From 15c8faebef2c88c967f931d06655e31ff63bb20d2614b1fa3a302c6402678ad3 Mon Sep 17 00:00:00 2001 From: Johannes Meixner Date: Fri, 25 Sep 2015 10:17:54 +0000 Subject: [PATCH] Accepting request 333702 from home:jsmeix:branches:Printing Ghostscript version upgrade to 9.18rc1 (first release candidate for 9.18) OBS-URL: https://build.opensuse.org/request/show/333702 OBS-URL: https://build.opensuse.org/package/show/Printing/ghostscript?expand=0&rev=55 --- CVE-2015-3228.patch | 11 ----- assign_pointer_not_value_in_gximono.c.patch | 38 +++++++++++++++++ ghostscript-9.16.tar.gz | 3 -- ghostscript-9.18rc1.tar.gz | 3 ++ ghostscript-mini.changes | 18 ++++++++ ghostscript-mini.spec | 46 ++++++++++----------- ghostscript.changes | 18 ++++++++ ghostscript.spec | 46 ++++++++++----------- 8 files changed, 123 insertions(+), 60 deletions(-) delete mode 100644 CVE-2015-3228.patch create mode 100644 assign_pointer_not_value_in_gximono.c.patch delete mode 100644 ghostscript-9.16.tar.gz create mode 100644 ghostscript-9.18rc1.tar.gz diff --git a/CVE-2015-3228.patch b/CVE-2015-3228.patch deleted file mode 100644 index b139345..0000000 --- a/CVE-2015-3228.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- base/gsmalloc.c -+++ base/gsmalloc.c -@@ -178,7 +178,7 @@ gs_heap_alloc_bytes(gs_memory_t * mem, uint size, client_name_t cname) - } else { - uint added = size + sizeof(gs_malloc_block_t); - -- if (mmem->limit - added < mmem->used) -+ if (added <= size || mmem->limit - added < mmem->used) - set_msg("exceeded limit"); - else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0) - set_msg("failed"); diff --git a/assign_pointer_not_value_in_gximono.c.patch b/assign_pointer_not_value_in_gximono.c.patch new file mode 100644 index 0000000..0ed065a --- /dev/null +++ b/assign_pointer_not_value_in_gximono.c.patch @@ -0,0 +1,38 @@ +--- base/gximono.c.orig 2015-09-23 16:04:26.000000000 +0200 ++++ base/gximono.c 2015-09-24 11:56:42.000000000 +0200 +@@ -1065,7 +1065,7 @@ image_render_mono_ht(gx_image_enum * pen + dda_next(dda_ht); + xn = fixed2int_var_rounded(dda_current(dda_ht)); + while (xr < xn) { +- dev_value = color_cache[*psrc * spp_out]; ++ dev_value = &(color_cache[*psrc * spp_out]); + for (j = 0; j < spp_out; j++) { + *(devc_contone[j])++ = dev_value[j]; + } +@@ -1097,7 +1097,7 @@ image_render_mono_ht(gx_image_enum * pen + dda_next(dda_ht); + xn = fixed2int_var_rounded(dda_current(dda_ht)); + while (xr > xn) { +- dev_value = color_cache[*psrc * spp_out]; ++ dev_value = &(color_cache[*psrc * spp_out]); + for (j = 0; j < spp_out; j++) { + *(devc_contone[j])-- = dev_value[j]; + } +@@ -1135,7 +1135,7 @@ image_render_mono_ht(gx_image_enum * pen + dda_next(dda_ht); + xn = fixed2int_var_rounded(dda_current(dda_ht)); + while (xr > xn) { +- dev_value = color_cache[*psrc * spp_out]; ++ dev_value = &(color_cache[*psrc * spp_out]); + for (j = 0; j < spp_out; j++) { + *(devc_contone[j] + position) = dev_value[j]; + position -= LAND_BITS; +@@ -1172,7 +1172,7 @@ image_render_mono_ht(gx_image_enum * pen + dda_next(dda_ht); + xn = fixed2int_var_rounded(dda_current(dda_ht)); + while (xr < xn) { +- dev_value = color_cache[*psrc * spp_out]; ++ dev_value = &(color_cache[*psrc * spp_out]); + for (j = 0; j < spp_out; j++) { + *(devc_contone[j] + position) = dev_value[j]; + devc_contone[j] += LAND_BITS; diff --git a/ghostscript-9.16.tar.gz b/ghostscript-9.16.tar.gz deleted file mode 100644 index 78cea87..0000000 --- a/ghostscript-9.16.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:746d77280cca8afdd3d4c2c1389e332ed9b0605bd107bcaae1d761b061d1a68d -size 33623036 diff --git a/ghostscript-9.18rc1.tar.gz b/ghostscript-9.18rc1.tar.gz new file mode 100644 index 0000000..8214441 --- /dev/null +++ b/ghostscript-9.18rc1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:cf3c63835c7836ab25b137941e04c6e8d9392057db09a76bb4d01df0adc8ee74 +size 33721556 diff --git a/ghostscript-mini.changes b/ghostscript-mini.changes index 9d70610..a2f3386 100644 --- a/ghostscript-mini.changes +++ b/ghostscript-mini.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Thu Sep 24 10:29:04 CEST 2015 - jsmeix@suse.de + +- Version upgrade to 9.18rc1 (first release candidate for 9.18). + For details see the News.htm and History9.htm files. + Regarding installing packages (in particular release candidates) + from the openSUSE build service development project "Printing" + see https://build.opensuse.org/project/show/Printing +- CVE-2015-3228.patch is no longer needed because it is fixed + in the upstream sources. +- assign_pointer_not_value_in_gximono.c.patch attempts to fix a + "assignment makes pointer from integer without a cast" compiler + warning by assigning the pointer and not the integer value. +- Removed --disable-compile-inits from configure, see + http://bugs.ghostscript.com/show_bug.cgi?id=696223 + and "Precompiled run-time data" in + /usr/share/ghostscript/9.18/doc/Make.htm + ------------------------------------------------------------------- Wed Jul 29 15:20:46 CEST 2015 - jsmeix@suse.de diff --git a/ghostscript-mini.spec b/ghostscript-mini.spec index f928b01..ecaedbb 100644 --- a/ghostscript-mini.spec +++ b/ghostscript-mini.spec @@ -35,32 +35,33 @@ Url: http://www.ghostscript.com/ # But only with the alphabetic prefix "9.pre15rc1" would be older than the previous version number "9.14" # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers # so that we keep additionally the previous version number to upgrade from the previous version: -#Version: 9.15pre16rc2 -# Normal version for Ghostscript releases is the upstream version: -Version: 9.16 +Version: 9.16pre18rc1 Release: 0 +# Normal version for Ghostscript releases is the upstream version: +#Version: 9.16 # tarball_version is used below to specify the directory via "setup -n": # Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1". # For Ghostscript releases tarball_version and version are the same (i.e. the upstream version): -%define tarball_version %{version} -#define tarball_version 9.16rc2 +#define tarball_version %{version} +%define tarball_version 9.18rc1 # built_version is used below in the install and files sections: # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15". # For Ghostscript releases built_version and version are the same (i.e. the upstream version): -%define built_version %{version} -#define built_version 9.16 +#define built_version %{version} +%define built_version 9.18 # Source0...Source9 is for sources from upstream: # Special URLs for Ghostscript release candidates: -# URL for Source0: http://downloads.ghostscript.com/public/.release_candidate/ghostscript-9.16rc2.tar.gz -# URL for MD5 checksums: http://www.ghostscript.com/~chrisl/MD5SUMS or http://www.ghostscript.com/~chrisl/MD5SUM -# or http://downloads.ghostscript.com/public/.release_candidate/MD5SUMS -# MD5 checksum for Source0: 17983ee93d97596ffa72fd32be2426a4 -#Source0: http://downloads.ghostscript.com/public/.release_candidate/ghostscript-9.16rc2.tar.gz +# URL for Source0: http://downloads.ghostscript.com/public/.release_candidate/ghostscript-9.18rc1.tar.gz +# URL for MD5 checksums: http://www.ghostscript.com/~chrisl/MD5SUMS +# or http://www.ghostscript.com/~chrisl/MD5SUM +# or http://downloads.ghostscript.com/public/.release_candidate/MD5SUMS +# MD5 checksum for Source0: fed5d3b6bd20265c25373310ce37b21f +Source0: http://downloads.ghostscript.com/public/.release_candidate/ghostscript-9.18rc1.tar.gz # Normal URLs for Ghostscript releases: # URL for Source0: http://downloads.ghostscript.com/public/ghostscript-9.16.tar.gz # URL for MD5 checksums: http://downloads.ghostscript.com/public/MD5SUMS # MD5 checksum for Source0: 829319325bbdb83f5c81379a8f86f38f -Source0: http://downloads.ghostscript.com/public/ghostscript-%{version}.tar.gz +#Source0: http://downloads.ghostscript.com/public/ghostscript-%{version}.tar.gz # Patch0...Patch9 is for patches from upstream: # # Source10...Source99 is for sources from SUSE which are intended for upstream: @@ -72,13 +73,14 @@ Source0: http://downloads.ghostscript.com/public/ghostscript-%{version}.t # but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed # see http://bugs.ghostscript.com/show_bug.cgi?id=695544 Patch11: ppc64le-support.patch +# Patch12 assign_pointer_not_value_in_gximono.c.patch attempts to fix +# a "assignment makes pointer from integer without a cast" compiler warning +# by assigning the pointer and not the integer value: +Patch12: assign_pointer_not_value_in_gximono.c.patch # # Source100...Source999 is for sources from SUSE which are not intended for upstream: # # Patch100...Patch999 is for patches from SUSE which are not intended for upstream: -# Patch101 CVE-2015-3228.patch fixes out of bound read/write cause by integer overflow -# in gsmalloc.c (see https://bugzilla.opensuse.org/show_bug.cgi?id=939342): -Patch101: CVE-2015-3228.patch # Conflicts: ghostscript Conflicts: ghostscript-x11 @@ -153,13 +155,14 @@ This package contains the development files for Minimal Ghostscript. # but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed # see http://bugs.ghostscript.com/show_bug.cgi?id=695544 %patch11 -p1 -b ppc64le-support.orig -# Patch101 CVE-2015-3228.patch fixes out of bound read/write cause by integer overflow -# in gsmalloc.c (see https://bugzilla.opensuse.org/show_bug.cgi?id=939342): -%patch101 -b .CVE-2015-3228.orig +# Patch12 assign_pointer_not_value_in_gximono.c.patch attempts to fix +# a "assignment makes pointer from integer without a cast" compiler warning +# by assigning the pointer and not the integer value: +%patch12 -b assign_pointer_not_value_in_gximono.c.orig %build # Set our preferred architecture-specific flags for the compiler and linker: -export CFLAGS="$RPM_OPT_FLAGS" +export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" export CXXFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" autoreconf -fi # --docdir=%%{_defaultdocdir}/%%{name} does not work therefore it is not used. @@ -202,7 +205,6 @@ export SUSE_ASNEEDED=0 --with-drivers=FILES \ --without-x \ --disable-gtk \ - --disable-compile-inits \ --without-omni \ --without-ufst \ --without-luratech \ @@ -356,9 +358,7 @@ exit 0 %dir %{_datadir}/ghostscript/%{built_version} %doc %{_datadir}/ghostscript/%{built_version}/doc/ %{_datadir}/ghostscript/%{built_version}/examples/ -%{_datadir}/ghostscript/%{built_version}/iccprofiles/ %{_datadir}/ghostscript/%{built_version}/lib/ -%{_datadir}/ghostscript/%{built_version}/Resource/ %{_libdir}/libgs.so.* %{_libdir}/ghostscript/ %{_libdir}/libijs-0.35.so diff --git a/ghostscript.changes b/ghostscript.changes index 1317a7a..1f85653 100644 --- a/ghostscript.changes +++ b/ghostscript.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Thu Sep 24 10:29:04 CEST 2015 - jsmeix@suse.de + +- Version upgrade to 9.18rc1 (first release candidate for 9.18). + For details see the News.htm and History9.htm files. + Regarding installing packages (in particular release candidates) + from the openSUSE build service development project "Printing" + see https://build.opensuse.org/project/show/Printing +- CVE-2015-3228.patch is no longer needed because it is fixed + in the upstream sources. +- assign_pointer_not_value_in_gximono.c.patch attempts to fix a + "assignment makes pointer from integer without a cast" compiler + warning by assigning the pointer and not the integer value. +- Removed --disable-compile-inits from configure, see + http://bugs.ghostscript.com/show_bug.cgi?id=696223 + and "Precompiled run-time data" in + /usr/share/ghostscript/9.18/doc/Make.htm + ------------------------------------------------------------------- Wed Jul 29 15:20:46 CEST 2015 - jsmeix@suse.de diff --git a/ghostscript.spec b/ghostscript.spec index 5c9be58..97cd415 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -55,32 +55,33 @@ Url: http://www.ghostscript.com/ # But only with the alphabetic prefix "9.pre15rc1" would be older than the previous version number "9.14" # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers # so that we keep additionally the previous version number to upgrade from the previous version: -#Version: 9.15pre16rc2 -# Normal version for Ghostscript releases is the upstream version: -Version: 9.16 +Version: 9.16pre18rc1 Release: 0 +# Normal version for Ghostscript releases is the upstream version: +#Version: 9.16 # tarball_version is used below to specify the directory via "setup -n": # Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1". # For Ghostscript releases tarball_version and version are the same (i.e. the upstream version): -%define tarball_version %{version} -#define tarball_version 9.16rc2 +#define tarball_version %{version} +%define tarball_version 9.18rc1 # built_version is used below in the install and files sections: # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15". # For Ghostscript releases built_version and version are the same (i.e. the upstream version): -%define built_version %{version} -#define built_version 9.16 +#define built_version %{version} +%define built_version 9.18 # Source0...Source9 is for sources from upstream: # Special URLs for Ghostscript release candidates: -# URL for Source0: http://downloads.ghostscript.com/public/.release_candidate/ghostscript-9.16rc2.tar.gz -# URL for MD5 checksums: http://www.ghostscript.com/~chrisl/MD5SUMS or http://www.ghostscript.com/~chrisl/MD5SUM -# or http://downloads.ghostscript.com/public/.release_candidate/MD5SUMS -# MD5 checksum for Source0: 17983ee93d97596ffa72fd32be2426a4 -#Source0: http://downloads.ghostscript.com/public/.release_candidate/ghostscript-9.16rc2.tar.gz +# URL for Source0: http://downloads.ghostscript.com/public/.release_candidate/ghostscript-9.18rc1.tar.gz +# URL for MD5 checksums: http://www.ghostscript.com/~chrisl/MD5SUMS +# or http://www.ghostscript.com/~chrisl/MD5SUM +# or http://downloads.ghostscript.com/public/.release_candidate/MD5SUMS +# MD5 checksum for Source0: fed5d3b6bd20265c25373310ce37b21f +Source0: http://downloads.ghostscript.com/public/.release_candidate/ghostscript-9.18rc1.tar.gz # Normal URLs for Ghostscript releases: # URL for Source0: http://downloads.ghostscript.com/public/ghostscript-9.16.tar.gz # URL for MD5 checksums: http://downloads.ghostscript.com/public/MD5SUMS # MD5 checksum for Source0: 829319325bbdb83f5c81379a8f86f38f -Source0: http://downloads.ghostscript.com/public/ghostscript-%{version}.tar.gz +#Source0: http://downloads.ghostscript.com/public/ghostscript-%{version}.tar.gz # Patch0...Patch9 is for patches from upstream: # # Source10...Source99 is for sources from SUSE which are intended for upstream: @@ -92,13 +93,14 @@ Source0: http://downloads.ghostscript.com/public/ghostscript-%{version}.t # but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed # see http://bugs.ghostscript.com/show_bug.cgi?id=695544 Patch11: ppc64le-support.patch +# Patch12 assign_pointer_not_value_in_gximono.c.patch attempts to fix +# a "assignment makes pointer from integer without a cast" compiler warning +# by assigning the pointer and not the integer value: +Patch12: assign_pointer_not_value_in_gximono.c.patch # # Source100...Source999 is for sources from SUSE which are not intended for upstream: # # Patch100...Patch999 is for patches from SUSE which are not intended for upstream: -# Patch101 CVE-2015-3228.patch fixes out of bound read/write cause by integer overflow -# in gsmalloc.c (see https://bugzilla.opensuse.org/show_bug.cgi?id=939342): -Patch101: CVE-2015-3228.patch # # RPM dependencies: # Additional RPM Provides of the ghostscript-library packages in openSUSE 11.4 from @@ -290,13 +292,14 @@ This package contains the development files for Ghostscript. # but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed # see http://bugs.ghostscript.com/show_bug.cgi?id=695544 %patch11 -p1 -b ppc64le-support.orig -# Patch101 CVE-2015-3228.patch fixes out of bound read/write cause by integer overflow -# in gsmalloc.c (see https://bugzilla.opensuse.org/show_bug.cgi?id=939342): -%patch101 -b .CVE-2015-3228.orig +# Patch12 assign_pointer_not_value_in_gximono.c.patch attempts to fix +# a "assignment makes pointer from integer without a cast" compiler warning +# by assigning the pointer and not the integer value: +%patch12 -b assign_pointer_not_value_in_gximono.c.orig %build # Set our preferred architecture-specific flags for the compiler and linker: -export CFLAGS="$RPM_OPT_FLAGS" +export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" export CXXFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" autoreconf -fi # --docdir=%%{_defaultdocdir}/%%{name} does not work therefore it is not used. @@ -339,7 +342,6 @@ export SUSE_ASNEEDED=0 --with-drivers=ALL \ --with-x \ --disable-gtk \ - --disable-compile-inits \ --without-omni \ --without-ufst \ --without-luratech \ @@ -493,9 +495,7 @@ exit 0 %dir %{_datadir}/ghostscript/%{built_version} %doc %{_datadir}/ghostscript/%{built_version}/doc/ %{_datadir}/ghostscript/%{built_version}/examples/ -%{_datadir}/ghostscript/%{built_version}/iccprofiles/ %{_datadir}/ghostscript/%{built_version}/lib/ -%{_datadir}/ghostscript/%{built_version}/Resource/ %{_libdir}/libgs.so.* %{_libdir}/ghostscript/ %{_libdir}/libijs-0.35.so