diff --git a/ghostscript-2.26-subclassing-devices-fix-put_image-method.patch b/ghostscript-2.26-subclassing-devices-fix-put_image-method.patch new file mode 100644 index 0000000..0568b4a --- /dev/null +++ b/ghostscript-2.26-subclassing-devices-fix-put_image-method.patch @@ -0,0 +1,34 @@ +From fae21f1668d2b44b18b84cf0923a1d5f3008a696 Mon Sep 17 00:00:00 2001 +From: Ken Sharp +Date: Tue, 4 Dec 2018 21:31:31 +0000 +Subject: [PATCH] subclassing devices - fix put_image method + +The subclassing devices need to change the 'memory device' parameter to +be the child device, when its the same as the subclassing device. + +Otherwise we end up trying to access the child device's memory pointers +in the subclassing device, which may not contain valid copies of +those pointers. +--- + base/gdevsclass.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/base/gdevsclass.c b/base/gdevsclass.c +index d9c85d2..5109258 100644 +--- a/base/gdevsclass.c ++++ b/base/gdevsclass.c +@@ -797,7 +797,10 @@ int default_subclass_put_image(gx_device *dev, gx_device *mdev, const byte **buf + int alpha_plane_index, int tag_plane_index) + { + if (dev->child) +- return dev_proc(dev->child, put_image)(dev->child, mdev, buffers, num_chan, x, y, width, height, row_stride, alpha_plane_index, tag_plane_index); ++ if (dev == mdev) ++ return dev_proc(dev->child, put_image)(dev->child, dev->child, buffers, num_chan, x, y, width, height, row_stride, alpha_plane_index, tag_plane_index); ++ else ++ return dev_proc(dev->child, put_image)(dev->child, mdev, buffers, num_chan, x, y, width, height, row_stride, alpha_plane_index, tag_plane_index); + + return 0; + } +-- +2.9.1 + diff --git a/ghostscript-9.26.tar.gz b/ghostscript-9.26.tar.gz deleted file mode 100644 index 2b11523..0000000 --- a/ghostscript-9.26.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:831fc019bd477f7cc2d481dc5395ebfa4a593a95eb2fe1eb231a97e450d7540d -size 42084660 diff --git a/ghostscript-9.26a.tar.gz b/ghostscript-9.26a.tar.gz new file mode 100644 index 0000000..913924f --- /dev/null +++ b/ghostscript-9.26a.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:79482d5b8350a542ed830ce724b7317f878bcddbdbc163471e2a74848462eb3b +size 42087219 diff --git a/ghostscript-mini.changes b/ghostscript-mini.changes index 072c057..86988e3 100644 --- a/ghostscript-mini.changes +++ b/ghostscript-mini.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Wed Jan 23 16:52:00 CET 2019 - jsmeix@suse.de + +- Version upgrade to 9.26a + The version 9.26a is a special security bugfix version to fix + * CVE-2019-6116: subroutines within pseudo-operators + must themselves be pseudo-operators + https://bugs.ghostscript.com/show_bug.cgi?id=700317 + https://bugzilla.suse.com/show_bug.cgi?id=1122319 bsc#1122319 + +------------------------------------------------------------------- +Thu Jan 10 17:09:16 UTC 2019 - jweberhofer@weberhofer.at + +- ghostscript-2.26-subclassing-devices-fix-put_image-method.patch + fixes Ghostscript issue #700315 and bsc#1121490 + https://bugs.ghostscript.com/show_bug.cgi?id=700315 + Segfault in GS 9.26 with certain PDFs with -dLastPage=1 + ------------------------------------------------------------------- Fri Nov 30 09:01:17 CET 2018 - jsmeix@suse.de diff --git a/ghostscript-mini.spec b/ghostscript-mini.spec index f9b560d..c11dfcc 100644 --- a/ghostscript-mini.spec +++ b/ghostscript-mini.spec @@ -1,7 +1,7 @@ # # spec file for package ghostscript-mini # -# Copyright (c) 2018 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -38,9 +38,13 @@ Url: http://www.ghostscript.com/ # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers # so that we keep additionally the previous version number to upgrade from the previous version: #Version: 9.25pre26rc1 -# Normal version for Ghostscript releases is the upstream version: -Version: 9.26 +# The upstream version 9.26a is a special Ghostscript upstream security bugfix tar ball +# where upstream provides a complete and consistent state of the whole Ghostscript code +# that includes in particular the complete patchset that is really non-trivial +# to fix the Ghostscript upstream bug 700317 CVE-2019-6116: +Version: 9.26a Release: 0 +# Normal version for Ghostscript releases is the upstream version: # tarball_version is used below to specify the directory via "setup -n": # Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1". # For Ghostscript releases tarball_version and version are the same (i.e. the upstream version): @@ -49,8 +53,8 @@ Release: 0 # built_version is used below in the install and files sections: # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15". # For Ghostscript releases built_version and version are the same (i.e. the upstream version): -%define built_version %{version} -#define built_version 9.26 +#define built_version %{version} +%define built_version 9.26 # Source0...Source9 is for sources from upstream: # Special URLs for Ghostscript release candidates: # see https://github.com/ArtifexSoftware/ghostpdl-downloads/releases @@ -68,6 +72,7 @@ Release: 0 # MD5 checksum for Source0: 806bc2dedbc7f69b003f536658e08d4a ghostscript-9.26.tar.gz Source0: ghostscript-%{version}.tar.gz # Patch0...Patch9 is for patches from upstream: +Patch0: ghostscript-2.26-subclassing-devices-fix-put_image-method.patch # Source10...Source99 is for sources from SUSE which are intended for upstream: # Patch10...Patch99 is for patches from SUSE which are intended for upstream: # Source100...Source999 is for sources from SUSE which are not intended for upstream: @@ -133,6 +138,7 @@ This package contains the development files for Minimal Ghostscript. # Be quiet when unpacking and # use a directory name matching Source0 to make it work also for ghostscript-mini: %setup -q -n ghostscript-%{tarball_version} +%patch0 -p1 # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball. # Again use the zlib sources from Ghostscript upstream diff --git a/ghostscript.changes b/ghostscript.changes index c9a4692..cb4d1c2 100644 --- a/ghostscript.changes +++ b/ghostscript.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Wed Jan 23 16:52:00 CET 2019 - jsmeix@suse.de + +- Version upgrade to 9.26a + The version 9.26a is a special security bugfix version to fix + * CVE-2019-6116: subroutines within pseudo-operators + must themselves be pseudo-operators + https://bugs.ghostscript.com/show_bug.cgi?id=700317 + https://bugzilla.suse.com/show_bug.cgi?id=1122319 bsc#1122319 + +------------------------------------------------------------------- +Thu Jan 10 17:09:16 UTC 2019 - jweberhofer@weberhofer.at + +- ghostscript-2.26-subclassing-devices-fix-put_image-method.patch + fixes Ghostscript issue #700315 and bsc#1121490 + https://bugs.ghostscript.com/show_bug.cgi?id=700315 + Segfault in GS 9.26 with certain PDFs with -dLastPage=1 + ------------------------------------------------------------------- Fri Nov 30 09:01:17 CET 2018 - jsmeix@suse.de diff --git a/ghostscript.spec b/ghostscript.spec index 0a0c3d7..c66b670 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -1,7 +1,7 @@ # # spec file for package ghostscript # -# Copyright (c) 2018 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -58,9 +58,13 @@ Url: http://www.ghostscript.com/ # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers # so that we keep additionally the previous version number to upgrade from the previous version: #Version: 9.25pre26rc1 -# Normal version for Ghostscript releases is the upstream version: -Version: 9.26 +# The upstream version 9.26a is a special Ghostscript upstream security bugfix tar ball +# where upstream provides a complete and consistent state of the whole Ghostscript code +# that includes in particular the complete patchset that is really non-trivial +# to fix the Ghostscript upstream bug 700317 CVE-2019-6116: +Version: 9.26a Release: 0 +# Normal version for Ghostscript releases is the upstream version: # tarball_version is used below to specify the directory via "setup -n": # Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1". # For Ghostscript releases tarball_version and version are the same (i.e. the upstream version): @@ -69,8 +73,8 @@ Release: 0 # built_version is used below in the install and files sections: # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15". # For Ghostscript releases built_version and version are the same (i.e. the upstream version): -%define built_version %{version} -#define built_version 9.26 +#define built_version %{version} +%define built_version 9.26 # Source0...Source9 is for sources from upstream: # Special URLs for Ghostscript release candidates: # see https://github.com/ArtifexSoftware/ghostpdl-downloads/releases @@ -88,6 +92,7 @@ Release: 0 # MD5 checksum for Source0: 806bc2dedbc7f69b003f536658e08d4a ghostscript-9.26.tar.gz Source0: ghostscript-%{version}.tar.gz # Patch0...Patch9 is for patches from upstream: +Patch0: ghostscript-2.26-subclassing-devices-fix-put_image-method.patch # Source10...Source99 is for sources from SUSE which are intended for upstream: # Patch10...Patch99 is for patches from SUSE which are intended for upstream: # Source100...Source999 is for sources from SUSE which are not intended for upstream: @@ -269,6 +274,7 @@ This package contains the development files for Ghostscript. # Be quiet when unpacking and # use a directory name matching Source0 to make it work also for ghostscript-mini: %setup -q -n ghostscript-%{tarball_version} +%patch0 -p1 # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball. # Again use the zlib sources from Ghostscript upstream