rpm/ghostscript
SHA256
1
0
Fork 0
forked from pool/ghostscript
Code Pull Requests Activity

Accepting request 635773 from Printing

Browse Source 
Ghostscript version upgrade to 9.25 which provides fixes for regressions in Ghostscript 9.24 and more security bufgixes, see https://www.ghostscript.com/doc/9.25/News.htm (forwarded request 635772 from jsmeix)

OBS-URL: https://build.opensuse.org/request/show/635773
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ghostscript?expand=0&rev=33
This commit is contained in:
Dominique Leuenberger
2018-09-26 13:59:35 +00:00
committed by Git OBS Bridge
parent e7a40f71fe 07ebe5c7a1
commit 469d0aa4b6
8 changed files with 353 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
CVE-2018-10194.patch
View File

@@ -1,18 +0,0 @@
--- devices/vector/gdevpdts.c.orig 2018-03-21 09:48:06.000000000 +0100
+++ devices/vector/gdevpdts.c 2018-06-05 14:39:39.000000000 +0200
@@ -103,9 +103,14 @@ append_text_move(pdf_text_state_t *pts,
static int
set_text_distance(gs_point *pdist, double dx, double dy, const gs_matrix *pmat)
{
- int code = gs_distance_transform_inverse(dx, dy, pmat, pdist);
+ int code;
double rounded;
+ if (dx > 1e38 || dy > 1e38)
+ code = gs_error_undefinedresult;
+ else
+ code = gs_distance_transform_inverse(dx, dy, pmat, pdist);
+
if (code == gs_error_undefinedresult) {
/* The CTM is degenerate.
Can't know the distance in user space.

11
fix_ln_docdir_gsdatadir.patch
View File

@@ -1,11 +0,0 @@
--- base/unixinst.mak.orig 2018-03-07 16:01:52.000000000 +0100
+++ base/unixinst.mak 2018-03-12 14:06:43.000000000 +0100
@@ -163,7 +163,7 @@ install-doc: $(PSDOCDIR)/News.htm
$(SH) -c 'for f in $(DOC_PAGES) ;\
do if ( test -f $(PSDOCDIR)/$$f ); then $(INSTALL_DATA) $(PSDOCDIR)/$$f $(DESTDIR)$(docdir); fi;\
done'
- ln -s $(DESTDIR)$(docdir) $(DESTDIR)$(gsdatadir)/doc
+ # ln -s $(DESTDIR)$(docdir) $(DESTDIR)$(gsdatadir)/doc
# install the man pages for each locale
MAN_LCDIRS=. de

3
ghostscript-9.23.tar.gz
View File

@@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f65964807a3c97a2c0810d4b9806585367e73129e57ae33378cea18e07a1ed9b
size 43208330

3
ghostscript-9.25.tar.gz Normal file
View File

@@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:baafa64740b090bff50b220a6df3be95c46069b7e30f4b4effed28316e5b2389
size 42017635

163
ghostscript-mini.changes
View File

@@ -1,3 +1,166 @@
-------------------------------------------------------------------
Fri Sep 14 10:47:33 CEST 2018 - jsmeix@suse.de
- Version upgrade to 9.25
For the highlights in this release see the highlights in the
9.25rc1 first release candidate for 9.25 entry below.
PLEASE NOTE:
We (i.e. Ghostscript upstream) strongly urge users to upgrade
to this latest release to avoid these issues.
For a release summary see:
http://www.ghostscript.com/doc/9.25/News.htm
For details see the News.htm and History9.htm files.
The Ghostscript 9.25 release should fix (see below)
in particular those security issues:
* CVE-2018-15909: shading_param incomplete type checking
https://bugs.ghostscript.com/show_bug.cgi?id=699660
https://bugzilla.suse.com/show_bug.cgi?id=1106172 bsc#1106172
* CVE-2018-15908: .tempfile file permission issues
https://bugs.ghostscript.com/show_bug.cgi?id=699657
https://bugzilla.suse.com/show_bug.cgi?id=1106171 bsc#1106171
* CVE-2018-15910: LockDistillerParams type confusion
https://bugs.ghostscript.com/show_bug.cgi?id=699656
https://bugzilla.suse.com/show_bug.cgi?id=1106173 bsc#1106173
* CVE-2018-15911: uninitialized memory access in the aesdecode
https://bugs.ghostscript.com/show_bug.cgi?id=699665
https://bugzilla.suse.com/show_bug.cgi?id=1106195 bsc#1106195
* CVE-2018-16513: setcolor missing type check
https://bugs.ghostscript.com/show_bug.cgi?id=699655
https://bugzilla.suse.com/show_bug.cgi?id=1107412 bsc#1107412
* CVE-2018-16509: /invalidaccess bypass after failed restore
https://bugs.ghostscript.com/show_bug.cgi?id=699654
https://bugzilla.suse.com/show_bug.cgi?id=1107410 bsc#1107410
* CVE-2018-16510: Incorrect exec stack handling in the "CS"
and "SC" PDF primitives
https://bugs.ghostscript.com/show_bug.cgi?id=699671
https://bugzilla.suse.com/show_bug.cgi?id=1107411 bsc#1107411
* CVE-2018-16542: .definemodifiedfont memory corruption
if /typecheck is handled
https://bugs.ghostscript.com/show_bug.cgi?id=699668
https://bugzilla.suse.com/show_bug.cgi?id=1107413 bsc#1107413
* CVE-2018-16541 incorrect free logic in pagedevice replacement
https://bugs.ghostscript.com/show_bug.cgi?id=699664
https://bugzilla.suse.com/show_bug.cgi?id=1107421 bsc#1107421
* CVE-2018-16540 use-after-free in copydevice handling
https://bugs.ghostscript.com/show_bug.cgi?id=699661
https://bugzilla.suse.com/show_bug.cgi?id=1107420 bsc#1107420
* CVE-2018-16539: incorrect access checking in temp file
handling to disclose contents of files
https://bugs.ghostscript.com/show_bug.cgi?id=699658
https://bugzilla.suse.com/show_bug.cgi?id=1107422 bsc#1107422
* CVE-2018-16543: gssetresolution and gsgetresolution allow
for unspecified impact
https://bugs.ghostscript.com/show_bug.cgi?id=699670
https://bugzilla.suse.com/show_bug.cgi?id=1107423 bsc#1107423
* CVE-2018-16511: type confusion in "ztype" could be used by
remote attackers able to supply crafted PostScript to crash
the interpreter or possibly have unspecified other impact
https://bugs.ghostscript.com/show_bug.cgi?id=699659
https://bugzilla.suse.com/show_bug.cgi?id=1107426 bsc#1107426
* CVE-2018-16585 .setdistillerkeys PostScript command is
accepted even though it is not intended for use
https://bugzilla.suse.com/show_bug.cgi?id=1107581 bsc#1107581
* CVE-2018-16802: Incorrect"restoration of privilege" checking
when running out of stack during exceptionhandling could be
used by attackers able to supply crafted PostScript to execute
code using the "pipe" instruction. This is due to an incomplete
fix for CVE-2018-16509
https://bugs.ghostscript.com/show_bug.cgi?id=699714
https://bugs.ghostscript.com/show_bug.cgi?id=699718
https://bugzilla.suse.com/show_bug.cgi?id=1108027 bnc#1108027
Regarding what the above "should fix" means:
PostScript is a general purpose Turing-complete programming
language (cf. https://en.wikipedia.org/wiki/PostScript)
that supports in particular file access on the system disk.
When Ghostscript processes PostScript it runs a PostScript
program as the user who runs Ghostscript.
When Ghostscript processes an arbitrary PostScript file,
the user who runs Ghostscript runs an arbitrary program
which can do anything on the system where Ghostscript runs
that this user is allowed to do on that system.
To make it safer when Ghostscript runs a PostScript program
the Ghostscript command line option '-dSAFER' disables
certain file access functionality, for details see
/usr/share/doc/ghostscript/9.25/Use.htm
Its name 'SAFER' says everything: It makes it 'safer'
to let Ghostscript run a PostScript program,
but it does not make it completely safe.
In theory software is safe against misuse (i.e. has no bugs).
In practice there is an endless sequence of various kind of
security issues (i.e. software can be misused to do more than
what is intended) that get fixed issue by issue ad infinitum.
In the end all that means:
In practice the user who runs Ghostscript must not let it
process arbitrary PostScript files from untrusted origin.
In particular Ghostscript is usually run when printing
documents (with the '-dSAFER' option set), see the part about
"It is crucial to limit access to CUPS to trusted users" in
https://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings
-------------------------------------------------------------------
Thu Sep 13 14:14:39 CEST 2018 - jsmeix@suse.de
- Version upgrade to 9.25rc1 (first release candidate for 9.25).
Highlights in this release include:
* This release fixes problems with argument handling, some
unintended results of the security fixes to the SAFER file
access restrictions (specifically accessing ICC profile files),
and some additional security issues over the 9.24 release.
* Security issues have been the primary focus of this release,
including solving several (well publicised) real
and potential exploits.
PLEASE NOTE:
We (i.e. Ghostscript upstream) strongly urge users to upgrade
to this latest release to avoid these issues.
* Avoid that ps2epsi fails with
'Error: /undefined in --setpagedevice--'
Recent changes required to harden SAFER mode mean that
it is no longer possible to run ps2epsi in SAFER mode,
because it relies upon unsafe Ghostscript non-standard
extension operators.
Removing SAFER and DELAYSAFER, and the code to reset SAFER,
allow ps2epsi to run as well as it ever did (ie badly).
This program (i.e. ps2epsi) should now be considered unsafe,
you should not use it on untrusted PostScript programs.
Likely we (i.e. Ghostscript upstream) will deprecate and
remove this program in future.
For details see the News.htm and History9.htm files.
Regarding installing packages (in particular release candidates)
from the openSUSE build service development project "Printing"
see https://build.opensuse.org/project/show/Printing
-------------------------------------------------------------------
Thu Sep 13 10:25:21 CEST 2018 - jsmeix@suse.de
- Version upgrade to 9.24
Highlights in this release include:
* Security issues have been the primary focus of this release,
including solving several (well publicised)
real and potential exploits.
PLEASE NOTE:
We (i.e. Ghostscript upstream) strongly urge users to upgrade
to this latest release to avoid these issues.
* As well as Ghostscript itself, jbig2dec has had a significant
amount of work improving its robustness in the face of
out specification files.
* IMPORTANT: We (i.e. Ghostscript upstream) are in the process
of forking LittleCMS. LCMS2 is not thread safe, and cannot
be made thread safe without breaking the ABI. Our fork
will be thread safe, and include performance enhancements
(these changes have all be been offered and rejected upstream).
We will maintain compatibility between Ghostscript and LCMS2
for a time, but not in perpetuity. Our fork will be available
as its own package separately from Ghostscript (and MuPDF).
* The usual round of bug fixes, compatibility changes,
and incremental improvements.
For a release summary see:
http://www.ghostscript.com/doc/9.24/News.htm
For details see the News.htm and History9.htm files.
- fix_ln_docdir_gsdatadir.patch is no longer needed
because the issue is fixed in the upstream sources.
- CVE-2018-10194.patch is no longer needed
because the issue is fixed in the upstream sources.
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Jun 5 14:47:59 CEST 2018 - jsmeix@suse.de Tue Jun 5 14:47:59 CEST 2018 - jsmeix@suse.de

44
ghostscript-mini.spec
View File

@@ -37,53 +37,44 @@ Url: http://www.ghostscript.com/
# But only with the alphabetic prefix "9.pre15rc1" would be older than the previous version number "9.14" # But only with the alphabetic prefix "9.pre15rc1" would be older than the previous version number "9.14"
# because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers
# so that we keep additionally the previous version number to upgrade from the previous version: # so that we keep additionally the previous version number to upgrade from the previous version:
#Version: 9.22pre23rc1 #Version: 9.24pre25rc1
# Normal version for Ghostscript releases is the upstream version: # Normal version for Ghostscript releases is the upstream version:
Version: 9.23 Version: 9.25
Release: 0 Release: 0
# tarball_version is used below to specify the directory via "setup -n": # tarball_version is used below to specify the directory via "setup -n":
# Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1". # Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1".
# For Ghostscript releases tarball_version and version are the same (i.e. the upstream version): # For Ghostscript releases tarball_version and version are the same (i.e. the upstream version):
%define tarball_version %{version} %define tarball_version %{version}
#define tarball_version 9.23rc1 #define tarball_version 9.25rc1
# built_version is used below in the install and files sections: # built_version is used below in the install and files sections:
# Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15". # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15".
# For Ghostscript releases built_version and version are the same (i.e. the upstream version): # For Ghostscript releases built_version and version are the same (i.e. the upstream version):
%define built_version %{version} %define built_version %{version}
#define built_version 9.23 #define built_version 9.25
# Source0...Source9 is for sources from upstream: # Source0...Source9 is for sources from upstream:
# Special URLs for Ghostscript release candidates: # Special URLs for Ghostscript release candidates:
# see https://github.com/ArtifexSoftware/ghostpdl-downloads/releases # see https://github.com/ArtifexSoftware/ghostpdl-downloads/releases
# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs923rc1/ghostscript-9.23rc1.tar.gz # URL for Source0:
# How to download it: # wget -O ghostscript-9.25rc1.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs925rc1/ghostscript-9.25rc1.tar.gz
# wget -O ghostscript-9.23rc1.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs923rc1/ghostscript-9.23rc1.tar.gz # URL for MD5 checksums:
# wget -O gs925rc1.MD5SUMS https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs925rc1/MD5SUMS
# MD5 checksum for Source0: 2dc56f05c4e479b9a2cbb8221f669c8f ghostscript-9.25rc1.tar.gz
#Source0: ghostscript-%{tarball_version}.tar.gz #Source0: ghostscript-%{tarball_version}.tar.gz
# Normal URLs for Ghostscript releases: # Normal URLs for Ghostscript releases:
# URL for Source0: # URL for Source0:
# wget -O ghostscript-9.23.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs923/ghostscript-9.23.tar.gz # wget -O ghostscript-9.25.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs925/ghostscript-9.25.tar.gz
# URL for MD5 checksums: # URL for MD5 checksums:
# wget -O gs923.MD5SUMS https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs923/MD5SUMS # wget -O gs925.MD5SUMS https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs925/MD5SUMS
# MD5 checksum for Source0: 5a47ab47cd22dec1eb5f51c06f1c9d9c # MD5 checksum for Source0: eebd0fadbfa8e800094422ce65e94d5d ghostscript-9.25.tar.gz
Source0: ghostscript-%{version}.tar.gz Source0: ghostscript-%{version}.tar.gz
# Patch0...Patch9 is for patches from upstream: # Patch0...Patch9 is for patches from upstream:
# Source10...Source99 is for sources from SUSE which are intended for upstream: # Source10...Source99 is for sources from SUSE which are intended for upstream:
# Patch10...Patch99 is for patches from SUSE which are intended for upstream: # Patch10...Patch99 is for patches from SUSE which are intended for upstream:
# Avoid
# ln -s /home/abuild/rpmbuild/BUILDROOT/ghostscript-9.22pre23rc1-104.1.i386/usr/share/doc/ghostscript/9.23 /usr/share/ghostscript/9.23/doc
# ln: failed to create symbolic link '/usr/share/ghostscript/9.23/doc': No such file or directory
# base/unixinst.mak:162: recipe for target 'install-doc' failed
# make[1]: *** [install-doc] Error 1
Patch12: fix_ln_docdir_gsdatadir.patch
# Source100...Source999 is for sources from SUSE which are not intended for upstream: # Source100...Source999 is for sources from SUSE which are not intended for upstream:
# Patch100...Patch999 is for patches from SUSE which are not intended for upstream: # Patch100...Patch999 is for patches from SUSE which are not intended for upstream:
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball: # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball:
Patch100: remove-zlib-h-dependency.patch Patch100: remove-zlib-h-dependency.patch
# Patch101 fixes stack-based buffer overflow in gdevpdts.c
# see https://bugzilla.suse.com/show_bug.cgi?id=1090099
# and https://bugs.ghostscript.com/show_bug.cgi?id=699255
# and http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
Patch101: CVE-2018-10194.patch
# RPM dependencies: # RPM dependencies:
Conflicts: ghostscript Conflicts: ghostscript
Conflicts: ghostscript-x11 Conflicts: ghostscript-x11
@@ -142,23 +133,12 @@ This package contains the development files for Minimal Ghostscript.
# Be quiet when unpacking and # Be quiet when unpacking and
# use a directory name matching Source0 to make it work also for ghostscript-mini: # use a directory name matching Source0 to make it work also for ghostscript-mini:
%setup -q -n ghostscript-%{tarball_version} %setup -q -n ghostscript-%{tarball_version}
# Avoid
# ln -s /home/abuild/rpmbuild/BUILDROOT/ghostscript-9.22pre23rc1-104.1.i386/usr/share/doc/ghostscript/9.23 /usr/share/ghostscript/9.23/doc
# ln: failed to create symbolic link '/usr/share/ghostscript/9.23/doc': No such file or directory
# base/unixinst.mak:162: recipe for target 'install-doc' failed
# make[1]: *** [install-doc] Error 1
%patch12
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball. # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball.
# Again use the zlib sources from Ghostscript upstream # Again use the zlib sources from Ghostscript upstream
# and disable remove-zlib-h-dependency.patch because # and disable remove-zlib-h-dependency.patch because
# Ghostscript 9.21 does no longer build this way: # Ghostscript 9.21 does no longer build this way:
#patch100 -p1 -b remove-zlib-h-dependency.orig #patch100 -p1 -b remove-zlib-h-dependency.orig
# Patch101 fixes stack-based buffer overflow in gdevpdts.c
# see https://bugzilla.suse.com/show_bug.cgi?id=1090099
# and https://bugs.ghostscript.com/show_bug.cgi?id=699255
# and http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
%patch101 -b CVE-2018-10194.orig
# Remove patch backup files to avoid packaging # Remove patch backup files to avoid packaging
# cf. https://build.opensuse.org/request/show/581052 # cf. https://build.opensuse.org/request/show/581052
rm -f Resource/Init/*.ps.orig rm -f Resource/Init/*.ps.orig

163
ghostscript.changes
View File

@@ -1,3 +1,166 @@
-------------------------------------------------------------------
Fri Sep 14 10:47:33 CEST 2018 - jsmeix@suse.de
- Version upgrade to 9.25
For the highlights in this release see the highlights in the
9.25rc1 first release candidate for 9.25 entry below.
PLEASE NOTE:
We (i.e. Ghostscript upstream) strongly urge users to upgrade
to this latest release to avoid these issues.
For a release summary see:
http://www.ghostscript.com/doc/9.25/News.htm
For details see the News.htm and History9.htm files.
The Ghostscript 9.25 release should fix (see below)
in particular those security issues:
* CVE-2018-15909: shading_param incomplete type checking
https://bugs.ghostscript.com/show_bug.cgi?id=699660
https://bugzilla.suse.com/show_bug.cgi?id=1106172 bsc#1106172
* CVE-2018-15908: .tempfile file permission issues
https://bugs.ghostscript.com/show_bug.cgi?id=699657
https://bugzilla.suse.com/show_bug.cgi?id=1106171 bsc#1106171
* CVE-2018-15910: LockDistillerParams type confusion
https://bugs.ghostscript.com/show_bug.cgi?id=699656
https://bugzilla.suse.com/show_bug.cgi?id=1106173 bsc#1106173
* CVE-2018-15911: uninitialized memory access in the aesdecode
https://bugs.ghostscript.com/show_bug.cgi?id=699665
https://bugzilla.suse.com/show_bug.cgi?id=1106195 bsc#1106195
* CVE-2018-16513: setcolor missing type check
https://bugs.ghostscript.com/show_bug.cgi?id=699655
https://bugzilla.suse.com/show_bug.cgi?id=1107412 bsc#1107412
* CVE-2018-16509: /invalidaccess bypass after failed restore
https://bugs.ghostscript.com/show_bug.cgi?id=699654
https://bugzilla.suse.com/show_bug.cgi?id=1107410 bsc#1107410
* CVE-2018-16510: Incorrect exec stack handling in the "CS"
and "SC" PDF primitives
https://bugs.ghostscript.com/show_bug.cgi?id=699671
https://bugzilla.suse.com/show_bug.cgi?id=1107411 bsc#1107411
* CVE-2018-16542: .definemodifiedfont memory corruption
if /typecheck is handled
https://bugs.ghostscript.com/show_bug.cgi?id=699668
https://bugzilla.suse.com/show_bug.cgi?id=1107413 bsc#1107413
* CVE-2018-16541 incorrect free logic in pagedevice replacement
https://bugs.ghostscript.com/show_bug.cgi?id=699664
https://bugzilla.suse.com/show_bug.cgi?id=1107421 bsc#1107421
* CVE-2018-16540 use-after-free in copydevice handling
https://bugs.ghostscript.com/show_bug.cgi?id=699661
https://bugzilla.suse.com/show_bug.cgi?id=1107420 bsc#1107420
* CVE-2018-16539: incorrect access checking in temp file
handling to disclose contents of files
https://bugs.ghostscript.com/show_bug.cgi?id=699658
https://bugzilla.suse.com/show_bug.cgi?id=1107422 bsc#1107422
* CVE-2018-16543: gssetresolution and gsgetresolution allow
for unspecified impact
https://bugs.ghostscript.com/show_bug.cgi?id=699670
https://bugzilla.suse.com/show_bug.cgi?id=1107423 bsc#1107423
* CVE-2018-16511: type confusion in "ztype" could be used by
remote attackers able to supply crafted PostScript to crash
the interpreter or possibly have unspecified other impact
https://bugs.ghostscript.com/show_bug.cgi?id=699659
https://bugzilla.suse.com/show_bug.cgi?id=1107426 bsc#1107426
* CVE-2018-16585 .setdistillerkeys PostScript command is
accepted even though it is not intended for use
https://bugzilla.suse.com/show_bug.cgi?id=1107581 bsc#1107581
* CVE-2018-16802: Incorrect"restoration of privilege" checking
when running out of stack during exceptionhandling could be
used by attackers able to supply crafted PostScript to execute
code using the "pipe" instruction. This is due to an incomplete
fix for CVE-2018-16509
https://bugs.ghostscript.com/show_bug.cgi?id=699714
https://bugs.ghostscript.com/show_bug.cgi?id=699718
https://bugzilla.suse.com/show_bug.cgi?id=1108027 bnc#1108027
Regarding what the above "should fix" means:
PostScript is a general purpose Turing-complete programming
language (cf. https://en.wikipedia.org/wiki/PostScript)
that supports in particular file access on the system disk.
When Ghostscript processes PostScript it runs a PostScript
program as the user who runs Ghostscript.
When Ghostscript processes an arbitrary PostScript file,
the user who runs Ghostscript runs an arbitrary program
which can do anything on the system where Ghostscript runs
that this user is allowed to do on that system.
To make it safer when Ghostscript runs a PostScript program
the Ghostscript command line option '-dSAFER' disables
certain file access functionality, for details see
/usr/share/doc/ghostscript/9.25/Use.htm
Its name 'SAFER' says everything: It makes it 'safer'
to let Ghostscript run a PostScript program,
but it does not make it completely safe.
In theory software is safe against misuse (i.e. has no bugs).
In practice there is an endless sequence of various kind of
security issues (i.e. software can be misused to do more than
what is intended) that get fixed issue by issue ad infinitum.
In the end all that means:
In practice the user who runs Ghostscript must not let it
process arbitrary PostScript files from untrusted origin.
In particular Ghostscript is usually run when printing
documents (with the '-dSAFER' option set), see the part about
"It is crucial to limit access to CUPS to trusted users" in
https://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings
-------------------------------------------------------------------
Thu Sep 13 14:14:39 CEST 2018 - jsmeix@suse.de
- Version upgrade to 9.25rc1 (first release candidate for 9.25).
Highlights in this release include:
* This release fixes problems with argument handling, some
unintended results of the security fixes to the SAFER file
access restrictions (specifically accessing ICC profile files),
and some additional security issues over the 9.24 release.
* Security issues have been the primary focus of this release,
including solving several (well publicised) real
and potential exploits.
PLEASE NOTE:
We (i.e. Ghostscript upstream) strongly urge users to upgrade
to this latest release to avoid these issues.
* Avoid that ps2epsi fails with
'Error: /undefined in --setpagedevice--'
Recent changes required to harden SAFER mode mean that
it is no longer possible to run ps2epsi in SAFER mode,
because it relies upon unsafe Ghostscript non-standard
extension operators.
Removing SAFER and DELAYSAFER, and the code to reset SAFER,
allow ps2epsi to run as well as it ever did (ie badly).
This program (i.e. ps2epsi) should now be considered unsafe,
you should not use it on untrusted PostScript programs.
Likely we (i.e. Ghostscript upstream) will deprecate and
remove this program in future.
For details see the News.htm and History9.htm files.
Regarding installing packages (in particular release candidates)
from the openSUSE build service development project "Printing"
see https://build.opensuse.org/project/show/Printing
-------------------------------------------------------------------
Thu Sep 13 10:25:21 CEST 2018 - jsmeix@suse.de
- Version upgrade to 9.24
Highlights in this release include:
* Security issues have been the primary focus of this release,
including solving several (well publicised)
real and potential exploits.
PLEASE NOTE:
We (i.e. Ghostscript upstream) strongly urge users to upgrade
to this latest release to avoid these issues.
* As well as Ghostscript itself, jbig2dec has had a significant
amount of work improving its robustness in the face of
out specification files.
* IMPORTANT: We (i.e. Ghostscript upstream) are in the process
of forking LittleCMS. LCMS2 is not thread safe, and cannot
be made thread safe without breaking the ABI. Our fork
will be thread safe, and include performance enhancements
(these changes have all be been offered and rejected upstream).
We will maintain compatibility between Ghostscript and LCMS2
for a time, but not in perpetuity. Our fork will be available
as its own package separately from Ghostscript (and MuPDF).
* The usual round of bug fixes, compatibility changes,
and incremental improvements.
For a release summary see:
http://www.ghostscript.com/doc/9.24/News.htm
For details see the News.htm and History9.htm files.
- fix_ln_docdir_gsdatadir.patch is no longer needed
because the issue is fixed in the upstream sources.
- CVE-2018-10194.patch is no longer needed
because the issue is fixed in the upstream sources.
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Jun 5 14:47:59 CEST 2018 - jsmeix@suse.de Tue Jun 5 14:47:59 CEST 2018 - jsmeix@suse.de

44
ghostscript.spec
View File

@@ -57,53 +57,44 @@ Url: http://www.ghostscript.com/
# But only with the alphabetic prefix "9.pre15rc1" would be older than the previous version number "9.14" # But only with the alphabetic prefix "9.pre15rc1" would be older than the previous version number "9.14"
# because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers
# so that we keep additionally the previous version number to upgrade from the previous version: # so that we keep additionally the previous version number to upgrade from the previous version:
#Version: 9.22pre23rc1 #Version: 9.24pre25rc1
# Normal version for Ghostscript releases is the upstream version: # Normal version for Ghostscript releases is the upstream version:
Version: 9.23 Version: 9.25
Release: 0 Release: 0
# tarball_version is used below to specify the directory via "setup -n": # tarball_version is used below to specify the directory via "setup -n":
# Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1". # Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1".
# For Ghostscript releases tarball_version and version are the same (i.e. the upstream version): # For Ghostscript releases tarball_version and version are the same (i.e. the upstream version):
%define tarball_version %{version} %define tarball_version %{version}
#define tarball_version 9.23rc1 #define tarball_version 9.25rc1
# built_version is used below in the install and files sections: # built_version is used below in the install and files sections:
# Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15". # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15".
# For Ghostscript releases built_version and version are the same (i.e. the upstream version): # For Ghostscript releases built_version and version are the same (i.e. the upstream version):
%define built_version %{version} %define built_version %{version}
#define built_version 9.23 #define built_version 9.25
# Source0...Source9 is for sources from upstream: # Source0...Source9 is for sources from upstream:
# Special URLs for Ghostscript release candidates: # Special URLs for Ghostscript release candidates:
# see https://github.com/ArtifexSoftware/ghostpdl-downloads/releases # see https://github.com/ArtifexSoftware/ghostpdl-downloads/releases
# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs923rc1/ghostscript-9.23rc1.tar.gz # URL for Source0:
# How to download it: # wget -O ghostscript-9.25rc1.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs925rc1/ghostscript-9.25rc1.tar.gz
# wget -O ghostscript-9.23rc1.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs923rc1/ghostscript-9.23rc1.tar.gz # URL for MD5 checksums:
# wget -O gs925rc1.MD5SUMS https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs925rc1/MD5SUMS
# MD5 checksum for Source0: 2dc56f05c4e479b9a2cbb8221f669c8f ghostscript-9.25rc1.tar.gz
#Source0: ghostscript-%{tarball_version}.tar.gz #Source0: ghostscript-%{tarball_version}.tar.gz
# Normal URLs for Ghostscript releases: # Normal URLs for Ghostscript releases:
# URL for Source0: # URL for Source0:
# wget -O ghostscript-9.23.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs923/ghostscript-9.23.tar.gz # wget -O ghostscript-9.25.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs925/ghostscript-9.25.tar.gz
# URL for MD5 checksums: # URL for MD5 checksums:
# wget -O gs923.MD5SUMS https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs923/MD5SUMS # wget -O gs925.MD5SUMS https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs925/MD5SUMS
# MD5 checksum for Source0: 5a47ab47cd22dec1eb5f51c06f1c9d9c # MD5 checksum for Source0: eebd0fadbfa8e800094422ce65e94d5d ghostscript-9.25.tar.gz
Source0: ghostscript-%{version}.tar.gz Source0: ghostscript-%{version}.tar.gz
# Patch0...Patch9 is for patches from upstream: # Patch0...Patch9 is for patches from upstream:
# Source10...Source99 is for sources from SUSE which are intended for upstream: # Source10...Source99 is for sources from SUSE which are intended for upstream:
# Patch10...Patch99 is for patches from SUSE which are intended for upstream: # Patch10...Patch99 is for patches from SUSE which are intended for upstream:
# Avoid
# ln -s /home/abuild/rpmbuild/BUILDROOT/ghostscript-9.22pre23rc1-104.1.i386/usr/share/doc/ghostscript/9.23 /usr/share/ghostscript/9.23/doc
# ln: failed to create symbolic link '/usr/share/ghostscript/9.23/doc': No such file or directory
# base/unixinst.mak:162: recipe for target 'install-doc' failed
# make[1]: *** [install-doc] Error 1
Patch12: fix_ln_docdir_gsdatadir.patch
# Source100...Source999 is for sources from SUSE which are not intended for upstream: # Source100...Source999 is for sources from SUSE which are not intended for upstream:
# Patch100...Patch999 is for patches from SUSE which are not intended for upstream: # Patch100...Patch999 is for patches from SUSE which are not intended for upstream:
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball: # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball:
Patch100: remove-zlib-h-dependency.patch Patch100: remove-zlib-h-dependency.patch
# Patch101 fixes stack-based buffer overflow in gdevpdts.c
# see https://bugzilla.suse.com/show_bug.cgi?id=1090099
# and https://bugs.ghostscript.com/show_bug.cgi?id=699255
# and http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
Patch101: CVE-2018-10194.patch
# RPM dependencies: # RPM dependencies:
# Additional RPM Provides of the ghostscript-library packages in openSUSE 11.4 from # Additional RPM Provides of the ghostscript-library packages in openSUSE 11.4 from
# "rpm -q --provides ghostscript-library" and "rpm -q --provides ghostscript-x11": # "rpm -q --provides ghostscript-library" and "rpm -q --provides ghostscript-x11":
@@ -278,23 +269,12 @@ This package contains the development files for Ghostscript.
# Be quiet when unpacking and # Be quiet when unpacking and
# use a directory name matching Source0 to make it work also for ghostscript-mini: # use a directory name matching Source0 to make it work also for ghostscript-mini:
%setup -q -n ghostscript-%{tarball_version} %setup -q -n ghostscript-%{tarball_version}
# Avoid
# ln -s /home/abuild/rpmbuild/BUILDROOT/ghostscript-9.22pre23rc1-104.1.i386/usr/share/doc/ghostscript/9.23 /usr/share/ghostscript/9.23/doc
# ln: failed to create symbolic link '/usr/share/ghostscript/9.23/doc': No such file or directory
# base/unixinst.mak:162: recipe for target 'install-doc' failed
# make[1]: *** [install-doc] Error 1
%patch12
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball. # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball.
# Again use the zlib sources from Ghostscript upstream # Again use the zlib sources from Ghostscript upstream
# and disable remove-zlib-h-dependency.patch because # and disable remove-zlib-h-dependency.patch because
# Ghostscript 9.21 does no longer build this way: # Ghostscript 9.21 does no longer build this way:
#patch100 -p1 -b remove-zlib-h-dependency.orig #patch100 -p1 -b remove-zlib-h-dependency.orig
# Patch101 fixes stack-based buffer overflow in gdevpdts.c
# see https://bugzilla.suse.com/show_bug.cgi?id=1090099
# and https://bugs.ghostscript.com/show_bug.cgi?id=699255
# and http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
%patch101 -b CVE-2018-10194.orig
# Remove patch backup files to avoid packaging # Remove patch backup files to avoid packaging
# cf. https://build.opensuse.org/request/show/581052 # cf. https://build.opensuse.org/request/show/581052
rm -f Resource/Init/*.ps.orig rm -f Resource/Init/*.ps.orig