diff options
author | tez <tez@pkgsrc.org> | 2017-03-23 20:38:24 +0000 |
---|---|---|
committer | tez <tez@pkgsrc.org> | 2017-03-23 20:38:24 +0000 |
commit | 50aa6126fc2eb943ff991015316a70dd8caabd22 (patch) | |
tree | e76ba47f82b38ee1de1e52e62eb3078ee2a19758 /print/ghostscript-gpl | |
parent | 1f4beffb643d788524fa2c6587584ecb93185b13 (diff) | |
download | pkgsrc-50aa6126fc2eb943ff991015316a70dd8caabd22.tar.gz |
Add patch for CVE-2017-6196
Diffstat (limited to 'print/ghostscript-gpl')
-rw-r--r-- | print/ghostscript-gpl/Makefile | 4 | ||||
-rw-r--r-- | print/ghostscript-gpl/distinfo | 3 | ||||
-rw-r--r-- | print/ghostscript-gpl/patches/patch-CVE-2017-6196 | 41 |
3 files changed, 45 insertions, 3 deletions
diff --git a/print/ghostscript-gpl/Makefile b/print/ghostscript-gpl/Makefile index 9cda64c12ea..0920c561f1c 100644 --- a/print/ghostscript-gpl/Makefile +++ b/print/ghostscript-gpl/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.22 2016/07/09 06:38:50 wiz Exp $ +# $NetBSD: Makefile,v 1.23 2017/03/23 20:38:24 tez Exp $ DISTNAME= ghostscript-${GS_VERSION} PKGNAME= ${DISTNAME:S/ghostscript/ghostscript-gpl/} -PKGREVISION= 9 +PKGREVISION= 10 CATEGORIES= print MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=ghostscript/} MASTER_SITES+= http://ghostscript.com/releases/ diff --git a/print/ghostscript-gpl/distinfo b/print/ghostscript-gpl/distinfo index 1924d03589c..ce389a6ab3a 100644 --- a/print/ghostscript-gpl/distinfo +++ b/print/ghostscript-gpl/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.13 2015/11/04 01:01:33 agc Exp $ +$NetBSD: distinfo,v 1.14 2017/03/23 20:38:24 tez Exp $ SHA1 (ghostscript-9.06.tar.bz2) = 4c1c2b4cddd16d86b21f36ad4fc15f6100162238 RMD160 (ghostscript-9.06.tar.bz2) = 11ef74cf783ec5f7cde0ceaaf2823a1f62fb4d1d @@ -10,6 +10,7 @@ SHA1 (patch-CVE-2014-8138) = be161051680e3c6c9246f31237019470a447ee49 SHA1 (patch-CVE-2014-8157) = 18822069b9791fc3553e812878cfca483d881cd4 SHA1 (patch-CVE-2014-8158) = 71387f152a205caaef0fcc518dbb0fbb7b78e531 SHA1 (patch-CVE-2014-9029) = 9636c7d6909fc0dec7ad2102b59fb14d599bac6a +SHA1 (patch-CVE-2017-6196) = 311d9236dd5abcd48ae0f412bf481e105b6207dc SHA1 (patch-af) = 79af4d253001f879f1b5d3ef93584ae7300361de SHA1 (patch-ah) = 73a05ee51845ca70e1b18c50dee98d6799a46d52 SHA1 (patch-ai) = 3962a3acac1d4537dbbe3fc3b205aba87387d485 diff --git a/print/ghostscript-gpl/patches/patch-CVE-2017-6196 b/print/ghostscript-gpl/patches/patch-CVE-2017-6196 new file mode 100644 index 00000000000..7bf20419e75 --- /dev/null +++ b/print/ghostscript-gpl/patches/patch-CVE-2017-6196 @@ -0,0 +1,41 @@ +$NetBSD: patch-CVE-2017-6196,v 1.1 2017/03/23 20:38:24 tez Exp $ + +Patch for CVE-2017-6196 adapted from: + +http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=ecceafe3abba2714ef9b432035fe0739d9b1a283 + + +--- base/gxipixel.c ++++ base/gxipixel.c +@@ -257,7 +257,6 @@ gx_image_enum_begin(gx_device * dev, con + if ((code = gs_matrix_invert_to_double(&pim->ImageMatrix, &mat)) < 0 || + (code = gs_matrix_multiply_double(&mat, pmat, &mat)) < 0 + ) { +- gs_free_object(mem, penum, "gx_default_begin_image"); + return code; + } + } +@@ -487,7 +486,6 @@ gx_image_enum_begin(gx_device * dev, con + } + if (masked) { /* This is imagemask. */ + if (bps != 1 || pcs != NULL || penum->alpha || decode[0] == decode[1]) { +- gs_free_object(mem, penum, "gx_default_begin_image"); + return_error(gs_error_rangecheck); + } + /* Initialize color entries 0 and 255. */ +@@ -507,7 +505,6 @@ gx_image_enum_begin(gx_device * dev, con + + spp = cs_num_components(pcs); + if (spp < 0) { /* Pattern not allowed */ +- gs_free_object(mem, penum, "gx_default_begin_image"); + return_error(gs_error_rangecheck); + } + if (penum->alpha) +@@ -613,7 +610,6 @@ gx_image_enum_begin(gx_device * dev, con + bsize = ((bps > 8 ? width * 2 : width) + 15) * spp; + buffer = gs_alloc_bytes(mem, bsize, "image buffer"); + if (buffer == 0) { +- gs_free_object(mem, penum, "gx_default_begin_image"); + return_error(gs_error_VMerror); + } + penum->bps = bps; |