diff options
author | Minjae Kim <flowergom@gmail.com> | 2022-02-28 11:38:38 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-03-10 16:39:45 +0000 |
commit | f8d05252d1f99c49208e07133d8534fab70af37f (patch) | |
tree | f22934cbfc11aded4c6d6e7db9685ca26e0ebf31 /meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb | |
parent | b2bd31b9cc10165719d132073ddaa8e93298f633 (diff) | |
download | poky-f8d05252d1f99c49208e07133d8534fab70af37f.tar.gz |
ghostscript: fix CVE-2021-45949
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish
(called from sampled_data_continue and interp).
To apply this CVE-2021-45959 patch,
the check-stack-limits-after-function-evalution.patch should be applied first.
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-45949
(From OE-Core rev: 5fb43ed64ae32abe4488f2eb37c1b82f97f83db0)
(From OE-Core rev: 9b0199a1d8ec3c7bbfd2022932d524d61f2c6832)
Signed-off-by: Minjae Kim <flowergom@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb')
-rw-r--r-- | meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb b/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb index 216822478f..958a88e968 100644 --- a/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb +++ b/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb | |||
@@ -34,6 +34,8 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d | |||
34 | file://avoid-host-contamination.patch \ | 34 | file://avoid-host-contamination.patch \ |
35 | file://mkdir-p.patch \ | 35 | file://mkdir-p.patch \ |
36 | file://0001-Bug-704342-Include-device-specifier-strings-in-acces.patch \ | 36 | file://0001-Bug-704342-Include-device-specifier-strings-in-acces.patch \ |
37 | file://check-stack-limits-after-function-evalution.patch \ | ||
38 | file://CVE-2021-45949.patch \ | ||
37 | " | 39 | " |
38 | 40 | ||
39 | SRC_URI = "${SRC_URI_BASE} \ | 41 | SRC_URI = "${SRC_URI_BASE} \ |