aksr wrote:
> On Tue, Jan 22, 2019 at 08:27:08AM +0100, Pierre-Jean Fichet wrote:
> > Neatroff do both of these. It suports OpenType fonts, but does not offer
> > as much control as Heirloom Troff does.
> Are you sure about that?
Heirloom troff is able to set ligatures with .flig and .fdeferlig,
On 2019-01-23 13:56:04 +, Colin Watson wrote:
> I'm not quite sure of the circumstances in which an attacker (presumably
> the author of a document you've received) might be able to control the
> arguments to gropdf; but regardless, this does seem to be undesirable
> command-line handling and I
On Wed, Jan 23, 2019 at 03:02:26PM +, Ralph Corderoy wrote:
> Hi Colin,
>
> > So this option would also lose support for Debian 8 (currently
> > oldstable).
>
> Also, `<<>>' doesn't support `-' to mean stdin.
> That might affect users of the groff Perl scripts that use `<>'.
Ah, yes - in tha
* Colin Watson , 2019-01-23, 13:56:
Perl >= 5.20 has the safer <<>> operator,
It was actually added only in Perl 5.22.
perl5220delta man page says:
New double‐diamond operator
"<<>>" is like "<>" but uses three‐argument "open" to open each file in
@ARGV. This means that each element of @ARG
Hi Colin,
> So this option would also lose support for Debian 8 (currently
> oldstable).
Also, `<<>>' doesn't support `-' to mean stdin.
That might affect users of the groff Perl scripts that use `<>'.
$ pacman -Q perl
perl 5.28.1-1
$
$ perl -e 'while ( <> ) {}' - >) {}' -
On Wed, Jan 23, 2019 at 03:21:53PM +0100, Jakub Wilk wrote:
> * Colin Watson , 2019-01-23, 13:56:
> > Perl >= 5.20 has the safer <<>> operator,
>
> It was actually added only in Perl 5.22.
Sorry, indeed so - I grepped the perl*delta man pages for it but misread
"5220" as "5200". So this option w
Hi,
I'm not quite sure of the circumstances in which an attacker (presumably
the author of a document you've received) might be able to control the
arguments to gropdf; but regardless, this does seem to be undesirable
command-line handling and I think we should fix it.
$ find -name \*.pl | xarg
