diff options
author | Hongxu Jia <hongxu.jia@windriver.com> | 2018-11-05 16:03:35 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-11-06 11:54:30 +0000 |
commit | 6c32ea184941d292cd8f0eb898e6cc90120ada40 (patch) | |
tree | 65cb0c1bdfba62ecbbab1a93d1d8509a90278c50 /meta/recipes-extended/ghostscript/ghostscript_9.25.bb | |
parent | bd8d2c25f595e30a3fdcad8a2409913bb8af7c5c (diff) | |
download | openembedded-core-contrib-6c32ea184941d292cd8f0eb898e6cc90120ada40.tar.gz |
ghostscript: fix CVE-2018-17961
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a
sandbox protection mechanism via vectors involving errorhandler
setup. NOTE: this issue exists because of an incomplete fix for
CVE-2018-17183.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/ghostscript/ghostscript_9.25.bb')
-rw-r--r-- | meta/recipes-extended/ghostscript/ghostscript_9.25.bb | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.25.bb b/meta/recipes-extended/ghostscript/ghostscript_9.25.bb index 35eaaeb2fa..55251a55d4 100644 --- a/meta/recipes-extended/ghostscript/ghostscript_9.25.bb +++ b/meta/recipes-extended/ghostscript/ghostscript_9.25.bb @@ -25,6 +25,11 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d file://do-not-check-local-libpng-source.patch \ file://avoid-host-contamination.patch \ file://mkdir-p.patch \ + file://0001-Bug-699795-add-operand-checking-to-.setnativefontmap.patch \ + file://0002-Bug-699816-Improve-hiding-of-security-critical-custo.patch \ + file://0003-Bug-699832-add-control-over-hiding-error-handlers.patch \ + file://0004-For-hidden-operators-pass-a-name-object-to-error-han.patch \ + file://0005-Bug-699938-.loadfontloop-must-be-an-operator.patch \ " SRC_URI = "${SRC_URI_BASE} \ |