diff options
author | Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> | 2018-09-17 22:14:50 +0530 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-09-20 05:41:32 -0700 |
commit | ebecaa5f4814fa30d0b304c495ed4533bbffd5a6 (patch) | |
tree | c99267c1711cf17a9b6dcac7089506a697b4d8ba /meta/recipes-extended/ghostscript/ghostscript/0002-Bug-699656-Handle-LockDistillerParams-not-being-a-bo.patch | |
parent | 8a839b7e2bb1f19025a8dab388019697c7512500 (diff) | |
download | poky-ebecaa5f4814fa30d0b304c495ed4533bbffd5a6.tar.gz |
ghostscript: upgrade to 9.25
Removed below patches, as v9.25 source already has those
changes/security fixes:
0001-Bug-699665-memory-corruption-in-aesdecode.patch
0001-pdfwrite-Guard-against-trying-to-output-an-infinite-.patch
0002-Bug-699656-Handle-LockDistillerParams-not-being-a-bo.patch
0003-Fix-Bug-699660-shading_param-incomplete-type-checkin.patch
0004-Hide-the-.shfill-operator.patch
0005-Bug-699657-properly-apply-file-permissions-to-.tempf.patch
remove-direct-symlink.patch
Re-worked ghostscript-9.21-native-fix-disable-system-libtiff.patch
and ghostscript-9.21-prevent_recompiling.patch
to fix warnings in do_patch task of ghostscript v9.25 recipe.
Highlights of ghostscript v9.25 release:
---------------------------------------
- This release fixes problems with argument handling, some unintended results
of the security fixes to the SAFER file access restrictions
(specifically accessing ICC profile files), and some additional security
issues over the recent 9.24 release.
- Note: The ps2epsi utility does not, and cannot call Ghostscript with
the -dSAFER command line option. It should never be called with input
from untrusted sources.
- Security issues have been the primary focus of this release, including
solving several (well publicised) real and potential exploits.
- As well as Ghostscript itself, jbig2dec has had a significant amount of work
improving its robustness in the face of out specification files.
- IMPORTANT: We are in the process of forking LittleCMS. LCMS2 is not thread
safe, and cannot be made thread safe without breaking the ABI.
Our fork will be thread safe, and include performance enhancements
(these changes have all be been offered and rejected upstream). We will
maintain compatibility between Ghostscript and LCMS2 for a time, but not in
perpetuity. Our fork will be available as its own package separately from
Ghostscript (and MuPDF).
- The usual round of bug fixes, compatibility changes, and incremental
improvements.
(From OE-Core rev: 4340928b8878b91b5a2750eb6bc87918740511ca)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/ghostscript/ghostscript/0002-Bug-699656-Handle-LockDistillerParams-not-being-a-bo.patch')
-rw-r--r-- | meta/recipes-extended/ghostscript/ghostscript/0002-Bug-699656-Handle-LockDistillerParams-not-being-a-bo.patch | 53 |
1 files changed, 0 insertions, 53 deletions
diff --git a/meta/recipes-extended/ghostscript/ghostscript/0002-Bug-699656-Handle-LockDistillerParams-not-being-a-bo.patch b/meta/recipes-extended/ghostscript/ghostscript/0002-Bug-699656-Handle-LockDistillerParams-not-being-a-bo.patch deleted file mode 100644 index a16f215bd3..0000000000 --- a/meta/recipes-extended/ghostscript/ghostscript/0002-Bug-699656-Handle-LockDistillerParams-not-being-a-bo.patch +++ /dev/null | |||
@@ -1,53 +0,0 @@ | |||
1 | From 1b516be5f6829ab6ce37835529ba08abd6d18663 Mon Sep 17 00:00:00 2001 | ||
2 | From: Chris Liddell <chris.liddell@artifex.com> | ||
3 | Date: Tue, 21 Aug 2018 16:42:45 +0100 | ||
4 | Subject: [PATCH 2/5] Bug 699656: Handle LockDistillerParams not being a | ||
5 | boolean | ||
6 | |||
7 | This caused a function call commented as "Can't fail" to fail, and resulted | ||
8 | in memory correuption and a segfault. | ||
9 | |||
10 | CVE: CVE-2018-15910 | ||
11 | Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git] | ||
12 | |||
13 | Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> | ||
14 | --- | ||
15 | devices/vector/gdevpdfp.c | 2 +- | ||
16 | psi/iparam.c | 7 ++++--- | ||
17 | 2 files changed, 5 insertions(+), 4 deletions(-) | ||
18 | |||
19 | diff --git a/devices/vector/gdevpdfp.c b/devices/vector/gdevpdfp.c | ||
20 | index 522db7a..f2816b9 100644 | ||
21 | --- a/devices/vector/gdevpdfp.c | ||
22 | +++ b/devices/vector/gdevpdfp.c | ||
23 | @@ -364,7 +364,7 @@ gdev_pdf_put_params_impl(gx_device * dev, const gx_device_pdf * save_dev, gs_par | ||
24 | * LockDistillerParams is read again, and reset if necessary, in | ||
25 | * psdf_put_params. | ||
26 | */ | ||
27 | - ecode = param_read_bool(plist, "LockDistillerParams", &locked); | ||
28 | + ecode = param_read_bool(plist, (param_name = "LockDistillerParams"), &locked); | ||
29 | if (ecode < 0) | ||
30 | param_signal_error(plist, param_name, ecode); | ||
31 | |||
32 | diff --git a/psi/iparam.c b/psi/iparam.c | ||
33 | index 68c20d4..0279455 100644 | ||
34 | --- a/psi/iparam.c | ||
35 | +++ b/psi/iparam.c | ||
36 | @@ -822,10 +822,11 @@ static int | ||
37 | ref_param_read_signal_error(gs_param_list * plist, gs_param_name pkey, int code) | ||
38 | { | ||
39 | iparam_list *const iplist = (iparam_list *) plist; | ||
40 | - iparam_loc loc; | ||
41 | + iparam_loc loc = {0}; | ||
42 | |||
43 | - ref_param_read(iplist, pkey, &loc, -1); /* can't fail */ | ||
44 | - *loc.presult = code; | ||
45 | + ref_param_read(iplist, pkey, &loc, -1); | ||
46 | + if (loc.presult) | ||
47 | + *loc.presult = code; | ||
48 | switch (ref_param_read_get_policy(plist, pkey)) { | ||
49 | case gs_param_policy_ignore: | ||
50 | return 0; | ||
51 | -- | ||
52 | 2.8.1 | ||
53 | |||