summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/ghostscript/files
Commit message (Collapse)AuthorAgeFilesLines
* ghostscript: 9.25 -> 9.26Hongxu Jia2018-12-018-1285/+0
| | | | | | | | | | - Drop backported CVE fixes 000[1-8]*.patch (From OE-Core rev: f30bd6bf01dbf81f0872382be44d507fb981f953) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: fix CVE-2018-18284Hongxu Jia2018-11-071-0/+245
| | | | | | | | | | | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. (From OE-Core rev: 98ab5c5770d20b39bf3c58083f31f31838f2e940) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: fix CVE-2018-18073Hongxu Jia2018-11-072-0/+239
| | | | | | | | | | | Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. (From OE-Core rev: 6098c19e1f179896af7013c4b5db3081549c97bc) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: fix CVE-2018-17961Hongxu Jia2018-11-075-0/+801
| | | | | | | | | | | | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. (From OE-Core rev: 6c32ea184941d292cd8f0eb898e6cc90120ada40) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: 9.21 -> 9.23Hongxu Jia2018-05-041-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. Drop backported patches - CVE-2017-7207.patch - CVE-2017-5951.patch - CVE-2017-7975.patch - CVE-2017-9216.patch - CVE-2017-9611.patch - CVE-2017-9612.patch - CVE-2017-9739.patch - CVE-2017-9726.patch - CVE-2017-9727.patch - CVE-2017-9835.patch - CVE-2017-11714.patch 2. Rebase to 9.23 - ghostscript-9.15-parallel-make.patch - ghostscript-9.16-Werror-return-type.patch - do-not-check-local-libpng-source.patch - avoid-host-contamination.patch - mkdir-p.patch - ghostscript-9.21-prevent_recompiling.patch - ghostscript-9.02-genarch.patch - cups-no-gcrypt.patch - ghostscript-9.21-native-fix-disable-system-libtiff.patch - base-genht.c-add-a-preprocessor-define-to-allow-fope.patch 3. Add packps from (native to target) to support cross compiling. 4. Add remove-direct-symlink.patch to fix do_populate_sysroot failure (From OE-Core rev: f8b4636472c6784fb78ca09a7dd7ebe53011f631) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: upgrade to 9.19Hongxu Jia2016-06-153-133/+4
| | | | | | | | | | | | | | | | | | - Ghostscript and GhostPDL releases from version 9.19 have been moved to GitHub hosting, tweak download site - Drop 0001-Bug-696497-Fix-support-for-building-with-no-jbig2-de.patch, and 0002-Bug-696497-part-2-fix-support-for-building-with-a-JP.patch, ghostscript 9.19 has fixed them. - Fix QA Warning unrecognised options: --enable-little-endian. It use AC_C_BIGENDIAN to detect big/little endian. http://www.delorie.com/gnu/docs/autoconf/autoconf_64.html (From OE-Core rev: 227ca0a373b5a93602a419296ff1da1a96615ba2) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: 9.16 -> 9.18Hongxu Jia2016-03-093-0/+167
- Backport patches to fix build failure caused by '--without-jbig2dec' and '--without-jbig2dec'. ... |make[1]: *** No rule to make target `obj/sjbig2_.dev', needed by `obj/sjbig2.dev'. Stop. ... http://bugs.ghostscript.com/show_bug.cgi?id=696497 - Previously, it did not build the whole local libpng source in ghostscript, only picked up specific files and compile them. But on ghostscript 9.18, when the arm's FPU has been set to NEON (-mfpu=neon * with GCC), the selected file "libpng/pngrutil.c" needs to link 'png_init_filter_functions_neon' which should be compiled by a non-selected file "libpng/arm/arm_init.c". ... |./obj/pngrutil.o: In function `png_init_filter_functions': |armv7a-neon-poky-linux-gnueabi/ghostscript/9.18-r0/build/../ ghostscript-9.18/libpng/pngrutil.c:3921: undefined reference to `png_init_filter_functions_neon' ... So do not compile local libpng source in ghostscript, use shared libpng to instead. (From OE-Core rev: c7da39c43fc20e634c45212151400c663b39399a) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>