<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/poky.git/meta/recipes-extended/ghostscript, branch uninative-2.6</title>
<subtitle>Mirror of git.yoctoproject.org/poky</subtitle>
<id>https://git.enea.com/cgit/linux/poky.git/atom?h=uninative-2.6</id>
<link rel='self' href='https://git.enea.com/cgit/linux/poky.git/atom?h=uninative-2.6'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/'/>
<updated>2019-05-12T16:55:11+00:00</updated>
<entry>
<title>ghostscript: 9.26 -&gt; 9.27</title>
<updated>2019-05-12T16:55:11+00:00</updated>
<author>
<name>Hongxu Jia</name>
<email>hongxu.jia@windriver.com</email>
</author>
<published>2019-05-12T08:16:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=7e4ca0f7229cb25536b91c09b00b56ce2c2b0f49'/>
<id>urn:sha1:7e4ca0f7229cb25536b91c09b00b56ce2c2b0f49</id>
<content type='text'>
- Rebase ghostscript-9.02-genarch.patch

- Drop backported CVE patches

(From OE-Core rev: 62510fc82a8eee19bfc51d7b5bc1c6f2aec3825b)

Signed-off-by: Hongxu Jia &lt;hongxu.jia@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ghostscript: set CVE_PRODUCT</title>
<updated>2019-05-08T11:15:17+00:00</updated>
<author>
<name>Chen Qi</name>
<email>Qi.Chen@windriver.com</email>
</author>
<published>2019-05-05T06:12:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=918131d4530dd05ffa274aaf798d8c74e847448d'/>
<id>urn:sha1:918131d4530dd05ffa274aaf798d8c74e847448d</id>
<content type='text'>
(From OE-Core rev: 721e69aa12dd9ee22618ef13f29fb6d28eeab9af)

Signed-off-by: Chen Qi &lt;Qi.Chen@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ghostscript: Fix 3 CVEs</title>
<updated>2019-04-09T12:44:39+00:00</updated>
<author>
<name>Ovidiu Panait</name>
<email>ovidiu.panait@windriver.com</email>
</author>
<published>2019-04-05T14:56:31+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=327513ee83499827b6f4a8fae2ba0336b65bb68a'/>
<id>urn:sha1:327513ee83499827b6f4a8fae2ba0336b65bb68a</id>
<content type='text'>
It was discovered that the ghostscript /invalidaccess checks fail under
certain conditions. An attacker could possibly exploit this to bypass
the -dSAFER protection and, for example, execute arbitrary shell commands
via a specially crafted PostScript document.

It was found that the superexec operator was available in the internal
dictionary in ghostscript before 9.27. A specially crafted PostScript
file could use this flaw in order to, for example, have access to the
file system outside of the constrains imposed by -dSAFER.

It was found that the forceput operator could be extracted from the
DefineResource method in ghostscript before 9.27. A specially crafted
PostScript file could use this flaw in order to, for example, have
access to the file system outside of the constrains imposed by -dSAFER.

References:
https://nvd.nist.gov/vuln/detail/CVE-2019-6116
https://www.openwall.com/lists/oss-security/2019/01/23/5
https://nvd.nist.gov/vuln/detail/CVE-2019-3835
https://nvd.nist.gov/vuln/detail/CVE-2019-3838

Upstream patches:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=13b0a36
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2db98f9
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=99f1309
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=59d8f4d
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2768d1a
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=49c8092
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2ff600a
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=779664d
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=e8acf6d
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2055917
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d683d1e
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ed9fcd9
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a82601e

(From OE-Core rev: 12e140dfdac8456772223c816e37bd869419bb18)

Signed-off-by: Ovidiu Panait &lt;ovidiu.panait@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ghostscript: 9.25 -&gt; 9.26</title>
<updated>2018-12-01T11:38:36+00:00</updated>
<author>
<name>Hongxu Jia</name>
<email>hongxu.jia@windriver.com</email>
</author>
<published>2018-11-28T07:02:54+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=93db812f0c8a5612e95464d29f04f2e48e9879bc'/>
<id>urn:sha1:93db812f0c8a5612e95464d29f04f2e48e9879bc</id>
<content type='text'>
- Drop backported CVE fixes
  000[1-8]*.patch

(From OE-Core rev: f30bd6bf01dbf81f0872382be44d507fb981f953)

Signed-off-by: Hongxu Jia &lt;hongxu.jia@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ghostscript: fix CVE-2018-18284</title>
<updated>2018-11-07T23:08:54+00:00</updated>
<author>
<name>Hongxu Jia</name>
<email>hongxu.jia@windriver.com</email>
</author>
<published>2018-11-05T08:03:37+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=05c548c5f41cb7aa74984a0697b8ee8e0dceeb20'/>
<id>urn:sha1:05c548c5f41cb7aa74984a0697b8ee8e0dceeb20</id>
<content type='text'>
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a
sandbox protection mechanism via vectors involving the 1Policy
operator.

(From OE-Core rev: 98ab5c5770d20b39bf3c58083f31f31838f2e940)

Signed-off-by: Hongxu Jia &lt;hongxu.jia@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ghostscript: fix CVE-2018-18073</title>
<updated>2018-11-07T23:08:54+00:00</updated>
<author>
<name>Hongxu Jia</name>
<email>hongxu.jia@windriver.com</email>
</author>
<published>2018-11-05T08:03:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=9e2e38d349d5ac41c140761f44b96a31171d5109'/>
<id>urn:sha1:9e2e38d349d5ac41c140761f44b96a31171d5109</id>
<content type='text'>
Artifex Ghostscript allows attackers to bypass a sandbox protection
mechanism by leveraging exposure of system operators in the saved
execution stack in an error object.

(From OE-Core rev: 6098c19e1f179896af7013c4b5db3081549c97bc)

Signed-off-by: Hongxu Jia &lt;hongxu.jia@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ghostscript: fix CVE-2018-17961</title>
<updated>2018-11-07T23:08:54+00:00</updated>
<author>
<name>Hongxu Jia</name>
<email>hongxu.jia@windriver.com</email>
</author>
<published>2018-11-05T08:03:35+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=e84345d6e6ce129e1bffccc29b5159cb50de5ed0'/>
<id>urn:sha1:e84345d6e6ce129e1bffccc29b5159cb50de5ed0</id>
<content type='text'>
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a
sandbox protection mechanism via vectors involving errorhandler
setup. NOTE: this issue exists because of an incomplete fix for
CVE-2018-17183.

(From OE-Core rev: 6c32ea184941d292cd8f0eb898e6cc90120ada40)

Signed-off-by: Hongxu Jia &lt;hongxu.jia@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ghostscript: upgrade to 9.25</title>
<updated>2018-09-20T12:41:32+00:00</updated>
<author>
<name>Jagadeesh Krishnanjanappa</name>
<email>jkrishnanjanappa@mvista.com</email>
</author>
<published>2018-09-17T16:44:50+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=ebecaa5f4814fa30d0b304c495ed4533bbffd5a6'/>
<id>urn:sha1:ebecaa5f4814fa30d0b304c495ed4533bbffd5a6</id>
<content type='text'>
Removed below patches, as v9.25 source already has those
changes/security fixes:

0001-Bug-699665-memory-corruption-in-aesdecode.patch
0001-pdfwrite-Guard-against-trying-to-output-an-infinite-.patch
0002-Bug-699656-Handle-LockDistillerParams-not-being-a-bo.patch
0003-Fix-Bug-699660-shading_param-incomplete-type-checkin.patch
0004-Hide-the-.shfill-operator.patch
0005-Bug-699657-properly-apply-file-permissions-to-.tempf.patch
remove-direct-symlink.patch

Re-worked ghostscript-9.21-native-fix-disable-system-libtiff.patch
and ghostscript-9.21-prevent_recompiling.patch
to fix warnings in do_patch task of ghostscript v9.25 recipe.

Highlights of ghostscript v9.25 release:
---------------------------------------
- This release fixes problems with argument handling, some unintended results
  of the security fixes to the SAFER file access restrictions
  (specifically accessing ICC profile files), and some additional security
  issues over the recent 9.24 release.

- Note: The ps2epsi utility does not, and cannot call Ghostscript with
  the -dSAFER command line option. It should never be called with input
  from untrusted sources.

- Security issues have been the primary focus of this release, including
  solving several (well publicised) real and potential exploits.

- As well as Ghostscript itself, jbig2dec has had a significant amount of work
  improving its robustness in the face of out specification files.

- IMPORTANT: We are in the process of forking LittleCMS. LCMS2 is not thread
  safe, and cannot be made thread safe without breaking the ABI.
  Our fork will be thread safe, and include performance enhancements
  (these changes have all be been offered and rejected upstream). We will
  maintain compatibility between Ghostscript and LCMS2 for a time, but not in
  perpetuity. Our fork will be available as its own package separately from
  Ghostscript (and MuPDF).

- The usual round of bug fixes, compatibility changes, and incremental
  improvements.

(From OE-Core rev: 4340928b8878b91b5a2750eb6bc87918740511ca)

Signed-off-by: Jagadeesh Krishnanjanappa &lt;jkrishnanjanappa@mvista.com&gt;

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ghostscript: fix CVE-2018-15908 &amp; CVE-2018-15909 &amp; CVE-2018-15910 &amp; CVE-2018-15911</title>
<updated>2018-09-11T08:05:35+00:00</updated>
<author>
<name>Hongxu Jia</name>
<email>hongxu.jia@windriver.com</email>
</author>
<published>2018-09-10T07:21:01+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=c0f6e29c2146c66dffee65d7d650fc906a57a26c'/>
<id>urn:sha1:c0f6e29c2146c66dffee65d7d650fc906a57a26c</id>
<content type='text'>
(From OE-Core rev: b6d32d43fd2b016e932b7dc81fb943eb936b73bb)

Signed-off-by: Hongxu Jia &lt;hongxu.jia@windriver.com&gt;
Signed-off-by: Ross Burton &lt;ross.burton@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>ghostscript: fix CVE-2018-10194</title>
<updated>2018-07-03T23:02:16+00:00</updated>
<author>
<name>Hongxu Jia</name>
<email>hongxu.jia@windriver.com</email>
</author>
<published>2018-07-02T08:18:38+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=8342cc7d2f00d6f881fd4e578f057859cffaa609'/>
<id>urn:sha1:8342cc7d2f00d6f881fd4e578f057859cffaa609</id>
<content type='text'>
https://nvd.nist.gov/vuln/detail/CVE-2018-10194

(From OE-Core rev: 4b56d6a61bfe4ca28d1301ae83898a979d3df73a)

Signed-off-by: Hongxu Jia &lt;hongxu.jia@windriver.com&gt;
Signed-off-by: Ross Burton &lt;ross.burton@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
</feed>
