pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/print/ghostscript-gpl Add patch for CVE-2017-6196
details: https://anonhg.NetBSD.org/pkgsrc/rev/a5041d3b2dbc
branches: trunk
changeset: 360137:a5041d3b2dbc
user: tez <tez%pkgsrc.org@localhost>
date: Thu Mar 23 20:38:24 2017 +0000
description:
Add patch for CVE-2017-6196
diffstat:
print/ghostscript-gpl/Makefile | 4 +-
print/ghostscript-gpl/distinfo | 3 +-
print/ghostscript-gpl/patches/patch-CVE-2017-6196 | 41 +++++++++++++++++++++++
3 files changed, 45 insertions(+), 3 deletions(-)
diffs (76 lines):
diff -r d7209ce4226a -r a5041d3b2dbc print/ghostscript-gpl/Makefile
--- a/print/ghostscript-gpl/Makefile Thu Mar 23 19:33:34 2017 +0000
+++ b/print/ghostscript-gpl/Makefile Thu Mar 23 20:38:24 2017 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.22 2016/07/09 06:38:50 wiz Exp $
+# $NetBSD: Makefile,v 1.23 2017/03/23 20:38:24 tez Exp $
DISTNAME= ghostscript-${GS_VERSION}
PKGNAME= ${DISTNAME:S/ghostscript/ghostscript-gpl/}
-PKGREVISION= 9
+PKGREVISION= 10
CATEGORIES= print
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=ghostscript/}
MASTER_SITES+= http://ghostscript.com/releases/
diff -r d7209ce4226a -r a5041d3b2dbc print/ghostscript-gpl/distinfo
--- a/print/ghostscript-gpl/distinfo Thu Mar 23 19:33:34 2017 +0000
+++ b/print/ghostscript-gpl/distinfo Thu Mar 23 20:38:24 2017 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.13 2015/11/04 01:01:33 agc Exp $
+$NetBSD: distinfo,v 1.14 2017/03/23 20:38:24 tez Exp $
SHA1 (ghostscript-9.06.tar.bz2) = 4c1c2b4cddd16d86b21f36ad4fc15f6100162238
RMD160 (ghostscript-9.06.tar.bz2) = 11ef74cf783ec5f7cde0ceaaf2823a1f62fb4d1d
@@ -10,6 +10,7 @@
SHA1 (patch-CVE-2014-8157) = 18822069b9791fc3553e812878cfca483d881cd4
SHA1 (patch-CVE-2014-8158) = 71387f152a205caaef0fcc518dbb0fbb7b78e531
SHA1 (patch-CVE-2014-9029) = 9636c7d6909fc0dec7ad2102b59fb14d599bac6a
+SHA1 (patch-CVE-2017-6196) = 311d9236dd5abcd48ae0f412bf481e105b6207dc
SHA1 (patch-af) = 79af4d253001f879f1b5d3ef93584ae7300361de
SHA1 (patch-ah) = 73a05ee51845ca70e1b18c50dee98d6799a46d52
SHA1 (patch-ai) = 3962a3acac1d4537dbbe3fc3b205aba87387d485
diff -r d7209ce4226a -r a5041d3b2dbc print/ghostscript-gpl/patches/patch-CVE-2017-6196
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/print/ghostscript-gpl/patches/patch-CVE-2017-6196 Thu Mar 23 20:38:24 2017 +0000
@@ -0,0 +1,41 @@
+$NetBSD: patch-CVE-2017-6196,v 1.1 2017/03/23 20:38:24 tez Exp $
+
+Patch for CVE-2017-6196 adapted from:
+
+http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=ecceafe3abba2714ef9b432035fe0739d9b1a283
+
+
+--- base/gxipixel.c
++++ base/gxipixel.c
+@@ -257,7 +257,6 @@ gx_image_enum_begin(gx_device * dev, con
+ if ((code = gs_matrix_invert_to_double(&pim->ImageMatrix, &mat)) < 0 ||
+ (code = gs_matrix_multiply_double(&mat, pmat, &mat)) < 0
+ ) {
+- gs_free_object(mem, penum, "gx_default_begin_image");
+ return code;
+ }
+ }
+@@ -487,7 +486,6 @@ gx_image_enum_begin(gx_device * dev, con
+ }
+ if (masked) { /* This is imagemask. */
+ if (bps != 1 || pcs != NULL || penum->alpha || decode[0] == decode[1]) {
+- gs_free_object(mem, penum, "gx_default_begin_image");
+ return_error(gs_error_rangecheck);
+ }
+ /* Initialize color entries 0 and 255. */
+@@ -507,7 +505,6 @@ gx_image_enum_begin(gx_device * dev, con
+
+ spp = cs_num_components(pcs);
+ if (spp < 0) { /* Pattern not allowed */
+- gs_free_object(mem, penum, "gx_default_begin_image");
+ return_error(gs_error_rangecheck);
+ }
+ if (penum->alpha)
+@@ -613,7 +610,6 @@ gx_image_enum_begin(gx_device * dev, con
+ bsize = ((bps > 8 ? width * 2 : width) + 15) * spp;
+ buffer = gs_alloc_bytes(mem, bsize, "image buffer");
+ if (buffer == 0) {
+- gs_free_object(mem, penum, "gx_default_begin_image");
+ return_error(gs_error_VMerror);
+ }
+ penum->bps = bps;
Home |
Main Index |
Thread Index |
Old Index