diff options
| author | Florian Franzmann | 2019-10-15 18:38:32 +0200 |
|---|---|---|
| committer | Florian Franzmann | 2019-10-15 22:05:50 +0200 |
| commit | cfd0212ed8160dd7d79b18172c0f2823308fcd4d (patch) | |
| tree | ce11fb4f4786e38bc2c19a817c02cef9a5f9fd4a /printer | |
| parent | 66648ef6d861434f9b898ef845f62bb0a857c585 (diff) | |
printer/ghostscript: version 9.50
Diffstat (limited to 'printer')
5 files changed, 8 insertions, 325 deletions
diff --git a/printer/ghostscript/DETAILS b/printer/ghostscript/DETAILS index 40a66d8294..78f0730e84 100755 --- a/printer/ghostscript/DETAILS +++ b/printer/ghostscript/DETAILS @@ -1,6 +1,6 @@ SPELL=ghostscript - VERSION=9.27 - SOURCE_HASH="sha512:5e67ad45a80f01c6ef0eabb1c76dfa8fb6e7f0fde8d82fd5daaf12f370c288a672f8fa69c74d9e30255582267e9a906e4e8b13655f8d993fefdfc8dbdb5d5401:UPSTREAM_HASH" + VERSION=9.50 + SOURCE_HASH="sha512:3c1e5db519a427f4b6bfb8d93f3c3dfb67d5ec9ccd19c7afa7670deb768515f3fc617c5588e54934bbfbedfdf8609ce2ffa36dd7da3cb618937fe034f64f43ee:UPSTREAM_HASH" SECURITY_PATCH=9 SOURCE=$SPELL-$VERSION.tar.xz SOURCE_DIRECTORY="$BUILD_DIRECTORY/$SPELL-$VERSION" diff --git a/printer/ghostscript/HISTORY b/printer/ghostscript/HISTORY index 33e5dc0fb0..173d4ac978 100644 --- a/printer/ghostscript/HISTORY +++ b/printer/ghostscript/HISTORY @@ -1,3 +1,9 @@ +2019-10-15 Florian Franzmann <siflfran@hawo.stw.uni-erlangen.de> + * DETAILS: version 9.50 + * patches/0001-cve-2019-10216.patch + patches/0002-make-forceput-inaccessible.patch + patches/0003-safer-mode-bypass-by-forceput-exposure-in-pdfexectoken.patch: removed + 2019-09-01 Pavel Vinogradov <public@sourcemage.org> * DETAILS. 0002-make-forceput-inaccessible.patch, 0003-safer-mode-bypass-by-forceput-exposure-in-pdfexectoken.patch: diff --git a/printer/ghostscript/patches/0001-cve-2019-10216.patch b/printer/ghostscript/patches/0001-cve-2019-10216.patch deleted file mode 100644 index 5349f5f4c6..0000000000 --- a/printer/ghostscript/patches/0001-cve-2019-10216.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 5b85ddd19a8420a1bd2d5529325be35d78e94234 Mon Sep 17 00:00:00 2001 -From: Chris Liddell <chris.liddell@artifex.com> -Date: Fri, 2 Aug 2019 15:18:26 +0100 -Subject: [PATCH] Bug 701394: protect use of .forceput with executeonly - ---- - Resource/Init/gs_type1.ps | 14 +++++++------- - 1 file changed, 7 insertions(+), 7 deletions(-) - -diff --git a/Resource/Init/gs_type1.ps b/Resource/Init/gs_type1.ps -index 6c7735b..a039cce 100644 ---- a/Resource/Init/gs_type1.ps -+++ b/Resource/Init/gs_type1.ps -@@ -118,25 +118,25 @@ - ( to be the same as glyph: ) print 1 index //== exec } if - 3 index exch 3 index .forceput - % scratch(string) RAGL(dict) AGL(dict) CharStrings(dict) cstring gname -- } -+ }executeonly - {pop} ifelse -- } forall -+ } executeonly forall - pop pop -- } -+ } executeonly - { - pop pop pop - } ifelse -- } -+ } executeonly - { - % scratch(string) RAGL(dict) AGL(dict) CharStrings(dict) cstring gname - pop pop - } ifelse -- } forall -+ } executeonly forall - 3 1 roll pop pop -- } if -+ } executeonly if - pop - dup /.AGLprocessed~GS //true .forceput -- } if -+ } executeonly if - - %% We need to excute the C .buildfont1 in a stopped context so that, if there - %% are errors we can put the stack back sanely and exit. Otherwise callers won't --- 2.9.1 diff --git a/printer/ghostscript/patches/0002-make-forceput-inaccessible.patch b/printer/ghostscript/patches/0002-make-forceput-inaccessible.patch deleted file mode 100644 index d50688fe4d..0000000000 --- a/printer/ghostscript/patches/0002-make-forceput-inaccessible.patch +++ /dev/null @@ -1,59 +0,0 @@ -From: Ken Sharp <ken.sharp@artifex.com> -Date: Tue, 20 Aug 2019 09:10:28 +0000 (+0100) -Subject: make .forceput inaccessible -X-Git-Url: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff_plain;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33 - -make .forceput inaccessible - -Bug #701343, #701344, #701345 - -More defensive programming. We don't want people to access .forecput -even though it is no longer sufficient to bypass SAFER. The exploit -in #701343 didn't work anyway because of earlier work to stop the error -handler being used, but nevertheless, prevent access to .forceput from -.setuserparams2. ---- - -diff --git a/Resource/Init/gs_lev2.ps b/Resource/Init/gs_lev2.ps -index 4cc7f82..0fd4164 100644 ---- a/Resource/Init/gs_lev2.ps -+++ b/Resource/Init/gs_lev2.ps -@@ -158,7 +158,7 @@ end - { - pop pop - } ifelse -- } forall -+ } executeonly forall - % A context switch might have occurred during the above loop, - % causing the interpreter-level parameters to be reset. - % Set them again to the new values. From here on, we are safe, -@@ -229,9 +229,9 @@ end - { pop pop - } - ifelse -- } -+ } executeonly - forall pop --} .bind odef -+} .bind executeonly odef - - % Initialize the passwords. - % NOTE: the names StartJobPassword and SystemParamsPassword are known to -diff --git a/Resource/Init/gs_pdfwr.ps b/Resource/Init/gs_pdfwr.ps -index c158a8f..422e66e 100644 ---- a/Resource/Init/gs_pdfwr.ps -+++ b/Resource/Init/gs_pdfwr.ps -@@ -658,11 +658,11 @@ currentdict /.pdfmarkparams .undef - systemdict /.pdf_hooked_DSC_Creator //true .forceput - } executeonly if - pop -- } if -+ } executeonly if - } { - pop - } ifelse -- } -+ } executeonly - { - pop - } ifelse diff --git a/printer/ghostscript/patches/0003-safer-mode-bypass-by-forceput-exposure-in-pdfexectoken.patch b/printer/ghostscript/patches/0003-safer-mode-bypass-by-forceput-exposure-in-pdfexectoken.patch deleted file mode 100644 index b6e4ab363b..0000000000 --- a/printer/ghostscript/patches/0003-safer-mode-bypass-by-forceput-exposure-in-pdfexectoken.patch +++ /dev/null @@ -1,217 +0,0 @@ -From: Ken Sharp <ken.sharp@artifex.com> -Date: Wed, 21 Aug 2019 09:10:51 +0000 (+0100) -Subject: PDF interpreter - review .forceput security -X-Git-Url: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff_plain;h=cd1b1cacadac2479e291efe611979bdc1b3bdb19 - -PDF interpreter - review .forceput security - -Bug #701450 "Safer Mode Bypass by .forceput Exposure in .pdfexectoken" - -By abusing the error handler it was possible to get the PDFDEBUG portion -of .pdfexectoken, which uses .forceput left readable. - -Add an executeonly appropriately to make sure that clause isn't readable -no mstter what. - -Review all the uses of .forceput searching for similar cases, add -executeonly as required to secure those. All cases in the PostScript -support files seem to be covered already. ---- - -diff --git a/Resource/Init/pdf_base.ps b/Resource/Init/pdf_base.ps -index 2e28cdd..02503ee 100644 ---- a/Resource/Init/pdf_base.ps -+++ b/Resource/Init/pdf_base.ps -@@ -157,7 +157,7 @@ currentdict /num-chars-dict .undef - { - dup ==only () = flush - } ifelse % PDFSTEP -- } if % PDFDEBUG -+ } executeonly if % PDFDEBUG - 2 copy .knownget { - exch pop exch pop exch pop exec - } { -diff --git a/Resource/Init/pdf_draw.ps b/Resource/Init/pdf_draw.ps -index 11eb485..fe3fc56 100644 ---- a/Resource/Init/pdf_draw.ps -+++ b/Resource/Init/pdf_draw.ps -@@ -501,8 +501,8 @@ end - ( Output may be incorrect.\n) pdfformaterror - //pdfdict /.gs_warning_issued //true .forceput - PDFSTOPONERROR { /gs /undefined signalerror } if -- } if -- } -+ } executeonly if -+ } executeonly - ifelse - } bind executeonly def - -@@ -1152,7 +1152,7 @@ currentdict end readonly def - .setglobal - pdfformaterror - } executeonly ifelse -- } -+ } executeonly - { - currentglobal //pdfdict gcheck .setglobal - //pdfdict /.Qqwarning_issued //true .forceput -@@ -1160,8 +1160,8 @@ currentdict end readonly def - pdfformaterror - } executeonly ifelse - end -- } ifelse -- } loop -+ } executeonly ifelse -+ } executeonly loop - { - (\n **** Error: File has unbalanced q/Q operators \(too many q's\)\n Output may be incorrect.\n) - //pdfdict /.Qqwarning_issued .knownget -@@ -1175,14 +1175,14 @@ currentdict end readonly def - .setglobal - pdfformaterror - } executeonly ifelse -- } -+ } executeonly - { - currentglobal //pdfdict gcheck .setglobal - //pdfdict /.Qqwarning_issued //true .forceput - .setglobal - pdfformaterror - } executeonly ifelse -- } if -+ } executeonly if - pop - - % restore pdfemptycount -diff --git a/Resource/Init/pdf_font.ps b/Resource/Init/pdf_font.ps -index da07da5..81b7af1 100644 ---- a/Resource/Init/pdf_font.ps -+++ b/Resource/Init/pdf_font.ps -@@ -677,13 +677,13 @@ - currentglobal 2 index dup gcheck setglobal - /FontInfo 5 dict dup 5 1 roll .forceput - setglobal -- } if -+ } executeonly if - dup /GlyphNames2Unicode .knownget not { - //true % No existing G2U, make one -- } { -+ } executeonly { - dup wcheck { - //false % Existing, writeable G2U, don't make new one -- } { -+ } executeonly { - pop //true % Existing read only G2U, make new one - } ifelse - } ifelse -@@ -701,9 +701,9 @@ - } if - PDFDEBUG { - (.processToUnicode end) = -- } if -- } if -- } stopped -+ } executeonly if -+ } executeonly if -+ } executeonly stopped - { - .dstackdepth 1 countdictstack 1 sub - {pop end} for -@@ -1233,19 +1233,20 @@ - //pdfdict /.Qqwarning_issued //true .forceput - } executeonly if - Q -- } repeat -+ } executeonly repeat - Q -- } PDFfile fileposition 2 .execn % Keep pdfcount valid. -+ } executeonly PDFfile fileposition 2 .execn % Keep pdfcount valid. - PDFfile exch setfileposition -- } ifelse -- } { -+ } executeonly ifelse -+ } executeonly -+ { - % PDF Type 3 fonts don't use .notdef - % d1 implementation adjusts the width as needed - 0 0 0 0 0 0 - pdfopdict /d1 get exec - } ifelse - end end -- } bdef -+ } executeonly bdef - dup currentdict Encoding .processToUnicode - currentdict end .completefont exch pop - } bind executeonly odef -@@ -2045,9 +2046,9 @@ - (Will continue, but content may be missing.) = flush - } ifelse - } if -- } if -+ } executeonly if - /findresource cvx /undefined signalerror -- } loop -+ } executeonly loop - } bind executeonly odef - - /buildCIDType0 { % <CIDFontType0-font-resource> buildCIDType0 <font> -diff --git a/Resource/Init/pdf_main.ps b/Resource/Init/pdf_main.ps -index 00d7e36..7690bae 100644 ---- a/Resource/Init/pdf_main.ps -+++ b/Resource/Init/pdf_main.ps -@@ -2771,15 +2771,15 @@ currentdict /PDF2PS_matrix_key undef - .setglobal - pdfformaterror - } executeonly ifelse -- } -+ } executeonly - { - currentglobal //pdfdict gcheck .setglobal - //pdfdict /.Qqwarning_issued //true .forceput - .setglobal - pdfformaterror - } executeonly ifelse -- } if -- } if -+ } executeonly if -+ } executeonly if - pop - count PDFexecstackcount sub { pop } repeat - (after exec) VMDEBUG -diff --git a/Resource/Init/pdf_ops.ps b/Resource/Init/pdf_ops.ps -index a15c8c6..d594035 100644 ---- a/Resource/Init/pdf_ops.ps -+++ b/Resource/Init/pdf_ops.ps -@@ -192,14 +192,14 @@ currentdict /gput_always_allow .undef - .setglobal - pdfformaterror - } executeonly ifelse -- } -+ } executeonly - { - currentglobal //pdfdict gcheck .setglobal - //pdfdict /.Qqwarning_issued //true .forceput - .setglobal - pdfformaterror - } executeonly ifelse -- } if -+ } executeonly if - } bind executeonly odef - - % Save PDF gstate -@@ -446,11 +446,12 @@ currentdict /gput_always_allow .undef - dup type /booleantype eq { - .currentSMask type /dicttype eq { - .currentSMask /Processed 2 index .forceput -+ } executeonly -+ { -+ .setSMask -+ }ifelse - } executeonly - { -- .setSMask -- }ifelse -- }{ - .setSMask - }ifelse - |