diff options
author | Trevor Gamblin <trevor.gamblin@windriver.com> | 2019-12-06 15:49:54 -0500 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-12-09 11:56:41 +0000 |
commit | 8c626421840da9441be03587a57e9cf1ebd3d6f0 (patch) | |
tree | 8134ed500a1ed39dad70e067138beab53b0db1b0 /meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch | |
parent | 8311e8b399fda66deee980dfd36068fafed2a2aa (diff) | |
download | openembedded-core-contrib-8c626421840da9441be03587a57e9cf1ebd3d6f0.tar.gz |
ghostscript: upgrade 9.27 -> 9.50
Version 9.50 incorporates previously-backported fixes for
CVE-2019-14811 and CVE-2019-14817.
CVE: CVE-2019-14811
CVE: CVE-2019-14817
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch')
-rw-r--r-- | meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch | 69 |
1 files changed, 0 insertions, 69 deletions
diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch deleted file mode 100644 index d4ef0996ec..0000000000 --- a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 885444fcbe10dc42787ecb76686c8ee4dd33bf33 Mon Sep 17 00:00:00 2001 -From: Ken Sharp <ken.sharp@artifex.com> -Date: Tue, 20 Aug 2019 10:10:28 +0100 -Subject: [PATCH] make .forceput inaccessible - -Bug #701343, #701344, #701345 - -More defensive programming. We don't want people to access .forecput -even though it is no longer sufficient to bypass SAFER. The exploit -in #701343 didn't work anyway because of earlier work to stop the error -handler being used, but nevertheless, prevent access to .forceput from -.setuserparams2. - -CVE: CVE-2019-14811 -CVE: CVE-2019-14813 -Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git] - -Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com> ---- - Resource/Init/gs_lev2.ps | 6 +++--- - Resource/Init/gs_pdfwr.ps | 4 ++-- - 2 files changed, 5 insertions(+), 5 deletions(-) - -diff --git a/Resource/Init/gs_lev2.ps b/Resource/Init/gs_lev2.ps -index 98d55fe..f1b771f 100644 ---- a/Resource/Init/gs_lev2.ps -+++ b/Resource/Init/gs_lev2.ps -@@ -158,7 +158,7 @@ end - { - pop pop - } ifelse -- } forall -+ } executeonly forall - % A context switch might have occurred during the above loop, - % causing the interpreter-level parameters to be reset. - % Set them again to the new values. From here on, we are safe, -@@ -229,9 +229,9 @@ end - { pop pop - } - ifelse -- } -+ } executeonly - forall pop --} .bind odef -+} .bind executeonly odef - - % Initialize the passwords. - % NOTE: the names StartJobPassword and SystemParamsPassword are known to -diff --git a/Resource/Init/gs_pdfwr.ps b/Resource/Init/gs_pdfwr.ps -index 00c19fa..dfe504d 100644 ---- a/Resource/Init/gs_pdfwr.ps -+++ b/Resource/Init/gs_pdfwr.ps -@@ -652,11 +652,11 @@ currentdict /.pdfmarkparams .undef - systemdict /.pdf_hooked_DSC_Creator //true .forceput - } executeonly if - pop -- } if -+ } executeonly if - } { - pop - } ifelse -- } -+ } executeonly - { - pop - } ifelse --- -2.20.1 - |