diff options
author | Joe Slater <jslater@windriver.com> | 2017-08-22 14:14:46 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-09-11 22:15:58 +0100 |
commit | e6533d1d9e8c3acd4db3e6cc96ae2afb802ea094 (patch) | |
tree | bc2ffed3acf7b8b3aabc745ed2059fd314c0bd4d /meta/recipes-extended/ghostscript/ghostscript_9.20.bb | |
parent | bbb081544c8dda14304146e5253a650d7df07622 (diff) | |
download | poky-e6533d1d9e8c3acd4db3e6cc96ae2afb802ea094.tar.gz |
ghostscript: CVE-2017-9727, -9835, -11714
CVE-2017-9727: make bounds check in gx_ttfReader__Read more robust
CVE-2017-9835: bounds check the array allocations methods
CVE-2017-11714: prevent trying to reloc a freed object
(From OE-Core rev: 2eae91f9fa1cfdd3f0e6111956c8f193fd0db69f)
(From OE-Core rev: 1c9e3318791e36d6bc851192a7640ee639f61f23)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/ghostscript/ghostscript_9.20.bb')
-rw-r--r-- | meta/recipes-extended/ghostscript/ghostscript_9.20.bb | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.20.bb b/meta/recipes-extended/ghostscript/ghostscript_9.20.bb index a7fb467fc5..e1d9700ab5 100644 --- a/meta/recipes-extended/ghostscript/ghostscript_9.20.bb +++ b/meta/recipes-extended/ghostscript/ghostscript_9.20.bb | |||
@@ -45,6 +45,9 @@ SRC_URI = "${SRC_URI_BASE} \ | |||
45 | file://CVE-2017-9612.patch \ | 45 | file://CVE-2017-9612.patch \ |
46 | file://CVE-2017-9739.patch \ | 46 | file://CVE-2017-9739.patch \ |
47 | file://CVE-2017-9726.patch \ | 47 | file://CVE-2017-9726.patch \ |
48 | file://CVE-2017-9727.patch \ | ||
49 | file://CVE-2017-9835.patch \ | ||
50 | file://CVE-2017-11714.patch \ | ||
48 | " | 51 | " |
49 | 52 | ||
50 | SRC_URI_class-native = "${SRC_URI_BASE} \ | 53 | SRC_URI_class-native = "${SRC_URI_BASE} \ |