diff --git a/ghostscript-9.25.tar.gz b/ghostscript-9.25.tar.gz new file mode 100644 index 0000000..ac5ea5d --- /dev/null +++ b/ghostscript-9.25.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:baafa64740b090bff50b220a6df3be95c46069b7e30f4b4effed28316e5b2389 +size 42017635 diff --git a/ghostscript-9.25rc1.tar.gz b/ghostscript-9.25rc1.tar.gz deleted file mode 100644 index 358d4ab..0000000 --- a/ghostscript-9.25rc1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:30955a417fac3d9faeb37ec6ef3f9309d0f6d3c2bce3ea1073fe547d5f755615 -size 42019310 diff --git a/ghostscript-mini.changes b/ghostscript-mini.changes index cf2e577..b48d3b7 100644 --- a/ghostscript-mini.changes +++ b/ghostscript-mini.changes @@ -1,3 +1,102 @@ +------------------------------------------------------------------- +Fri Sep 14 10:47:33 CEST 2018 - jsmeix@suse.de + +- Version upgrade to 9.25 + For the highlights in this release see the highlights in the + 9.25rc1 first release candidate for 9.25 entry below. + PLEASE NOTE: + We (i.e. Ghostscript upstream) strongly urge users to upgrade + to this latest release to avoid these issues. + For a release summary see: + http://www.ghostscript.com/doc/9.25/News.htm + For details see the News.htm and History9.htm files. + The Ghostscript 9.25 release should fix (see below) + in particular those security issues: + * CVE-2018-15909: shading_param incomplete type checking + https://bugs.ghostscript.com/show_bug.cgi?id=699660 + https://bugzilla.suse.com/show_bug.cgi?id=1106172 bsc#1106172 + * CVE-2018-15908: .tempfile file permission issues + https://bugs.ghostscript.com/show_bug.cgi?id=699657 + https://bugzilla.suse.com/show_bug.cgi?id=1106171 bsc#1106171 + * CVE-2018-15910: LockDistillerParams type confusion + https://bugs.ghostscript.com/show_bug.cgi?id=699656 + https://bugzilla.suse.com/show_bug.cgi?id=1106173 bsc#1106173 + * CVE-2018-15911: uninitialized memory access in the aesdecode + https://bugs.ghostscript.com/show_bug.cgi?id=699665 + https://bugzilla.suse.com/show_bug.cgi?id=1106195 bsc#1106195 + * CVE-2018-16513: setcolor missing type check + https://bugs.ghostscript.com/show_bug.cgi?id=699655 + https://bugzilla.suse.com/show_bug.cgi?id=1107412 bsc#1107412 + * CVE-2018-16509: /invalidaccess bypass after failed restore + https://bugs.ghostscript.com/show_bug.cgi?id=699654 + https://bugzilla.suse.com/show_bug.cgi?id=1107410 bsc#1107410 + * CVE-2018-16510: Incorrect exec stack handling in the "CS" + and "SC" PDF primitives + https://bugs.ghostscript.com/show_bug.cgi?id=699671 + https://bugzilla.suse.com/show_bug.cgi?id=1107411 bsc#1107411 + * CVE-2018-16542: .definemodifiedfont memory corruption + if /typecheck is handled + https://bugs.ghostscript.com/show_bug.cgi?id=699668 + https://bugzilla.suse.com/show_bug.cgi?id=1107413 bsc#1107413 + * CVE-2018-16541 incorrect free logic in pagedevice replacement + https://bugs.ghostscript.com/show_bug.cgi?id=699664 + https://bugzilla.suse.com/show_bug.cgi?id=1107421 bsc#1107421 + * CVE-2018-16540 use-after-free in copydevice handling + https://bugs.ghostscript.com/show_bug.cgi?id=699661 + https://bugzilla.suse.com/show_bug.cgi?id=1107420 bsc#1107420 + * CVE-2018-16539: incorrect access checking in temp file + handling to disclose contents of files + https://bugs.ghostscript.com/show_bug.cgi?id=699658 + https://bugzilla.suse.com/show_bug.cgi?id=1107422 bsc#1107422 + * CVE-2018-16543: gssetresolution and gsgetresolution allow + for unspecified impact + https://bugs.ghostscript.com/show_bug.cgi?id=699670 + https://bugzilla.suse.com/show_bug.cgi?id=1107423 bsc#1107423 + * CVE-2018-16511: type confusion in "ztype" could be used by + remote attackers able to supply crafted PostScript to crash + the interpreter or possibly have unspecified other impact + https://bugs.ghostscript.com/show_bug.cgi?id=699659 + https://bugzilla.suse.com/show_bug.cgi?id=1107426 bsc#1107426 + * CVE-2018-16585 .setdistillerkeys PostScript command is + accepted even though it is not intended for use + https://bugzilla.suse.com/show_bug.cgi?id=1107581 bsc#1107581 + * CVE-2018-16802: Incorrect"restoration of privilege" checking + when running out of stack during exceptionhandling could be + used by attackers able to supply crafted PostScript to execute + code using the "pipe" instruction. This is due to an incomplete + fix for CVE-2018-16509 + https://bugs.ghostscript.com/show_bug.cgi?id=699714 + https://bugs.ghostscript.com/show_bug.cgi?id=699718 + https://bugzilla.suse.com/show_bug.cgi?id=1108027 bnc#1108027 + Regarding what the above "should fix" means: + PostScript is a general purpose Turing-complete programming + language (cf. https://en.wikipedia.org/wiki/PostScript) + that supports in particular file access on the system disk. + When Ghostscript processes PostScript it runs a PostScript + program as the user who runs Ghostscript. + When Ghostscript processes an arbitrary PostScript file, + the user who runs Ghostscript runs an arbitrary program + which can do anything on the system where Ghostscript runs + that this user is allowed to do on that system. + To make it safer when Ghostscript runs a PostScript program + the Ghostscript command line option '-dSAFER' disables + certain file access functionality, for details see + /usr/share/doc/ghostscript/9.25/Use.htm + Its name 'SAFER' says everything: It makes it 'safer' + to let Ghostscript run a PostScript program, + but it does not make it completely safe. + In theory software is safe against misuse (i.e. has no bugs). + In practice there is an endless sequence of various kind of + security issues (i.e. software can be misused to do more than + what is intended) that get fixed issue by issue ad infinitum. + In the end all that means: + In practice the user who runs Ghostscript must not let it + process arbitrary PostScript files from untrusted origin. + In particular Ghostscript is usually run when printing + documents (with the '-dSAFER' option set), see the part about + "It is crucial to limit access to CUPS to trusted users" in + https://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings + ------------------------------------------------------------------- Thu Sep 13 14:14:39 CEST 2018 - jsmeix@suse.de diff --git a/ghostscript-mini.spec b/ghostscript-mini.spec index 8f0ec42..8fd34df 100644 --- a/ghostscript-mini.spec +++ b/ghostscript-mini.spec @@ -37,20 +37,20 @@ Url: http://www.ghostscript.com/ # But only with the alphabetic prefix "9.pre15rc1" would be older than the previous version number "9.14" # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers # so that we keep additionally the previous version number to upgrade from the previous version: -Version: 9.24pre25rc1 -Release: 0 +#Version: 9.24pre25rc1 # Normal version for Ghostscript releases is the upstream version: -#Version: 9.24 +Version: 9.25 +Release: 0 # tarball_version is used below to specify the directory via "setup -n": # Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1". # For Ghostscript releases tarball_version and version are the same (i.e. the upstream version): -#define tarball_version %{version} -%define tarball_version 9.25rc1 +%define tarball_version %{version} +#define tarball_version 9.25rc1 # built_version is used below in the install and files sections: # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15". # For Ghostscript releases built_version and version are the same (i.e. the upstream version): -#define built_version %{version} -%define built_version 9.25 +%define built_version %{version} +#define built_version 9.25 # Source0...Source9 is for sources from upstream: # Special URLs for Ghostscript release candidates: # see https://github.com/ArtifexSoftware/ghostpdl-downloads/releases @@ -59,14 +59,14 @@ Release: 0 # URL for MD5 checksums: # wget -O gs925rc1.MD5SUMS https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs925rc1/MD5SUMS # MD5 checksum for Source0: 2dc56f05c4e479b9a2cbb8221f669c8f ghostscript-9.25rc1.tar.gz -Source0: ghostscript-%{tarball_version}.tar.gz +#Source0: ghostscript-%{tarball_version}.tar.gz # Normal URLs for Ghostscript releases: # URL for Source0: -# wget -O ghostscript-9.24.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs924/ghostscript-9.24.tar.gz +# wget -O ghostscript-9.25.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs925/ghostscript-9.25.tar.gz # URL for MD5 checksums: -# wget -O gs924.MD5SUMS https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs924/MD5SUMS -# MD5 checksum for Source0: c5c3fa8eb737a6540814314a9d9e4995 ghostscript-9.24.tar.gz -#Source0: ghostscript-%{version}.tar.gz +# wget -O gs925.MD5SUMS https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs925/MD5SUMS +# MD5 checksum for Source0: eebd0fadbfa8e800094422ce65e94d5d ghostscript-9.25.tar.gz +Source0: ghostscript-%{version}.tar.gz # Patch0...Patch9 is for patches from upstream: # Source10...Source99 is for sources from SUSE which are intended for upstream: # Patch10...Patch99 is for patches from SUSE which are intended for upstream: diff --git a/ghostscript.changes b/ghostscript.changes index 4ea7938..0297db0 100644 --- a/ghostscript.changes +++ b/ghostscript.changes @@ -1,3 +1,102 @@ +------------------------------------------------------------------- +Fri Sep 14 10:47:33 CEST 2018 - jsmeix@suse.de + +- Version upgrade to 9.25 + For the highlights in this release see the highlights in the + 9.25rc1 first release candidate for 9.25 entry below. + PLEASE NOTE: + We (i.e. Ghostscript upstream) strongly urge users to upgrade + to this latest release to avoid these issues. + For a release summary see: + http://www.ghostscript.com/doc/9.25/News.htm + For details see the News.htm and History9.htm files. + The Ghostscript 9.25 release should fix (see below) + in particular those security issues: + * CVE-2018-15909: shading_param incomplete type checking + https://bugs.ghostscript.com/show_bug.cgi?id=699660 + https://bugzilla.suse.com/show_bug.cgi?id=1106172 bsc#1106172 + * CVE-2018-15908: .tempfile file permission issues + https://bugs.ghostscript.com/show_bug.cgi?id=699657 + https://bugzilla.suse.com/show_bug.cgi?id=1106171 bsc#1106171 + * CVE-2018-15910: LockDistillerParams type confusion + https://bugs.ghostscript.com/show_bug.cgi?id=699656 + https://bugzilla.suse.com/show_bug.cgi?id=1106173 bsc#1106173 + * CVE-2018-15911: uninitialized memory access in the aesdecode + https://bugs.ghostscript.com/show_bug.cgi?id=699665 + https://bugzilla.suse.com/show_bug.cgi?id=1106195 bsc#1106195 + * CVE-2018-16513: setcolor missing type check + https://bugs.ghostscript.com/show_bug.cgi?id=699655 + https://bugzilla.suse.com/show_bug.cgi?id=1107412 bsc#1107412 + * CVE-2018-16509: /invalidaccess bypass after failed restore + https://bugs.ghostscript.com/show_bug.cgi?id=699654 + https://bugzilla.suse.com/show_bug.cgi?id=1107410 bsc#1107410 + * CVE-2018-16510: Incorrect exec stack handling in the "CS" + and "SC" PDF primitives + https://bugs.ghostscript.com/show_bug.cgi?id=699671 + https://bugzilla.suse.com/show_bug.cgi?id=1107411 bsc#1107411 + * CVE-2018-16542: .definemodifiedfont memory corruption + if /typecheck is handled + https://bugs.ghostscript.com/show_bug.cgi?id=699668 + https://bugzilla.suse.com/show_bug.cgi?id=1107413 bsc#1107413 + * CVE-2018-16541 incorrect free logic in pagedevice replacement + https://bugs.ghostscript.com/show_bug.cgi?id=699664 + https://bugzilla.suse.com/show_bug.cgi?id=1107421 bsc#1107421 + * CVE-2018-16540 use-after-free in copydevice handling + https://bugs.ghostscript.com/show_bug.cgi?id=699661 + https://bugzilla.suse.com/show_bug.cgi?id=1107420 bsc#1107420 + * CVE-2018-16539: incorrect access checking in temp file + handling to disclose contents of files + https://bugs.ghostscript.com/show_bug.cgi?id=699658 + https://bugzilla.suse.com/show_bug.cgi?id=1107422 bsc#1107422 + * CVE-2018-16543: gssetresolution and gsgetresolution allow + for unspecified impact + https://bugs.ghostscript.com/show_bug.cgi?id=699670 + https://bugzilla.suse.com/show_bug.cgi?id=1107423 bsc#1107423 + * CVE-2018-16511: type confusion in "ztype" could be used by + remote attackers able to supply crafted PostScript to crash + the interpreter or possibly have unspecified other impact + https://bugs.ghostscript.com/show_bug.cgi?id=699659 + https://bugzilla.suse.com/show_bug.cgi?id=1107426 bsc#1107426 + * CVE-2018-16585 .setdistillerkeys PostScript command is + accepted even though it is not intended for use + https://bugzilla.suse.com/show_bug.cgi?id=1107581 bsc#1107581 + * CVE-2018-16802: Incorrect"restoration of privilege" checking + when running out of stack during exceptionhandling could be + used by attackers able to supply crafted PostScript to execute + code using the "pipe" instruction. This is due to an incomplete + fix for CVE-2018-16509 + https://bugs.ghostscript.com/show_bug.cgi?id=699714 + https://bugs.ghostscript.com/show_bug.cgi?id=699718 + https://bugzilla.suse.com/show_bug.cgi?id=1108027 bnc#1108027 + Regarding what the above "should fix" means: + PostScript is a general purpose Turing-complete programming + language (cf. https://en.wikipedia.org/wiki/PostScript) + that supports in particular file access on the system disk. + When Ghostscript processes PostScript it runs a PostScript + program as the user who runs Ghostscript. + When Ghostscript processes an arbitrary PostScript file, + the user who runs Ghostscript runs an arbitrary program + which can do anything on the system where Ghostscript runs + that this user is allowed to do on that system. + To make it safer when Ghostscript runs a PostScript program + the Ghostscript command line option '-dSAFER' disables + certain file access functionality, for details see + /usr/share/doc/ghostscript/9.25/Use.htm + Its name 'SAFER' says everything: It makes it 'safer' + to let Ghostscript run a PostScript program, + but it does not make it completely safe. + In theory software is safe against misuse (i.e. has no bugs). + In practice there is an endless sequence of various kind of + security issues (i.e. software can be misused to do more than + what is intended) that get fixed issue by issue ad infinitum. + In the end all that means: + In practice the user who runs Ghostscript must not let it + process arbitrary PostScript files from untrusted origin. + In particular Ghostscript is usually run when printing + documents (with the '-dSAFER' option set), see the part about + "It is crucial to limit access to CUPS to trusted users" in + https://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings + ------------------------------------------------------------------- Thu Sep 13 14:14:39 CEST 2018 - jsmeix@suse.de diff --git a/ghostscript.spec b/ghostscript.spec index 457843b..0efeb44 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -57,20 +57,20 @@ Url: http://www.ghostscript.com/ # But only with the alphabetic prefix "9.pre15rc1" would be older than the previous version number "9.14" # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers # so that we keep additionally the previous version number to upgrade from the previous version: -Version: 9.24pre25rc1 -Release: 0 +#Version: 9.24pre25rc1 # Normal version for Ghostscript releases is the upstream version: -#Version: 9.24 +Version: 9.25 +Release: 0 # tarball_version is used below to specify the directory via "setup -n": # Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1". # For Ghostscript releases tarball_version and version are the same (i.e. the upstream version): -#define tarball_version %{version} -%define tarball_version 9.25rc1 +%define tarball_version %{version} +#define tarball_version 9.25rc1 # built_version is used below in the install and files sections: # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15". # For Ghostscript releases built_version and version are the same (i.e. the upstream version): -#define built_version %{version} -%define built_version 9.25 +%define built_version %{version} +#define built_version 9.25 # Source0...Source9 is for sources from upstream: # Special URLs for Ghostscript release candidates: # see https://github.com/ArtifexSoftware/ghostpdl-downloads/releases @@ -79,14 +79,14 @@ Release: 0 # URL for MD5 checksums: # wget -O gs925rc1.MD5SUMS https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs925rc1/MD5SUMS # MD5 checksum for Source0: 2dc56f05c4e479b9a2cbb8221f669c8f ghostscript-9.25rc1.tar.gz -Source0: ghostscript-%{tarball_version}.tar.gz +#Source0: ghostscript-%{tarball_version}.tar.gz # Normal URLs for Ghostscript releases: # URL for Source0: -# wget -O ghostscript-9.24.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs924/ghostscript-9.24.tar.gz +# wget -O ghostscript-9.25.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs925/ghostscript-9.25.tar.gz # URL for MD5 checksums: -# wget -O gs924.MD5SUMS https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs924/MD5SUMS -# MD5 checksum for Source0: c5c3fa8eb737a6540814314a9d9e4995 ghostscript-9.24.tar.gz -#Source0: ghostscript-%{version}.tar.gz +# wget -O gs925.MD5SUMS https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs925/MD5SUMS +# MD5 checksum for Source0: eebd0fadbfa8e800094422ce65e94d5d ghostscript-9.25.tar.gz +Source0: ghostscript-%{version}.tar.gz # Patch0...Patch9 is for patches from upstream: # Source10...Source99 is for sources from SUSE which are intended for upstream: # Patch10...Patch99 is for patches from SUSE which are intended for upstream: