ghostscript: fix CVE-2018-17961

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a
sandbox protection mechanism via vectors involving errorhandler
setup. NOTE: this issue exists because of an incomplete fix for
CVE-2018-17183.

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

1 files changed, 5 insertions, 0 deletions

diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.25.bb b/meta/recipes-extended/ghostscript/ghostscript_9.25.bb
index 35eaaeb2fa..55251a55d4 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_9.25.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_9.25.bb
@@ -25,6 +25,11 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d
                 file://do-not-check-local-libpng-source.patch \
                 file://avoid-host-contamination.patch \
                 file://mkdir-p.patch \
+                file://0001-Bug-699795-add-operand-checking-to-.setnativefontmap.patch \
+                file://0002-Bug-699816-Improve-hiding-of-security-critical-custo.patch \
+                file://0003-Bug-699832-add-control-over-hiding-error-handlers.patch \
+                file://0004-For-hidden-operators-pass-a-name-object-to-error-han.patch \
+                file://0005-Bug-699938-.loadfontloop-must-be-an-operator.patch \
 "
 
 SRC_URI = "${SRC_URI_BASE} \