diff options
author | Rasmus Thomsen <oss@cogitri.dev> | 2019-08-13 11:39:58 +0200 |
---|---|---|
committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2019-08-13 12:44:14 +0000 |
commit | 356973950eee8c184c404d8ef97eec75452d8d90 (patch) | |
tree | 1f0140d774daf6f5608c30e76bc7b7d3e254b50c /main | |
parent | ea5be313d97682dce48ab78c70818867579099d8 (diff) | |
download | aports-356973950eee8c184c404d8ef97eec75452d8d90.tar.bz2 aports-356973950eee8c184c404d8ef97eec75452d8d90.tar.xz |
main/ghostscript: fix CVE-2019-10216
Ref #10726
Diffstat (limited to 'main')
-rw-r--r-- | main/ghostscript/APKBUILD | 8 | ||||
-rw-r--r-- | main/ghostscript/CVE-2019-10216.patch | 49 |
2 files changed, 55 insertions, 2 deletions
diff --git a/main/ghostscript/APKBUILD b/main/ghostscript/APKBUILD index ac139d32cb..3abe52709b 100644 --- a/main/ghostscript/APKBUILD +++ b/main/ghostscript/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Cameron Banta <cbanta@gmail.com> pkgname=ghostscript pkgver=9.26 -pkgrel=2 +pkgrel=3 pkgdesc="An interpreter for the PostScript language and for PDF" url="https://ghostscript.com/" arch="all" @@ -16,12 +16,15 @@ source="https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/ CVE-2019-6116.patch CVE-2019-3835.patch CVE-2019-3838.patch + CVE-2019-10216.patch ghostscript-system-zlib.patch fix-sprintf.patch " builddir="$srcdir/$pkgname-$pkgver" # secfixes: +# 9.26-r3: +# - CVE-2019-10216 # 9.26-r2: # - CVE-2019-3835 # - CVE-2019-3838 @@ -135,8 +138,9 @@ gtk() { sha512sums="670159c23618ffafa85c671642bf182a107a82c053a1fd8c3f45f73f203524077be1b212d2ddbabae7892c7713922877e03b020f78bd2aab1ae582c4fc7d820a ghostscript-9.26.tar.gz 289d916a0b0da410e6f721e42bc44659c91c66ca0f7b96b1a6b010ae1c25e47788e282edc3578b4e4b120a2c684c7b1fd4cc574084bdc9cbbf6e431a01fbae0e 0001-Bug700317-Address-.force-operators-exposure.tgz +78564c1dd878cb6a924663cb5d61901a413a867dedc8753e537e08a4da9cc0aaeb817bab266fd66e5d0e871d9ed6078af6e6f455b5426e0917875682d76638f5 CVE-2019-6116.patch 31769852e75be4e1cd0e7c3f43cc7b3457bf9ba505fc2a5acda53779cc5626854bf15fef3e225f3d922f4038dd18c598dbac30abb863159202e4d0fe02c02d3b CVE-2019-3835.patch dc3bd1de86e4a968ed35a35a125f682cffeed51fe4dbf9b3939dd78b07ef0748fe6b34816e689bcfffb4f819e51bcb5022f3151a5610aa24fd2468cdcbc665ea CVE-2019-3838.patch -78564c1dd878cb6a924663cb5d61901a413a867dedc8753e537e08a4da9cc0aaeb817bab266fd66e5d0e871d9ed6078af6e6f455b5426e0917875682d76638f5 CVE-2019-6116.patch +f89744b17922b7d9c04c6de69ce35fa621732e4373eccc158b7ff6a9e56d2cf0bbea30c28119f4808864ca584e94342e5125d7bcc6195252455b5f223f379e3f CVE-2019-10216.patch 70721e3a335afa5e21d4e6cf919119010bd4544a03ab8f53f5325c173902221ad9b88c118b4bfeee80b3e1956bcdbaf4c53f64ae7fb81f5ba57dbc956750c482 ghostscript-system-zlib.patch beefcf395f7f828e1b81c088022c08a506e218f27535b9de01e0f0edf7979b435316c318fa676771630f6ad16ff1ab059cd68aa128ed97e5a9f2f3fa840200c4 fix-sprintf.patch" diff --git a/main/ghostscript/CVE-2019-10216.patch b/main/ghostscript/CVE-2019-10216.patch new file mode 100644 index 0000000000..e8dfa05a94 --- /dev/null +++ b/main/ghostscript/CVE-2019-10216.patch @@ -0,0 +1,49 @@ +From 5b85ddd19a8420a1bd2d5529325be35d78e94234 Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Fri, 2 Aug 2019 15:18:26 +0100 +Subject: [PATCH] Bug 701394: protect use of .forceput with executeonly + +--- + Resource/Init/gs_type1.ps | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +diff --git a/Resource/Init/gs_type1.ps b/Resource/Init/gs_type1.ps +index 6c7735b..a039cce 100644 +--- a/Resource/Init/gs_type1.ps ++++ b/Resource/Init/gs_type1.ps +@@ -118,25 +118,25 @@ + ( to be the same as glyph: ) print 1 index //== exec } if + 3 index exch 3 index .forceput + % scratch(string) RAGL(dict) AGL(dict) CharStrings(dict) cstring gname +- } ++ }executeonly + {pop} ifelse +- } forall ++ } executeonly forall + pop pop +- } ++ } executeonly + { + pop pop pop + } ifelse +- } ++ } executeonly + { + % scratch(string) RAGL(dict) AGL(dict) CharStrings(dict) cstring gname + pop pop + } ifelse +- } forall ++ } executeonly forall + 3 1 roll pop pop +- } if ++ } executeonly if + pop + dup /.AGLprocessed~GS //true .forceput +- } if ++ } executeonly if + + %% We need to excute the C .buildfont1 in a stopped context so that, if there + %% are errors we can put the stack back sanely and exit. Otherwise callers won't +-- +2.9.1 + |