On Fri, Nov 30, 2001 at 01:26:50PM -0700, Mike Fontenot wrote: > I just did an upgrade to 2.2r4 (from 2.2r3). It > seemed to go well, except for one problem. One of > the packages upgraded was groff (it's been on the > security list for a good while).
I'm the groff maintainer. > I discovered that the upgrade had written a new > /usr/share/groff/font/devps/DESC file. This > new file was identical to the old (2.2r3) one, > except that the last line was omitted: > > printer lpr > > That is apparently what > tells groff how to send the output to the > printer. Restoring that line fixed the problem. > > But why was that line omitted? This seems like > the kind of thing that's not supposed to happen... > breaking things that were working fine. It's not. The problem was that groff has a hidden build-dependency on lpr: if it happens not to be installed on the build system (which it wasn't - I don't have a printer) it won't add that print command. I didn't know about this until you mentioned it just now, and because that line is added during the build of the package I didn't see it when I compared the source code line-by-line in my pre-upload checks. This also affects testing and unstable, and probably has done for a long time. Evidently not many people use 'groff -l', because I've never had any bug reports about it. I'll fix it straight away in unstable, and see if I can get a fix into the next stable release too. My apologies for the inconvenience. Ironically, the groff security upload was to protect some versions of lpr that call pic with root privileges. -- Colin Watson [EMAIL PROTECTED]
