From 060ba609bd6ed40c8407934191da60c5e3ad8de7 Mon Sep 17 00:00:00 2001 From: Lee Chee Yang Date: Tue, 18 Aug 2020 22:06:36 +0800 Subject: ghostscript: update to 9.52 This is maintenance release consolidating the changes introduced in 9.50. see : https://www.ghostscript.com/doc/9.52/News.htm Drop all custom objarch.h files; ghostscript nowadays generates that with autoconf. Freetype can no longer be disabled. Building out of source tree is broken. Upgrade include several CVE fixes: CVE-2020-16287 CVE-2020-16288 CVE-2020-16289 CVE-2020-16290 CVE-2020-16291 CVE-2020-16292 CVE-2020-16293 CVE-2020-16294 CVE-2020-16295 CVE-2020-16296 CVE-2020-16297 CVE-2020-16298 CVE-2020-16299 CVE-2020-16300 CVE-2020-16301 CVE-2020-16302 CVE-2020-16303 CVE-2020-16304 CVE-2020-16305 CVE-2020-16308 CVE-2020-16309 CVE-2020-17538 (From OE-Core rev: 1cee5540ca74c38cc483b28f720e345644d6ca9b) Signed-off-by: Lee Chee Yang Signed-off-by: Steve Sakoman Signed-off-by: Richard Purdie --- .../ghostscript/CVE-2019-14869-0001.patch | 70 ---------------------- 1 file changed, 70 deletions(-) delete mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14869-0001.patch (limited to 'meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14869-0001.patch') diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14869-0001.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14869-0001.patch deleted file mode 100644 index 715ec1c450..0000000000 --- a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14869-0001.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 485904772c5f0aa1140032746e5a0abfc40f4cef Mon Sep 17 00:00:00 2001 -From: Chris Liddell -Date: Tue, 5 Nov 2019 09:45:27 +0000 -Subject: [PATCH] Bug 701841: remove .forceput from /.charkeys - -When loading Type 1 or Truetype fonts from disk, we attempt to extend the glyph -name table to include all identifiable glyph names from the Adobe Glyph List. - -In the case of Type 1 fonts, the font itself (almost always) marks the -CharStrings dictionary as read-only, hence we have to use .forceput for that -case. - -But for Truetype fonts, the CharStrings dictionary is created internally and is -not read-only until *after* we have fully populated it (including the extended -glyph names from the AGL), hence there is no need for .forceput, and no need to -carry the security risk of using it. - -Replace with regular put. - -CVE: CVE-2019-14869 -Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git] - -Signed-off-by: Stefan Ghinea ---- - Resource/Init/gs_ttf.ps | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/Resource/Init/gs_ttf.ps b/Resource/Init/gs_ttf.ps -index e34967d..5354ff0 100644 ---- a/Resource/Init/gs_ttf.ps -+++ b/Resource/Init/gs_ttf.ps -@@ -1301,7 +1301,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef - TTFDEBUG { (\n1 setting alias: ) print dup ==only - ( to be the same as ) print 2 index //== exec } if - -- 7 index 2 index 3 -1 roll exch .forceput -+ 7 index 2 index 3 -1 roll exch put - } forall - pop pop pop - } -@@ -1319,7 +1319,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef - exch pop - TTFDEBUG { (\n2 setting alias: ) print 1 index ==only - ( to use glyph index: ) print dup //== exec } if -- 5 index 3 1 roll .forceput -+ 5 index 3 1 roll put - //false - } - { -@@ -1336,7 +1336,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef - { % CharStrings(dict) isunicode(boolean) cmap(dict) RAGL(dict) gname(name) codep(integer) gindex(integer) - TTFDEBUG { (\3 nsetting alias: ) print 1 index ==only - ( to be index: ) print dup //== exec } if -- exch pop 5 index 3 1 roll .forceput -+ exch pop 5 index 3 1 roll put - } - { - pop pop -@@ -1366,7 +1366,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef - } ifelse - ] - TTFDEBUG { (Encoding: ) print dup === flush } if --} .bind executeonly odef % hides .forceput -+} .bind odef - - % ---------------- CIDFontType 2 font loading ---------------- % - --- -2.20.1 - -- cgit v1.2.3-54-g00ecf