From 667e777b4e4b7303b6f30a001fe2539b7207b65b Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Mon, 7 Nov 2016 22:56:53 -0500 Subject: gnu: mupdf: Fix CVE-2016-{7504,7505,7506,7563,7564,9017,9136} in bundled mujs. * gnu/packages/patches/mupdf-CVE-2016-7504.patch, gnu/packages/patches/mupdf-CVE-2016-7505.patch gnu/packages/patches/mupdf-CVE-2016-7506.patch gnu/packages/patches/mupdf-CVE-2016-7563.patch gnu/packages/patches/mupdf-CVE-2016-7564.patch gnu/packages/patches/mupdf-CVE-2016-9017.patch gnu/packages/patches/mupdf-CVE-2016-9136.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/pdf.scm (mupdf)[source]: Use them. --- gnu/packages/patches/mupdf-CVE-2016-7563.patch | 37 ++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 gnu/packages/patches/mupdf-CVE-2016-7563.patch (limited to 'gnu/packages/patches/mupdf-CVE-2016-7563.patch') diff --git a/gnu/packages/patches/mupdf-CVE-2016-7563.patch b/gnu/packages/patches/mupdf-CVE-2016-7563.patch new file mode 100644 index 0000000000..288c9ab2df --- /dev/null +++ b/gnu/packages/patches/mupdf-CVE-2016-7563.patch @@ -0,0 +1,37 @@ +Fix CVE-2016-7563: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7563 +http://bugs.ghostscript.com/show_bug.cgi?id=697136 + +Patch copied from upstream source repository: +http://git.ghostscript.com/?p=mujs.git;a=commitdiff;h=f8234d830e17fc5e8fe09eb76d86dad3f6233c59 + +From f8234d830e17fc5e8fe09eb76d86dad3f6233c59 Mon Sep 17 00:00:00 2001 +From: Tor Andersson +Date: Tue, 20 Sep 2016 17:11:32 +0200 +Subject: [PATCH] Fix bug 697136. + +We were unconditionally reading the next character if we encountered +a '*' in a multi-line comment; possibly reading past the end of +the input. +--- + jslex.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/jslex.c b/jslex.c +index 7b80800..cbd0eeb 100644 +--- a/thirdparty/mujs/jslex.c ++++ b/thirdparty/mujs/jslex.c +@@ -225,7 +225,8 @@ static int lexcomment(js_State *J) + if (jsY_accept(J, '/')) + return 0; + } +- jsY_next(J); ++ else ++ jsY_next(J); + } + return -1; + } +-- +2.10.2 + -- cgit v1.2.3