diff options
| author | Pavel Vinogradov | 2019-08-15 22:18:24 -0400 |
|---|---|---|
| committer | Pavel Vinogradov | 2019-08-15 22:18:24 -0400 |
| commit | 1fbc63fdddb9949321d064aedd9b7fe638e6eec6 (patch) | |
| tree | 57236c46de5b07983fce8c74b7daf423f50d304f /printer | |
| parent | 7bd15eb0276b833d850c0356204372048bcc66cd (diff) | |
printer/ghostscript: SECURITY_PATCH++, (CVE-2019-10216)
Diffstat (limited to 'printer')
| -rwxr-xr-x | printer/ghostscript/DETAILS | 2 | ||||
| -rw-r--r-- | printer/ghostscript/HISTORY | 4 | ||||
| -rw-r--r-- | printer/ghostscript/patches/0001-cve-2019-10216.patch | 47 |
3 files changed, 52 insertions, 1 deletions
diff --git a/printer/ghostscript/DETAILS b/printer/ghostscript/DETAILS index 642acc8a03..eebf3eb7ca 100755 --- a/printer/ghostscript/DETAILS +++ b/printer/ghostscript/DETAILS @@ -1,7 +1,7 @@ SPELL=ghostscript VERSION=9.27 SOURCE_HASH="sha512:5e67ad45a80f01c6ef0eabb1c76dfa8fb6e7f0fde8d82fd5daaf12f370c288a672f8fa69c74d9e30255582267e9a906e4e8b13655f8d993fefdfc8dbdb5d5401:UPSTREAM_HASH" - SECURITY_PATCH=7 + SECURITY_PATCH=8 SOURCE=$SPELL-$VERSION.tar.xz SOURCE_DIRECTORY="$BUILD_DIRECTORY/$SPELL-$VERSION" WEB_SITE=http://www.ghostscript.com/ diff --git a/printer/ghostscript/HISTORY b/printer/ghostscript/HISTORY index 808ab8ed48..4d6f721bcf 100644 --- a/printer/ghostscript/HISTORY +++ b/printer/ghostscript/HISTORY @@ -1,3 +1,7 @@ +2019-08-15 Pavel Vinogradov <public@sourcemage.org> + * DETAILS. patches/0001-cve-2019-10216.patch: SECURITY_PATCH++, + (CVE-2019-10216) + 2019-08-13 Ismael Luceno <ismael@sourcemage.org> * BUILD: avoid stripping, ruins libgs.so diff --git a/printer/ghostscript/patches/0001-cve-2019-10216.patch b/printer/ghostscript/patches/0001-cve-2019-10216.patch new file mode 100644 index 0000000000..5349f5f4c6 --- /dev/null +++ b/printer/ghostscript/patches/0001-cve-2019-10216.patch @@ -0,0 +1,47 @@ +From 5b85ddd19a8420a1bd2d5529325be35d78e94234 Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Fri, 2 Aug 2019 15:18:26 +0100 +Subject: [PATCH] Bug 701394: protect use of .forceput with executeonly + +--- + Resource/Init/gs_type1.ps | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +diff --git a/Resource/Init/gs_type1.ps b/Resource/Init/gs_type1.ps +index 6c7735b..a039cce 100644 +--- a/Resource/Init/gs_type1.ps ++++ b/Resource/Init/gs_type1.ps +@@ -118,25 +118,25 @@ + ( to be the same as glyph: ) print 1 index //== exec } if + 3 index exch 3 index .forceput + % scratch(string) RAGL(dict) AGL(dict) CharStrings(dict) cstring gname +- } ++ }executeonly + {pop} ifelse +- } forall ++ } executeonly forall + pop pop +- } ++ } executeonly + { + pop pop pop + } ifelse +- } ++ } executeonly + { + % scratch(string) RAGL(dict) AGL(dict) CharStrings(dict) cstring gname + pop pop + } ifelse +- } forall ++ } executeonly forall + 3 1 roll pop pop +- } if ++ } executeonly if + pop + dup /.AGLprocessed~GS //true .forceput +- } if ++ } executeonly if + + %% We need to excute the C .buildfont1 in a stopped context so that, if there + %% are errors we can put the stack back sanely and exit. Otherwise callers won't +-- 2.9.1 |