diff options
Diffstat (limited to 'gnu/packages')
-rw-r--r-- | gnu/packages/ghostscript.scm | 57 | ||||
-rw-r--r-- | gnu/packages/patches/ghostscript-CVE-2018-10194.patch | 52 | ||||
-rw-r--r-- | gnu/packages/patches/ghostscript-runpath.patch | 18 |
3 files changed, 13 insertions, 114 deletions
diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm index 3808d81524..b46451d94e 100644 --- a/gnu/packages/ghostscript.scm +++ b/gnu/packages/ghostscript.scm @@ -135,8 +135,7 @@ printing, and psresize, for adjusting page sizes.") (define-public ghostscript (package (name "ghostscript") - (replacement ghostscript/fixed) - (version "9.23") + (version "9.24") (source (origin (method url-fetch) @@ -146,9 +145,9 @@ printing, and psresize, for adjusting page sizes.") "/ghostscript-" version ".tar.xz")) (sha256 (base32 - "1ng8d9fm5lza7k1f7ybc791275c07z5hcmpkrl2i226nshkxrkhz")) - (patches (search-patches "ghostscript-runpath.patch" - "ghostscript-CVE-2018-10194.patch" + "1mk922rnml93w2g42yxiyn8xqanc50cm65irrgh0b6lp4kgifjfl")) + (patches (search-patches "ghostscript-CVE-2018-16509.patch" + "ghostscript-bug-699708.patch" "ghostscript-no-header-creationdate.patch" "ghostscript-no-header-id.patch" "ghostscript-no-header-uuid.patch")) @@ -167,7 +166,9 @@ printing, and psresize, for adjusting page sizes.") (arguments `(#:disallowed-references ("doc") #:configure-flags - (list "--with-system-libtiff" + (list (string-append "LDFLAGS=-Wl,-rpath=" + (assoc-ref %outputs "out") "/lib") + "--with-system-libtiff" "LIBS=-lz" (string-append "ZLIBDIR=" (assoc-ref %build-inputs "zlib") "/include") @@ -185,6 +186,12 @@ printing, and psresize, for adjusting page sizes.") '())) #:phases (modify-phases %standard-phases + (add-before 'configure 'create-output-directory + (lambda* (#:key outputs #:allow-other-keys) + ;; The configure script refuses to function if the directory + ;; specified as -rpath does not already exist. + (mkdir-p (string-append (assoc-ref outputs "out") "/lib")) + #t)) (add-after 'configure 'remove-doc-reference (lambda _ ;; Don't retain a reference to the 'doc' output in 'gs'. @@ -255,44 +262,6 @@ output file formats and printers.") (home-page "https://www.ghostscript.com/") (license license:agpl3+))) -(define-public ghostscript/fixed - (hidden-package - (package - (inherit ghostscript) - (version "9.24") - (source - (origin - (inherit (package-source ghostscript)) - (uri (string-append "https://github.com/ArtifexSoftware/" - "ghostpdl-downloads/releases/download/gs" - (string-delete #\. version) - "/ghostscript-" version ".tar.xz")) - (sha256 - (base32 - "1mk922rnml93w2g42yxiyn8xqanc50cm65irrgh0b6lp4kgifjfl")) - (patches (search-patches "ghostscript-CVE-2018-16509.patch" - "ghostscript-bug-699708.patch" - "ghostscript-no-header-creationdate.patch" - "ghostscript-no-header-id.patch" - "ghostscript-no-header-uuid.patch")))) - (arguments - (substitute-keyword-arguments (package-arguments ghostscript) - ((#:configure-flags flags) - ;; Notice that we removed the 'ghostscript-runpath' patch above. - ;; The reason is that it conflicts with an upstream change that - ;; takes LDFLAGS into account. - `(cons (string-append "LDFLAGS=-Wl,-rpath=" - (assoc-ref %outputs "out") "/lib") - ,flags)) - ((#:phases phases) - `(modify-phases ,phases - (add-before 'configure 'create-output-directory - (lambda* (#:key outputs #:allow-other-keys) - ;; Unfortunately the configure script refuses to function if - ;; the directory specified as -rpath does not already exist. - (mkdir-p (string-append (assoc-ref outputs "out") "/lib")) - #t))))))))) - (define-public ghostscript/x (package/inherit ghostscript (name (string-append (package-name ghostscript) "-with-x")) diff --git a/gnu/packages/patches/ghostscript-CVE-2018-10194.patch b/gnu/packages/patches/ghostscript-CVE-2018-10194.patch deleted file mode 100644 index 242e57c27c..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2018-10194.patch +++ /dev/null @@ -1,52 +0,0 @@ -Fix CVE-2018-10194: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10194 -https://bugs.ghostscript.com/show_bug.cgi?id=699255 - -Patch copied from upstream source repository: - -https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879 - -From 39b1e54b2968620723bf32e96764c88797714879 Mon Sep 17 00:00:00 2001 -From: Ken Sharp <ken.sharp@artifex.com> -Date: Wed, 18 Apr 2018 15:46:32 +0100 -Subject: [PATCH] pdfwrite - Guard against trying to output an infinite number - -Bug #699255 " Buffer overflow on pprintg1 due to mishandle postscript file data to pdf" - -The file uses an enormous parameter to xyxhow, causing an overflow in -the calculation of text positioning (value > 1e39). - -Since this is basically a nonsense value, and PostScript only supports -real values up to 1e38, this patch follows the same approach as for -a degenerate CTM, and treats it as 0. - -Adobe Acrobat Distiller throws a limitcheck error, so we could do that -instead if this approach proves to be a problem. ---- - devices/vector/gdevpdts.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/devices/vector/gdevpdts.c b/devices/vector/gdevpdts.c -index 848ad781f..172fe6bc3 100644 ---- a/devices/vector/gdevpdts.c -+++ b/devices/vector/gdevpdts.c -@@ -103,9 +103,14 @@ append_text_move(pdf_text_state_t *pts, double dw) - static int - set_text_distance(gs_point *pdist, double dx, double dy, const gs_matrix *pmat) - { -- int code = gs_distance_transform_inverse(dx, dy, pmat, pdist); -+ int code; - double rounded; - -+ if (dx > 1e38 || dy > 1e38) -+ code = gs_error_undefinedresult; -+ else -+ code = gs_distance_transform_inverse(dx, dy, pmat, pdist); -+ - if (code == gs_error_undefinedresult) { - /* The CTM is degenerate. - Can't know the distance in user space. --- -2.18.0 - diff --git a/gnu/packages/patches/ghostscript-runpath.patch b/gnu/packages/patches/ghostscript-runpath.patch deleted file mode 100644 index 9f161e45b3..0000000000 --- a/gnu/packages/patches/ghostscript-runpath.patch +++ /dev/null @@ -1,18 +0,0 @@ -diff --git a/base/unix-dll.mak b/base/unix-dll.mak -index 9d57a99..36ef1ff 100644 ---- a/base/unix-dll.mak -+++ b/base/unix-dll.mak -@@ -171,11 +171,11 @@ gpdl-so-links-subtarget: $(GPDL_SO) $(UNIX_DLL_MAK) $(MAKEDIRS) - # Build the small Ghostscript loaders, with Gtk+ and without - $(GSSOC_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS) - $(GLCC) -g -o $(GSSOC_XE) $(PSSRC)dxmainc.c \ -- -L$(BINDIR) -l$(GS_SO_BASE) -+ -L$(BINDIR) -l$(GS_SO_BASE) -Wl,-rpath=$(libdir) - - $(GSSOX_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS) - $(GLCC) -g $(SOC_CFLAGS) -o $(GSSOX_XE) $(PSSRC)$(SOC_LOADER) \ -- -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS) -+ -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS) -Wl,-rpath=$(libdir) - - $(PCLSOC_XE): gpcl6-so-links-subtarget $(PLSRC)$(REALMAIN_SRC).c $(UNIX_DLL_MAK) $(MAKEDIRS) - $(GLCC) -g -o $(PCLSOC_XE) $(PLSRC)$(REALMAIN_SRC).c -L$(BINDIR) -l$(PCL_SO_BASE) |