0400
@@ -407,7 +407,7 @@
 
 def setup (doc, context):
 	global biblio
-	biblio = Bibliography(doc, doc.target)
+	biblio = Bibliography(doc, basename(doc.target))
 	doc.hook_macro('bibliography', 'a', biblio.hook_bibliography)
 	doc.hook_macro('bibliographystyle', 'a', biblio.hook_bibliographystyle)
 def command (command, args):

Reply via email to