diff options
| author | Marius Bakke <mbakke@fastmail.com> | 2018-09-08 12:46:22 +0200 |
|---|---|---|
| committer | Marius Bakke <mbakke@fastmail.com> | 2018-09-09 16:43:11 +0200 |
| commit | 0084744b3af0a6f8e125120143f57567902339a8 (patch) | |
| tree | ae69c6b141ef17db618776342ea2e89317f5a63e /gnu/packages/patches/ghostscript-CVE-2018-10194.patch | |
| parent | 910a20e2b8ac6d1c331ff79535831cce6222b3a3 (diff) | |
| download | guix-0084744b3af0a6f8e125120143f57567902339a8.tar guix-0084744b3af0a6f8e125120143f57567902339a8.tar.gz | |
gnu: ghostscript: Update replacement to 9.24 [security fixes].
The following CVEs are fixed with this release: CVE-2018-15908,
CVE-2018-15909, CVE-2018-15910, CVE-2018-15911, CVE-2018-16509,
CVE-2018-16510, CVE-2018-16511, CVE-2018-16513, CVE-2018-16539,
CVE-2018-16540, CVE-2018-16541, CVE-2018-16542, CVE-2018-16543.
* gnu/packages/patches/ghostscript-CVE-2018-10194.patch: Delete file.
* gnu/packages/patches/ghostscript-CVE-2018-16509.patch,
gnu/packages/patches/ghostscript-bug-699708.patch: New files.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/ghostscript.scm (ghostscript/fixed): Update to 9.24.
[source](patches): Remove 'ghostscript-CVE-2018-10194.patch' and
'ghostscript-runpath.patch'. Add 'ghostscript-CVE-2018-16509.patch' and
'ghostscript-bug-699708.patch'.
[arguments]: Add LDFLAGS to #:configure-flags, and a phase to create output
directory.
Diffstat (limited to 'gnu/packages/patches/ghostscript-CVE-2018-10194.patch')
| -rw-r--r-- | gnu/packages/patches/ghostscript-CVE-2018-10194.patch | 52 |
1 files changed, 0 insertions, 52 deletions
diff --git a/gnu/packages/patches/ghostscript-CVE-2018-10194.patch b/gnu/packages/patches/ghostscript-CVE-2018-10194.patch deleted file mode 100644 index 242e57c27c..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2018-10194.patch +++ /dev/null @@ -1,52 +0,0 @@ -Fix CVE-2018-10194: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10194 -https://bugs.ghostscript.com/show_bug.cgi?id=699255 - -Patch copied from upstream source repository: - -https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879 - -From 39b1e54b2968620723bf32e96764c88797714879 Mon Sep 17 00:00:00 2001 -From: Ken Sharp <ken.sharp@artifex.com> -Date: Wed, 18 Apr 2018 15:46:32 +0100 -Subject: [PATCH] pdfwrite - Guard against trying to output an infinite number - -Bug #699255 " Buffer overflow on pprintg1 due to mishandle postscript file data to pdf" - -The file uses an enormous parameter to xyxhow, causing an overflow in -the calculation of text positioning (value > 1e39). - -Since this is basically a nonsense value, and PostScript only supports -real values up to 1e38, this patch follows the same approach as for -a degenerate CTM, and treats it as 0. - -Adobe Acrobat Distiller throws a limitcheck error, so we could do that -instead if this approach proves to be a problem. ---- - devices/vector/gdevpdts.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/devices/vector/gdevpdts.c b/devices/vector/gdevpdts.c -index 848ad781f..172fe6bc3 100644 ---- a/devices/vector/gdevpdts.c -+++ b/devices/vector/gdevpdts.c -@@ -103,9 +103,14 @@ append_text_move(pdf_text_state_t *pts, double dw) - static int - set_text_distance(gs_point *pdist, double dx, double dy, const gs_matrix *pmat) - { -- int code = gs_distance_transform_inverse(dx, dy, pmat, pdist); -+ int code; - double rounded; - -+ if (dx > 1e38 || dy > 1e38) -+ code = gs_error_undefinedresult; -+ else -+ code = gs_distance_transform_inverse(dx, dy, pmat, pdist); -+ - if (code == gs_error_undefinedresult) { - /* The CTM is degenerate. - Can't know the distance in user space. --- -2.18.0 - |