summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-3838-0001.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-extended/ghostscript/ghostscript/CVE-2019-3838-0001.patch')
-rw-r--r--meta/recipes-extended/ghostscript/ghostscript/CVE-2019-3838-0001.patch34
1 files changed, 34 insertions, 0 deletions
diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-3838-0001.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-3838-0001.patch
new file mode 100644
index 0000000000..593109fb9f
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-3838-0001.patch
@@ -0,0 +1,34 @@
+From 53f0cb4c54ac951697704cb87d24154ae08aecce Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Wed, 20 Feb 2019 09:54:28 +0000
+Subject: [PATCH] Bug 700576: Make a transient proc executeonly (in
+ DefineResource).
+
+This prevents access to .forceput
+
+Solution originally suggested by cbuissar@redhat.com.
+
+CVE: CVE-2019-3838
+Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git]
+
+Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
+---
+ Resource/Init/gs_res.ps | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Resource/Init/gs_res.ps b/Resource/Init/gs_res.ps
+index 89c0ed6..a163541 100644
+--- a/Resource/Init/gs_res.ps
++++ b/Resource/Init/gs_res.ps
+@@ -426,7 +426,7 @@ status {
+ % so we have to use .forceput here.
+ currentdict /.Instances 2 index .forceput % Category dict is read-only
+ } executeonly if
+- }
++ } executeonly
+ { .LocalInstances dup //.emptydict eq
+ { pop 3 dict localinstancedict Category 2 index put
+ }
+--
+2.18.1
+
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-06-10 18:15:01 +0000