From ec293cdc8d92c371d9b6d88243ef97bf584da72c7ec6425c3c8a1514f06c8eb4 Mon Sep 17 00:00:00 2001
From: Johannes Meixner <jsmeix@suse.com>
Date: Fri, 15 Sep 2017 08:07:56 +0000
Subject: [PATCH 1/2] Accepting request 526288 from
 home:jsmeix:branches:Printing

Ghostscript version upgrade to 9.22rc1 (first release candidate for 9.22)

OBS-URL: https://build.opensuse.org/request/show/526288
OBS-URL: https://build.opensuse.org/package/show/Printing/ghostscript?expand=0&rev=81
---
 CVE-2017-5951.patch        | 19 ----------
 CVE-2017-7207.patch        | 30 ----------------
 CVE-2017-8291.patch        | 59 ------------------------------
 CVE-2017-9216.patch        | 31 ----------------
 ghostscript-9.21.tar.gz    |  3 --
 ghostscript-9.22rc1.tar.gz |  3 ++
 ghostscript-mini.changes   | 19 ++++++++--
 ghostscript-mini.spec      | 73 ++++++++++---------------------------
 ghostscript.changes        | 19 ++++++++--
 ghostscript.spec           | 74 ++++++++++----------------------------
 10 files changed, 73 insertions(+), 257 deletions(-)
 delete mode 100644 CVE-2017-5951.patch
 delete mode 100644 CVE-2017-7207.patch
 delete mode 100644 CVE-2017-8291.patch
 delete mode 100644 CVE-2017-9216.patch
 delete mode 100644 ghostscript-9.21.tar.gz
 create mode 100644 ghostscript-9.22rc1.tar.gz

diff --git a/CVE-2017-5951.patch b/CVE-2017-5951.patch
deleted file mode 100644
index 6047b9e..0000000
--- a/CVE-2017-5951.patch
+++ /dev/null
@@ -1,19 +0,0 @@
---- psi/iparam.c.orig	2017-03-16 11:12:02.000000000 +0100
-+++ psi/iparam.c	2017-04-12 11:42:57.000000000 +0200
-@@ -770,12 +770,13 @@ ref_param_read_typed(gs_param_list * pli
-                 gs_param_enumerator_t enumr;
-                 gs_param_key_t key;
-                 ref_type keytype;
-+                dict_param_list *dlist = (dict_param_list *) pvalue->value.d.list;
- 
-                 param_init_enumerator(&enumr);
--                if (!(*((iparam_list *) plist)->enumerate)
--                    ((iparam_list *) pvalue->value.d.list, &enumr, &key, &keytype)
-+                if (!(*(dlist->enumerate))
-+                    ((iparam_list *) dlist, &enumr, &key, &keytype)
-                     && keytype == t_integer) {
--                    ((dict_param_list *) pvalue->value.d.list)->int_keys = 1;
-+                    dlist->int_keys = 1;
-                     pvalue->type = gs_param_type_dict_int_keys;
-                 }
-             }
diff --git a/CVE-2017-7207.patch b/CVE-2017-7207.patch
deleted file mode 100644
index c072653..0000000
--- a/CVE-2017-7207.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 309eca4e0a31ea70dcc844812691439312dad091 Mon Sep 17 00:00:00 2001
-From: Ken Sharp <ken.sharp@artifex.com>
-Date: Mon, 20 Mar 2017 09:34:11 +0000
-Subject: [PATCH] Ensure a device has raster memory, before trying to read it.
-
-Bug #697676 "Null pointer dereference in mem_get_bits_rectangle()"
-
-This is only possible by abusing/mis-using Ghostscript-specific
-language extensions, so cannot happen in a general PostScript program.
-
-Nevertheless, Ghostscript should not crash. So this commit checks the
-memory device to see if raster memory has been allocated, before trying
-to read from it.
----
- base/gdevmem.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-Index: ghostscript-9.15/base/gdevmem.c
-===================================================================
---- ghostscript-9.15.orig/base/gdevmem.c	2014-09-22 12:17:33.000000000 +0200
-+++ ghostscript-9.15/base/gdevmem.c	2017-04-28 10:55:17.479490151 +0200
-@@ -590,6 +590,8 @@ mem_get_bits_rectangle(gx_device * dev,
-             GB_PACKING_CHUNKY | GB_COLORS_NATIVE | GB_ALPHA_NONE;
-         return_error(gs_error_rangecheck);
-     }
-+    if (mdev->line_ptrs == 0x00)
-+        return_error(gs_error_rangecheck);
-     if ((w <= 0) | (h <= 0)) {
-         if ((w | h) < 0)
-             return_error(gs_error_rangecheck);
diff --git a/CVE-2017-8291.patch b/CVE-2017-8291.patch
deleted file mode 100644
index a51978c..0000000
--- a/CVE-2017-8291.patch
+++ /dev/null
@@ -1,59 +0,0 @@
---- ghostscript-9.21/psi/zmisc3.c.orig	2017-03-16 11:12:02.000000000 +0100
-+++ ghostscript-9.21/psi/zmisc3.c	2017-05-02 14:43:41.000000000 +0200
-@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p)
-     ref2_t stack[MAX_DEPTH + 1];
-     ref2_t *top = stack;
- 
-+    if (ref_stack_count(&o_stack) < 2)
-+        return_error(gs_error_stackunderflow);
-+    if (!r_is_array(op - 1) || !r_is_array(op)) {
-+        return_error(gs_error_typecheck);
-+    }
-+
-     make_array(&stack[0].proc1, 0, 1, op - 1);
-     make_array(&stack[0].proc2, 0, 1, op);
-     for (;;) {
---- ghostscript-9.21/psi/zfrsd.c.orig	2017-03-16 11:12:02.000000000 +0100
-+++ ghostscript-9.21/psi/zfrsd.c	2017-05-02 14:45:35.000000000 +0200
-@@ -49,13 +49,20 @@ zrsdparams(i_ctx_t *i_ctx_p)
-     ref *pFilter;
-     ref *pDecodeParms;
-     int Intent = 0;
--    bool AsyncRead;
-+    bool AsyncRead = false;
-     ref empty_array, filter1_array, parms1_array;
-     uint i;
--    int code;
-+    int code = 0;
-+
-+    if (ref_stack_count(&o_stack) < 1)
-+        return_error(gs_error_stackunderflow);
-+    if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) {
-+        return_error(gs_error_typecheck);
-+    }
- 
-     make_empty_array(&empty_array, a_readonly);
--    if (dict_find_string(op, "Filter", &pFilter) > 0) {
-+    if (r_has_type(op, t_dictionary)
-+        && dict_find_string(op, "Filter", &pFilter) > 0) {
-         if (!r_is_array(pFilter)) {
-             if (!r_has_type(pFilter, t_name))
-                 return_error(gs_error_typecheck);
-@@ -94,12 +101,13 @@ zrsdparams(i_ctx_t *i_ctx_p)
-                 return_error(gs_error_typecheck);
-         }
-     }
--    code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
-+    if (r_has_type(op, t_dictionary))
-+        code = dict_int_param(op, "Intent", 0, 3, 0, &Intent);
-     if (code < 0 && code != gs_error_rangecheck) /* out-of-range int is ok, use 0 */
-         return code;
--    if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0
--        )
--        return code;
-+    if (r_has_type(op, t_dictionary))
-+        if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0)
-+            return code;
-     push(1);
-     op[-1] = *pFilter;
-     if (pDecodeParms)
diff --git a/CVE-2017-9216.patch b/CVE-2017-9216.patch
deleted file mode 100644
index 1e4f2d4..0000000
--- a/CVE-2017-9216.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 3ebffb1d96ba0cacec23016eccb4047dab365853 Mon Sep 17 00:00:00 2001
-From: Shailesh Mistry <shailesh.mistry@hotmail.co.uk>
-Date: Wed, 24 May 2017 19:29:57 +0100
-Subject: [PATCH] Bug 697934: Fix SEGV due to error code being ignored.
-
-The return code from jbig2_decode_text_region was being ignored so the
-code continued to try and parse the invalid file using incomplete/empty
-structures.
----
- jbig2dec/jbig2_symbol_dict.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/jbig2dec/jbig2_symbol_dict.c b/jbig2dec/jbig2_symbol_dict.c
-index 3cc17316f..672425d98 100644
---- a/jbig2dec/jbig2_symbol_dict.c
-+++ b/jbig2dec/jbig2_symbol_dict.c
-@@ -493,8 +493,10 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx,
-                         }
- 
-                         /* multiple symbols are handled as a text region */
--                        jbig2_decode_text_region(ctx, segment, tparams, (const Jbig2SymbolDict * const *)refagg_dicts,
-+                        code = jbig2_decode_text_region(ctx, segment, tparams, (const Jbig2SymbolDict * const *)refagg_dicts,
-                                                  n_refagg_dicts, image, data, size, GR_stats, as, ws);
-+                        if (code < 0)
-+                            goto cleanup4;
- 
-                         SDNEWSYMS->glyphs[NSYMSDECODED] = image;
-                         refagg_dicts[0]->glyphs[params->SDNUMINSYMS + NSYMSDECODED] = jbig2_image_clone(ctx, SDNEWSYMS->glyphs[NSYMSDECODED]);
--- 
-2.12.3
-
diff --git a/ghostscript-9.21.tar.gz b/ghostscript-9.21.tar.gz
deleted file mode 100644
index 024b1b1..0000000
--- a/ghostscript-9.21.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:02bceadbc4dddeb6f2eec9c8b1623d945d355ca11b8b4df035332b217d58ce85
-size 38398778
diff --git a/ghostscript-9.22rc1.tar.gz b/ghostscript-9.22rc1.tar.gz
new file mode 100644
index 0000000..aa359ad
--- /dev/null
+++ b/ghostscript-9.22rc1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d307041c35141999f38a4da6a1e86b8bdf2ad237b2bf973c551851940ed5b09b
+size 38681545
diff --git a/ghostscript-mini.changes b/ghostscript-mini.changes
index 80afe06..38c1ba2 100644
--- a/ghostscript-mini.changes
+++ b/ghostscript-mini.changes
@@ -1,10 +1,25 @@
+-------------------------------------------------------------------
+Thu Sep 14 15:19:40 CEST 2017 - jsmeix@suse.de
+
+- Version upgrade to 9.22rc1 (first release candidate for 9.22).
+  For details see the News.htm and History9.htm files.
+  Regarding installing packages (in particular release candidates)
+  from the openSUSE build service development project "Printing"
+  see https://build.opensuse.org/project/show/Printing
+- Since Ghostscript 9.22rc1 font2c and wftopfa are removed.
+- CVE-2017-5951.patch CVE-2017-7207.patch
+  CVE-2017-8291.patch and CVE-2017-9216.patch
+  are fixed in the version 9.22rc1 upstream sources.
+
 -------------------------------------------------------------------
 Fri Jun  2 09:12:45 UTC 2017 - daniel.molkentin@suse.com
 
-- CVE-2017-7207.patch fixes a NULL pointer dereference in mem_get_bits_rectangle
+- CVE-2017-7207.patch fixes a NULL pointer dereference
+  in mem_get_bits_rectangle
   see https://bugs.ghostscript.com/show_bug.cgi?id=697676
   (bsc#1030263)
-- CVE-2017-9216.patch fixes a NULL pointer dereference in jbig2_huffman_get
+- CVE-2017-9216.patch fixes a NULL pointer dereference
+  in jbig2_huffman_get
   see https://bugs.ghostscript.com/show_bug.cgi?id=697934
   (bsc#1040643)
 
diff --git a/ghostscript-mini.spec b/ghostscript-mini.spec
index f6088cd..6f3f795 100644
--- a/ghostscript-mini.spec
+++ b/ghostscript-mini.spec
@@ -36,33 +36,33 @@ Url:            http://www.ghostscript.com/
 # But only with the alphabetic prefix "9.pre15rc1" would be older than the previous version number "9.14"
 # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers
 # so that we keep additionally the previous version number to upgrade from the previous version:
-#Version:        9.19pre20rc1
-# Normal version for Ghostscript releases is the upstream version:
-Version:        9.21
+Version:        9.21pre22rc1
 Release:        0
+# Normal version for Ghostscript releases is the upstream version:
+#Version:        9.21
 # tarball_version is used below to specify the directory via "setup -n":
 # Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1".
 # For Ghostscript releases tarball_version and version are the same (i.e. the upstream version):
-%define tarball_version %{version}
-#define tarball_version 9.20rc1
+#define tarball_version %{version}
+%define tarball_version 9.22rc1
 # built_version is used below in the install and files sections:
 # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15".
 # For Ghostscript releases built_version and version are the same (i.e. the upstream version):
-%define built_version %{version}
-#define built_version 9.20
+#define built_version %{version}
+%define built_version 9.22
 # Source0...Source9 is for sources from upstream:
 # Special URLs for Ghostscript release candidates:
-# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920rc1/ghostscript-9.20rc1.tar.gz
+# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922rc1/ghostscript-9.22rc1.tar.gz
 # How to download it:
-# wget -O ghostscript-9.20rc1.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920rc1/ghostscript-9.20rc1.tar.gz
-#Source0:        ghostscript-%{tarball_version}.tar.gz
+# wget -O ghostscript-9.22rc1.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922rc1/ghostscript-9.22rc1.tar.gz
+Source0:        ghostscript-%{tarball_version}.tar.gz
 # Normal URLs for Ghostscript releases:
 # URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/ghostscript-9.21.tar.gz
 # How to download it:
 # wget -O ghostscript-9.21.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/ghostscript-9.21.tar.gz
 # URL for MD5 checksums: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/MD5SUMS
 # MD5 checksum for Source0: 5f213281761d2750fcf27476c404d17f
-Source0:        ghostscript-%{version}.tar.gz
+#Source0:        ghostscript-%{version}.tar.gz
 # Patch0...Patch9 is for patches from upstream:
 # Source10...Source99 is for sources from SUSE which are intended for upstream:
 # Patch10...Patch99 is for patches from SUSE which are intended for upstream:
@@ -77,25 +77,6 @@ Patch11:        ppc64le-support.patch
 # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
 # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball:
 Patch100:       remove-zlib-h-dependency.patch
-# Patch101 CVE-2017-5951.patch fixes
-# null pointer dereference in ref_stack_index() that is
-# related to mem_get_bits_rectangle() in base/gdevmem.c
-# https://bugs.ghostscript.com/show_bug.cgi?id=697548
-# (bsc#1032114)
-Patch101:       CVE-2017-5951.patch
-# Patch102 CVE-2017-8291.patch fixes a type confusion in .rsdparams and .eqproc
-# see https://bugs.ghostscript.com/show_bug.cgi?id=697808
-# and https://bugs.ghostscript.com/show_bug.cgi?id=697799
-# and https://bugzilla.opensuse.org/show_bug.cgi?id=1036453
-Patch102:       CVE-2017-8291.patch
-# Patch103 fixes NULL pointer dereference in the jbig2_huffman_get function
-# see https://bugs.ghostscript.com/show_bug.cgi?id=697934
-# and https://bugzilla.suse.com/show_bug.cgi?id=1040643
-Patch103:       CVE-2017-9216.patch
-# Patch104 CVE-2017-7207.patch fixes a NULL pointer dereference in mem_get_bits_rectangle
-# see https://bugs.ghostscript.com/show_bug.cgi?id=697676
-# and https://bugzilla.suse.com/show_bug.cgi?id=1030263
-Patch104:       CVE-2017-7207.patch
 
 # RPM dependencies:
 Conflicts:      ghostscript
@@ -181,25 +162,7 @@ This package contains the development files for Minimal Ghostscript.
 # is specially modified to work with Ghostscript so that we cannot use lcms2 from SUSE:
 #rm -rf freetype jpeg libpng tiff zlib
 rm -rf freetype jpeg libpng tiff
-# Patch101 CVE-2017-5951.patch fixes
-# null pointer dereference in ref_stack_index() that is
-# related to mem_get_bits_rectangle() in base/gdevmem.c
-# https://bugs.ghostscript.com/show_bug.cgi?id=697548
-# (bsc#1032114)
-%patch101 -b .CVE-2017-5951.orig
-# Patch102 CVE-2017-8291.patch fixes a type confusion in .rsdparams and .eqproc
-# see https://bugs.ghostscript.com/show_bug.cgi?id=697808
-# and https://bugs.ghostscript.com/show_bug.cgi?id=697799
-# and https://bugzilla.opensuse.org/show_bug.cgi?id=1036453
-%patch102 -p1 -b .CVE-2017-8291.orig
-# Patch103 fixes NULL pointer dereference in the jbig2_huffman_get function
-# see https://bugs.ghostscript.com/show_bug.cgi?id=697934
-# and https://bugzilla.suse.com/show_bug.cgi?id=1040643
-%patch103 -p1 -b .CVE-2017-9216.orig
-# Patch104 CVE-2017-7207.patch fixes a NULL pointer dereference in mem_get_bits_rectangle
-# see https://bugs.ghostscript.com/show_bug.cgi?id=697676
-# and https://bugzilla.suse.com/show_bug.cgi?id=1030263
-%patch104 -p1 -b .CVE-2017-7207.orig
+
 %build
 # Derive build timestamp from latest changelog entry
 export SOURCE_DATE_EPOCH=$(date -d "$(head -n 2 %{_sourcedir}/%{name}.changes | tail -n 1 | cut -d- -f1 )" +%s)
@@ -280,6 +243,12 @@ popd
 rm %{buildroot}%{_bindir}/ijs_client_example
 rm %{buildroot}%{_bindir}/ijs_server_example
 rm %{buildroot}%{_libdir}/libijs.la
+# Since Ghostscript 9.22rc1 bin/font2c and bin/wftopfa are removed
+# but the matching man pages are still installed which are hereby also removed:
+rm %{buildroot}%{_mandir}/man1/font2c.1
+rm %{buildroot}%{_mandir}/man1/wftopfa.1
+rm %{buildroot}%{_mandir}/de/man1/font2c.1
+rm %{buildroot}%{_mandir}/de/man1/wftopfa.1
 # Install documentation which is not installed by default
 # see http://bugs.ghostscript.com/show_bug.cgi?id=693002
 # and fail intentionally as notification if something changed:
@@ -328,7 +297,6 @@ exit 0
 %defattr(-, root, root)
 %{_bindir}/dvipdf
 %{_bindir}/eps2eps
-%{_bindir}/font2c
 %{_bindir}/gs
 %{_bindir}/gsx
 %{_bindir}/gsc
@@ -355,10 +323,8 @@ exit 0
 %{_bindir}/ps2ps
 %{_bindir}/ps2ps2
 %{_bindir}/unix-lpr.sh
-%{_bindir}/wftopfa
 %doc %{_mandir}/man1/dvipdf.1.gz
 %doc %{_mandir}/man1/eps2eps.1.gz
-%doc %{_mandir}/man1/font2c.1.gz
 %doc %{_mandir}/man1/gs.1.gz
 %doc %{_mandir}/man1/gsbj.1.gz
 %doc %{_mandir}/man1/gsdj.1.gz
@@ -379,10 +345,8 @@ exit 0
 %doc %{_mandir}/man1/ps2pdf14.1.gz
 %doc %{_mandir}/man1/ps2pdfwr.1.gz
 %doc %{_mandir}/man1/ps2ps.1.gz
-%doc %{_mandir}/man1/wftopfa.1.gz
 %doc %{_mandir}/de/man1/dvipdf.1.gz
 %doc %{_mandir}/de/man1/eps2eps.1.gz
-%doc %{_mandir}/de/man1/font2c.1.gz
 %doc %{_mandir}/de/man1/gsnd.1.gz
 %doc %{_mandir}/de/man1/pdf2dsc.1.gz
 %doc %{_mandir}/de/man1/pdf2ps.1.gz
@@ -393,7 +357,6 @@ exit 0
 %doc %{_mandir}/de/man1/ps2pdf13.1.gz
 %doc %{_mandir}/de/man1/ps2pdf14.1.gz
 %doc %{_mandir}/de/man1/ps2ps.1.gz
-%doc %{_mandir}/de/man1/wftopfa.1.gz
 %doc %{_defaultdocdir}/ghostscript
 %dir %{_datadir}/ghostscript
 %dir %{_datadir}/ghostscript/%{built_version}
diff --git a/ghostscript.changes b/ghostscript.changes
index 80968b4..ba2eda0 100644
--- a/ghostscript.changes
+++ b/ghostscript.changes
@@ -1,10 +1,25 @@
+-------------------------------------------------------------------
+Thu Sep 14 15:19:40 CEST 2017 - jsmeix@suse.de
+
+- Version upgrade to 9.22rc1 (first release candidate for 9.22).
+  For details see the News.htm and History9.htm files.
+  Regarding installing packages (in particular release candidates)
+  from the openSUSE build service development project "Printing"
+  see https://build.opensuse.org/project/show/Printing
+- Since Ghostscript 9.22rc1 font2c and wftopfa are removed.
+- CVE-2017-5951.patch CVE-2017-7207.patch
+  CVE-2017-8291.patch and CVE-2017-9216.patch
+  are fixed in the version 9.22rc1 upstream sources.
+
 -------------------------------------------------------------------
 Fri Jun  2 09:12:45 UTC 2017 - daniel.molkentin@suse.com
 
-- CVE-2017-7207.patch fixes a NULL pointer dereference in mem_get_bits_rectangle
+- CVE-2017-7207.patch fixes a NULL pointer dereference
+  in mem_get_bits_rectangle
   see https://bugs.ghostscript.com/show_bug.cgi?id=697676
   (bsc#1030263)
-- CVE-2017-9216.patch fixes a NULL pointer dereference in jbig2_huffman_get
+- CVE-2017-9216.patch fixes a NULL pointer dereference
+  in jbig2_huffman_get
   see https://bugs.ghostscript.com/show_bug.cgi?id=697934
   (bsc#1040643)
 
diff --git a/ghostscript.spec b/ghostscript.spec
index ebd31e9..6b7eb9c 100644
--- a/ghostscript.spec
+++ b/ghostscript.spec
@@ -56,33 +56,33 @@ Url:            http://www.ghostscript.com/
 # But only with the alphabetic prefix "9.pre15rc1" would be older than the previous version number "9.14"
 # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers
 # so that we keep additionally the previous version number to upgrade from the previous version:
-#Version:        9.19pre20rc1
-# Normal version for Ghostscript releases is the upstream version:
-Version:        9.21
+Version:        9.21pre22rc1
 Release:        0
+# Normal version for Ghostscript releases is the upstream version:
+#Version:        9.21
 # tarball_version is used below to specify the directory via "setup -n":
 # Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1".
 # For Ghostscript releases tarball_version and version are the same (i.e. the upstream version):
-%define tarball_version %{version}
-#define tarball_version 9.20rc1
+#define tarball_version %{version}
+%define tarball_version 9.22rc1
 # built_version is used below in the install and files sections:
 # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15".
 # For Ghostscript releases built_version and version are the same (i.e. the upstream version):
-%define built_version %{version}
-#define built_version 9.20
+#define built_version %{version}
+%define built_version 9.22
 # Source0...Source9 is for sources from upstream:
 # Special URLs for Ghostscript release candidates:
-# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920rc1/ghostscript-9.20rc1.tar.gz
+# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922rc1/ghostscript-9.22rc1.tar.gz
 # How to download it:
-# wget -O ghostscript-9.20rc1.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920rc1/ghostscript-9.20rc1.tar.gz
-#Source0:        ghostscript-%{tarball_version}.tar.gz
+# wget -O ghostscript-9.22rc1.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922rc1/ghostscript-9.22rc1.tar.gz
+Source0:        ghostscript-%{tarball_version}.tar.gz
 # Normal URLs for Ghostscript releases:
 # URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/ghostscript-9.21.tar.gz
 # How to download it:
 # wget -O ghostscript-9.21.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/ghostscript-9.21.tar.gz
 # URL for MD5 checksums: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/MD5SUMS
 # MD5 checksum for Source0: 5f213281761d2750fcf27476c404d17f
-Source0:        ghostscript-%{version}.tar.gz
+#Source0:        ghostscript-%{version}.tar.gz
 # Patch0...Patch9 is for patches from upstream:
 # Source10...Source99 is for sources from SUSE which are intended for upstream:
 # Patch10...Patch99 is for patches from SUSE which are intended for upstream:
@@ -97,25 +97,6 @@ Patch11:        ppc64le-support.patch
 # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
 # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball:
 Patch100:       remove-zlib-h-dependency.patch
-# Patch101 CVE-2017-5951.patch fixes
-# null pointer dereference in ref_stack_index() that is
-# related to mem_get_bits_rectangle() in base/gdevmem.c
-# https://bugs.ghostscript.com/show_bug.cgi?id=697548
-# (bsc#1032114)
-Patch101:       CVE-2017-5951.patch
-# Patch102 CVE-2017-8291.patch fixes a type confusion in .rsdparams and .eqproc
-# see https://bugs.ghostscript.com/show_bug.cgi?id=697808
-# and https://bugs.ghostscript.com/show_bug.cgi?id=697799
-# and https://bugzilla.opensuse.org/show_bug.cgi?id=1036453
-Patch102:       CVE-2017-8291.patch
-# Patch103 fixes NULL pointer dereference in the jbig2_huffman_get function
-# see https://bugs.ghostscript.com/show_bug.cgi?id=697934
-# and https://bugzilla.suse.com/show_bug.cgi?id=1040643
-Patch103:       CVE-2017-9216.patch
-# Patch104 CVE-2017-7207.patch fixes a NULL pointer dereference in mem_get_bits_rectangle
-# see https://bugs.ghostscript.com/show_bug.cgi?id=697676
-# and https://bugzilla.suse.com/show_bug.cgi?id=1030263
-Patch104:       CVE-2017-7207.patch
 
 # RPM dependencies:
 # Additional RPM Provides of the ghostscript-library packages in openSUSE 11.4 from
@@ -243,6 +224,7 @@ For information how to use Ghostscript see
 
 %package x11
 Summary:        X11 library for Ghostscript
+Group:          Productivity/Publishing/PS
 # Require the exact matching version-release of the ghostscript main-package because
 # a non-matching ghostscript main-package may let it fail or even crash (e.g. segfault)
 # because all Ghostscript software is built from one same Ghostscript source tar ball
@@ -250,7 +232,6 @@ Summary:        X11 library for Ghostscript
 # The exact matching version-release of the ghostscript main-package is available
 # on the same package repository where the ghostscript-x11 sub-package is because
 # all are built simulaneously from the same Ghostscript source package:
-Group:          Productivity/Publishing/PS
 Requires:       ghostscript = %{version}-%{release}
 # Unfortunately ghostscript-library.spec and ghostscript-mini.spec have
 # an unversioned "Provides: ghostscript" and for RPM this means that both
@@ -317,25 +298,6 @@ This package contains the development files for Ghostscript.
 # is specially modified to work with Ghostscript so that we cannot use lcms2 from SUSE:
 #rm -rf freetype jpeg libpng tiff zlib
 rm -rf freetype jpeg libpng tiff
-# Patch101 CVE-2017-5951.patch fixes
-# null pointer dereference in ref_stack_index() that is
-# related to mem_get_bits_rectangle() in base/gdevmem.c
-# https://bugs.ghostscript.com/show_bug.cgi?id=697548
-# (bsc#1032114)
-%patch101 -b .CVE-2017-5951.orig
-# Patch102 CVE-2017-8291.patch fixes a type confusion in .rsdparams and .eqproc
-# see https://bugs.ghostscript.com/show_bug.cgi?id=697808
-# and https://bugs.ghostscript.com/show_bug.cgi?id=697799
-# and https://bugzilla.opensuse.org/show_bug.cgi?id=1036453
-%patch102 -p1 -b .CVE-2017-8291.orig
-# Patch103 fixes NULL pointer dereference in the jbig2_huffman_get function
-# see https://bugs.ghostscript.com/show_bug.cgi?id=697934
-# and https://bugzilla.suse.com/show_bug.cgi?id=1040643
-%patch103 -p1 -b .CVE-2017-9216.orig
-# Patch104 CVE-2017-7207.patch fixes a NULL pointer dereference in mem_get_bits_rectangle
-# see https://bugs.ghostscript.com/show_bug.cgi?id=697676
-# and https://bugzilla.suse.com/show_bug.cgi?id=1030263
-%patch104 -p1 -b .CVE-2017-7207.orig
 
 %build
 # Derive build timestamp from latest changelog entry
@@ -417,6 +379,12 @@ popd
 rm %{buildroot}%{_bindir}/ijs_client_example
 rm %{buildroot}%{_bindir}/ijs_server_example
 rm %{buildroot}%{_libdir}/libijs.la
+# Since Ghostscript 9.22rc1 bin/font2c and bin/wftopfa are removed
+# but the matching man pages are still installed which are hereby also removed:
+rm %{buildroot}%{_mandir}/man1/font2c.1
+rm %{buildroot}%{_mandir}/man1/wftopfa.1
+rm %{buildroot}%{_mandir}/de/man1/font2c.1
+rm %{buildroot}%{_mandir}/de/man1/wftopfa.1
 # Install documentation which is not installed by default
 # see http://bugs.ghostscript.com/show_bug.cgi?id=693002
 # and fail intentionally as notification if something changed:
@@ -465,7 +433,6 @@ exit 0
 %defattr(-, root, root)
 %{_bindir}/dvipdf
 %{_bindir}/eps2eps
-%{_bindir}/font2c
 %{_bindir}/gs
 %{_bindir}/gsx
 %{_bindir}/gsc
@@ -492,10 +459,8 @@ exit 0
 %{_bindir}/ps2ps
 %{_bindir}/ps2ps2
 %{_bindir}/unix-lpr.sh
-%{_bindir}/wftopfa
 %doc %{_mandir}/man1/dvipdf.1.gz
 %doc %{_mandir}/man1/eps2eps.1.gz
-%doc %{_mandir}/man1/font2c.1.gz
 %doc %{_mandir}/man1/gs.1.gz
 %doc %{_mandir}/man1/gsbj.1.gz
 %doc %{_mandir}/man1/gsdj.1.gz
@@ -516,10 +481,8 @@ exit 0
 %doc %{_mandir}/man1/ps2pdf14.1.gz
 %doc %{_mandir}/man1/ps2pdfwr.1.gz
 %doc %{_mandir}/man1/ps2ps.1.gz
-%doc %{_mandir}/man1/wftopfa.1.gz
 %doc %{_mandir}/de/man1/dvipdf.1.gz
 %doc %{_mandir}/de/man1/eps2eps.1.gz
-%doc %{_mandir}/de/man1/font2c.1.gz
 %doc %{_mandir}/de/man1/gsnd.1.gz
 %doc %{_mandir}/de/man1/pdf2dsc.1.gz
 %doc %{_mandir}/de/man1/pdf2ps.1.gz
@@ -530,7 +493,6 @@ exit 0
 %doc %{_mandir}/de/man1/ps2pdf13.1.gz
 %doc %{_mandir}/de/man1/ps2pdf14.1.gz
 %doc %{_mandir}/de/man1/ps2ps.1.gz
-%doc %{_mandir}/de/man1/wftopfa.1.gz
 %doc %{_defaultdocdir}/ghostscript
 %dir %{_datadir}/ghostscript
 %dir %{_datadir}/ghostscript/%{built_version}

From d041b7550231b9b0e6f33a242e5f96e84fb31a08834451139800cbf67dc6b13e Mon Sep 17 00:00:00 2001
From: Johannes Meixner <jsmeix@suse.com>
Date: Thu, 30 Nov 2017 10:44:29 +0000
Subject: [PATCH 2/2] Accepting request 546685 from
 home:jsmeix:branches:Printing

Ghostscript version upgrade to 9.22 for openSUSE Tumbleweed/Factory and the upcoming SLE15/Leap15

OBS-URL: https://build.opensuse.org/request/show/546685
OBS-URL: https://build.opensuse.org/package/show/Printing/ghostscript?expand=0&rev=82
---
 ghostscript-9.22.tar.gz    |  3 +++
 ghostscript-9.22rc1.tar.gz |  3 ---
 ghostscript-mini.changes   | 52 ++++++++++++++++++++++++++++++++++++++
 ghostscript-mini.spec      | 39 ++++++++++++++--------------
 ghostscript.changes        | 52 ++++++++++++++++++++++++++++++++++++++
 ghostscript.spec           | 39 ++++++++++++++--------------
 6 files changed, 147 insertions(+), 41 deletions(-)
 create mode 100644 ghostscript-9.22.tar.gz
 delete mode 100644 ghostscript-9.22rc1.tar.gz

diff --git a/ghostscript-9.22.tar.gz b/ghostscript-9.22.tar.gz
new file mode 100644
index 0000000..1b65ec7
--- /dev/null
+++ b/ghostscript-9.22.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7f5f4487c0df9dce37481e4c8f192c0322e4c69f5a2ba900a7833c992331bcf4
+size 38773429
diff --git a/ghostscript-9.22rc1.tar.gz b/ghostscript-9.22rc1.tar.gz
deleted file mode 100644
index aa359ad..0000000
--- a/ghostscript-9.22rc1.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d307041c35141999f38a4da6a1e86b8bdf2ad237b2bf973c551851940ed5b09b
-size 38681545
diff --git a/ghostscript-mini.changes b/ghostscript-mini.changes
index 38c1ba2..cf86282 100644
--- a/ghostscript-mini.changes
+++ b/ghostscript-mini.changes
@@ -1,3 +1,55 @@
+-------------------------------------------------------------------
+Wed Nov 29 16:04:48 CET 2017 - jsmeix@suse.de
+
+- Version upgrade to 9.22.
+  For details see the News.htm and History9.htm files.
+  Highlights in this release include:
+  * Ghostscript can now consume and produce (via the pdfwrite
+    device) PDF 2.0 compliant files.
+  * The main focus of this release has been security and code
+    cleanliness. Hence many AddressSanitizer, Valgrind and
+    Coverity issues have been addressed.
+  * The usual round of bug fixes, compatibility changes,
+    and incremental improvements.
+  Incompatible changes
+  * The planned device API tidy (still!) did not happen for
+    this release, due to time pressures, but we still intend
+    to undertake the following: We plan to somewhat tidy up
+    the device API. We intend to remove deprecated device procs
+    (methods/function pointers) and change the device API
+    so every device proc takes a graphics state parameter
+    (rather than the current scheme where only a very few procs
+    take an imager state parameter). This should serve as notice
+    to anyone maintaining a Ghostscript device outside the
+    canonical source tree that you may (probably will) need
+    to update your device(s) when these changes happen.
+    Devices using only the non-deprecated procs should be
+    trivial to update.
+- Up to 9.22rc1 it "just built" for all openSUSE versions but
+  since 9.22rc2 the libijs part does no longer buid for any
+  released openSUSE version where if fails with messages like
+    libtool: Version mismatch error.
+      This is libtool 2.4.6 Debian-2.4.6-2, but the
+      definition of this LT_INIT comes from libtool 2.4.2.
+      You should recreate aclocal.m4 with macros from
+      libtool 2.4.6 Debian-2.4.6-2 and run autoconf again.
+    Makefile: recipe for target 'ijs.lo' failed
+  so that currently it only builds for Tumbleweed/Factory.
+  Presumably it is not too complicated to make it build again
+  also for released openSUSE versions but currently I have
+  less than zero energy to fix on such "latest breaking changes"
+  so that for now Ghostscript 9.22 is only provided for
+  openSUSE Tumbleweed/Factory and the upcoming SLE15/Leap15.
+
+-------------------------------------------------------------------
+Fri Sep 29 09:12:06 CEST 2017 - jsmeix@suse.de
+
+- Version upgrade to 9.22rc2 (second release candidate for 9.22).
+  For details see the News.htm and History9.htm files.
+  Regarding installing packages (in particular release candidates)
+  from the openSUSE build service development project "Printing"
+  see https://build.opensuse.org/project/show/Printing
+
 -------------------------------------------------------------------
 Thu Sep 14 15:19:40 CEST 2017 - jsmeix@suse.de
 
diff --git a/ghostscript-mini.spec b/ghostscript-mini.spec
index 6f3f795..c5c7ff8 100644
--- a/ghostscript-mini.spec
+++ b/ghostscript-mini.spec
@@ -36,33 +36,34 @@ Url:            http://www.ghostscript.com/
 # But only with the alphabetic prefix "9.pre15rc1" would be older than the previous version number "9.14"
 # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers
 # so that we keep additionally the previous version number to upgrade from the previous version:
-Version:        9.21pre22rc1
-Release:        0
+#Version:        9.21pre22rc2
 # Normal version for Ghostscript releases is the upstream version:
-#Version:        9.21
+Version:        9.22
+Release:        0
 # tarball_version is used below to specify the directory via "setup -n":
 # Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1".
 # For Ghostscript releases tarball_version and version are the same (i.e. the upstream version):
-#define tarball_version %{version}
-%define tarball_version 9.22rc1
+%define tarball_version %{version}
+#define tarball_version 9.22rc2
 # built_version is used below in the install and files sections:
 # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15".
 # For Ghostscript releases built_version and version are the same (i.e. the upstream version):
-#define built_version %{version}
-%define built_version 9.22
+%define built_version %{version}
+#define built_version 9.22
 # Source0...Source9 is for sources from upstream:
 # Special URLs for Ghostscript release candidates:
-# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922rc1/ghostscript-9.22rc1.tar.gz
+# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922rc2/ghostscript-9.22rc2.tar.gz
 # How to download it:
-# wget -O ghostscript-9.22rc1.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922rc1/ghostscript-9.22rc1.tar.gz
-Source0:        ghostscript-%{tarball_version}.tar.gz
+# wget -O ghostscript-9.22rc2.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922rc2/ghostscript-9.22rc2.tar.gz
+#Source0:        ghostscript-%{tarball_version}.tar.gz
 # Normal URLs for Ghostscript releases:
-# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/ghostscript-9.21.tar.gz
+# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922/ghostscript-9.22.tar.gz
 # How to download it:
-# wget -O ghostscript-9.21.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/ghostscript-9.21.tar.gz
-# URL for MD5 checksums: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/MD5SUMS
-# MD5 checksum for Source0: 5f213281761d2750fcf27476c404d17f
-#Source0:        ghostscript-%{version}.tar.gz
+# wget -O ghostscript-9.22.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922/ghostscript-9.22.tar.gz
+# URL for MD5 checksums:
+# wget -O gs922.MD5SUMS https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922/MD5SUMS
+# MD5 checksum for Source0: eff6bc41b1d7e26e988d2a5c813889d1
+Source0:        ghostscript-%{version}.tar.gz
 # Patch0...Patch9 is for patches from upstream:
 # Source10...Source99 is for sources from SUSE which are intended for upstream:
 # Patch10...Patch99 is for patches from SUSE which are intended for upstream:
@@ -245,10 +246,10 @@ rm %{buildroot}%{_bindir}/ijs_server_example
 rm %{buildroot}%{_libdir}/libijs.la
 # Since Ghostscript 9.22rc1 bin/font2c and bin/wftopfa are removed
 # but the matching man pages are still installed which are hereby also removed:
-rm %{buildroot}%{_mandir}/man1/font2c.1
-rm %{buildroot}%{_mandir}/man1/wftopfa.1
-rm %{buildroot}%{_mandir}/de/man1/font2c.1
-rm %{buildroot}%{_mandir}/de/man1/wftopfa.1
+#rm %{buildroot}%{_mandir}/man1/font2c.1
+#rm %{buildroot}%{_mandir}/man1/wftopfa.1
+#rm %{buildroot}%{_mandir}/de/man1/font2c.1
+#rm %{buildroot}%{_mandir}/de/man1/wftopfa.1
 # Install documentation which is not installed by default
 # see http://bugs.ghostscript.com/show_bug.cgi?id=693002
 # and fail intentionally as notification if something changed:
diff --git a/ghostscript.changes b/ghostscript.changes
index ba2eda0..39d78b3 100644
--- a/ghostscript.changes
+++ b/ghostscript.changes
@@ -1,3 +1,55 @@
+-------------------------------------------------------------------
+Wed Nov 29 16:04:48 CET 2017 - jsmeix@suse.de
+
+- Version upgrade to 9.22.
+  For details see the News.htm and History9.htm files.
+  Highlights in this release include:
+  * Ghostscript can now consume and produce (via the pdfwrite
+    device) PDF 2.0 compliant files.
+  * The main focus of this release has been security and code
+    cleanliness. Hence many AddressSanitizer, Valgrind and
+    Coverity issues have been addressed.
+  * The usual round of bug fixes, compatibility changes,
+    and incremental improvements.
+  Incompatible changes
+  * The planned device API tidy (still!) did not happen for
+    this release, due to time pressures, but we still intend
+    to undertake the following: We plan to somewhat tidy up
+    the device API. We intend to remove deprecated device procs
+    (methods/function pointers) and change the device API
+    so every device proc takes a graphics state parameter
+    (rather than the current scheme where only a very few procs
+    take an imager state parameter). This should serve as notice
+    to anyone maintaining a Ghostscript device outside the
+    canonical source tree that you may (probably will) need
+    to update your device(s) when these changes happen.
+    Devices using only the non-deprecated procs should be
+    trivial to update.
+- Up to 9.22rc1 it "just built" for all openSUSE versions but
+  since 9.22rc2 the libijs part does no longer buid for any
+  released openSUSE version where if fails with messages like
+    libtool: Version mismatch error.
+      This is libtool 2.4.6 Debian-2.4.6-2, but the
+      definition of this LT_INIT comes from libtool 2.4.2.
+      You should recreate aclocal.m4 with macros from
+      libtool 2.4.6 Debian-2.4.6-2 and run autoconf again.
+    Makefile: recipe for target 'ijs.lo' failed
+  so that currently it only builds for Tumbleweed/Factory.
+  Presumably it is not too complicated to make it build again
+  also for released openSUSE versions but currently I have
+  less than zero energy to fix on such "latest breaking changes"
+  so that for now Ghostscript 9.22 is only provided for
+  openSUSE Tumbleweed/Factory and the upcoming SLE15/Leap15.
+
+-------------------------------------------------------------------
+Fri Sep 29 09:12:06 CEST 2017 - jsmeix@suse.de
+
+- Version upgrade to 9.22rc2 (second release candidate for 9.22).
+  For details see the News.htm and History9.htm files.
+  Regarding installing packages (in particular release candidates)
+  from the openSUSE build service development project "Printing"
+  see https://build.opensuse.org/project/show/Printing
+
 -------------------------------------------------------------------
 Thu Sep 14 15:19:40 CEST 2017 - jsmeix@suse.de
 
diff --git a/ghostscript.spec b/ghostscript.spec
index 6b7eb9c..646eee6 100644
--- a/ghostscript.spec
+++ b/ghostscript.spec
@@ -56,33 +56,34 @@ Url:            http://www.ghostscript.com/
 # But only with the alphabetic prefix "9.pre15rc1" would be older than the previous version number "9.14"
 # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers
 # so that we keep additionally the previous version number to upgrade from the previous version:
-Version:        9.21pre22rc1
-Release:        0
+#Version:        9.21pre22rc2
 # Normal version for Ghostscript releases is the upstream version:
-#Version:        9.21
+Version:        9.22
+Release:        0
 # tarball_version is used below to specify the directory via "setup -n":
 # Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1".
 # For Ghostscript releases tarball_version and version are the same (i.e. the upstream version):
-#define tarball_version %{version}
-%define tarball_version 9.22rc1
+%define tarball_version %{version}
+#define tarball_version 9.22rc2
 # built_version is used below in the install and files sections:
 # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15".
 # For Ghostscript releases built_version and version are the same (i.e. the upstream version):
-#define built_version %{version}
-%define built_version 9.22
+%define built_version %{version}
+#define built_version 9.22
 # Source0...Source9 is for sources from upstream:
 # Special URLs for Ghostscript release candidates:
-# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922rc1/ghostscript-9.22rc1.tar.gz
+# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922rc2/ghostscript-9.22rc2.tar.gz
 # How to download it:
-# wget -O ghostscript-9.22rc1.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922rc1/ghostscript-9.22rc1.tar.gz
-Source0:        ghostscript-%{tarball_version}.tar.gz
+# wget -O ghostscript-9.22rc2.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922rc2/ghostscript-9.22rc2.tar.gz
+#Source0:        ghostscript-%{tarball_version}.tar.gz
 # Normal URLs for Ghostscript releases:
-# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/ghostscript-9.21.tar.gz
+# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922/ghostscript-9.22.tar.gz
 # How to download it:
-# wget -O ghostscript-9.21.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/ghostscript-9.21.tar.gz
-# URL for MD5 checksums: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/MD5SUMS
-# MD5 checksum for Source0: 5f213281761d2750fcf27476c404d17f
-#Source0:        ghostscript-%{version}.tar.gz
+# wget -O ghostscript-9.22.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922/ghostscript-9.22.tar.gz
+# URL for MD5 checksums:
+# wget -O gs922.MD5SUMS https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922/MD5SUMS
+# MD5 checksum for Source0: eff6bc41b1d7e26e988d2a5c813889d1
+Source0:        ghostscript-%{version}.tar.gz
 # Patch0...Patch9 is for patches from upstream:
 # Source10...Source99 is for sources from SUSE which are intended for upstream:
 # Patch10...Patch99 is for patches from SUSE which are intended for upstream:
@@ -381,10 +382,10 @@ rm %{buildroot}%{_bindir}/ijs_server_example
 rm %{buildroot}%{_libdir}/libijs.la
 # Since Ghostscript 9.22rc1 bin/font2c and bin/wftopfa are removed
 # but the matching man pages are still installed which are hereby also removed:
-rm %{buildroot}%{_mandir}/man1/font2c.1
-rm %{buildroot}%{_mandir}/man1/wftopfa.1
-rm %{buildroot}%{_mandir}/de/man1/font2c.1
-rm %{buildroot}%{_mandir}/de/man1/wftopfa.1
+#rm %{buildroot}%{_mandir}/man1/font2c.1
+#rm %{buildroot}%{_mandir}/man1/wftopfa.1
+#rm %{buildroot}%{_mandir}/de/man1/font2c.1
+#rm %{buildroot}%{_mandir}/de/man1/wftopfa.1
 # Install documentation which is not installed by default
 # see http://bugs.ghostscript.com/show_bug.cgi?id=693002
 # and fail intentionally as notification if something changed: