diff options
| author | tez <tez@pkgsrc.org> | 2017-04-05 20:11:01 +0000 |
|---|---|---|
| committer | tez <tez@pkgsrc.org> | 2017-04-05 20:11:01 +0000 |
| commit | 0efef4c28e351baf35d6a109a63d2ef4c45d930b (patch) | |
| tree | 04e3663bf6ec836ca5dd184c19db079663dbc26b /print | |
| parent | ec06ebba7a0c079c3d35ac7af165fc9509ddc78c (diff) | |
| download | pkgsrc-0efef4c28e351baf35d6a109a63d2ef4c45d930b.tar.gz | |
Fix for CVE-2017-7207
Diffstat (limited to 'print')
| -rw-r--r-- | print/ghostscript-gpl/Makefile | 4 | ||||
| -rw-r--r-- | print/ghostscript-gpl/distinfo | 3 | ||||
| -rw-r--r-- | print/ghostscript-gpl/patches/patch-CVE-2017-7207 | 17 |
3 files changed, 21 insertions, 3 deletions
diff --git a/print/ghostscript-gpl/Makefile b/print/ghostscript-gpl/Makefile index 0920c561f1c..fca57039b35 100644 --- a/print/ghostscript-gpl/Makefile +++ b/print/ghostscript-gpl/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.23 2017/03/23 20:38:24 tez Exp $ +# $NetBSD: Makefile,v 1.24 2017/04/05 20:11:01 tez Exp $ DISTNAME= ghostscript-${GS_VERSION} PKGNAME= ${DISTNAME:S/ghostscript/ghostscript-gpl/} -PKGREVISION= 10 +PKGREVISION= 11 CATEGORIES= print MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=ghostscript/} MASTER_SITES+= http://ghostscript.com/releases/ diff --git a/print/ghostscript-gpl/distinfo b/print/ghostscript-gpl/distinfo index ce389a6ab3a..1f0f2e7c270 100644 --- a/print/ghostscript-gpl/distinfo +++ b/print/ghostscript-gpl/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.14 2017/03/23 20:38:24 tez Exp $ +$NetBSD: distinfo,v 1.15 2017/04/05 20:11:01 tez Exp $ SHA1 (ghostscript-9.06.tar.bz2) = 4c1c2b4cddd16d86b21f36ad4fc15f6100162238 RMD160 (ghostscript-9.06.tar.bz2) = 11ef74cf783ec5f7cde0ceaaf2823a1f62fb4d1d @@ -11,6 +11,7 @@ SHA1 (patch-CVE-2014-8157) = 18822069b9791fc3553e812878cfca483d881cd4 SHA1 (patch-CVE-2014-8158) = 71387f152a205caaef0fcc518dbb0fbb7b78e531 SHA1 (patch-CVE-2014-9029) = 9636c7d6909fc0dec7ad2102b59fb14d599bac6a SHA1 (patch-CVE-2017-6196) = 311d9236dd5abcd48ae0f412bf481e105b6207dc +SHA1 (patch-CVE-2017-7207) = 31f4a73b49b52942385eaa3c8cf2a94b5bbde6df SHA1 (patch-af) = 79af4d253001f879f1b5d3ef93584ae7300361de SHA1 (patch-ah) = 73a05ee51845ca70e1b18c50dee98d6799a46d52 SHA1 (patch-ai) = 3962a3acac1d4537dbbe3fc3b205aba87387d485 diff --git a/print/ghostscript-gpl/patches/patch-CVE-2017-7207 b/print/ghostscript-gpl/patches/patch-CVE-2017-7207 new file mode 100644 index 00000000000..9df04617c8f --- /dev/null +++ b/print/ghostscript-gpl/patches/patch-CVE-2017-7207 @@ -0,0 +1,17 @@ +$NetBSD: patch-CVE-2017-7207,v 1.1 2017/04/05 20:11:01 tez Exp $ + +Fix for CVE-2017-7207 from +http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=309eca4e0a31ea70dcc844812691439312dad091;hp=dd5da2cb3e08398ac6d86598b36b00994d058308 + + +--- base/gdevmem.c.orig 2017-04-05 19:13:09.561063700 +0000 ++++ base/gdevmem.c +@@ -562,6 +562,8 @@ mem_get_bits_rectangle(gx_device * dev, + GB_PACKING_CHUNKY | GB_COLORS_NATIVE | GB_ALPHA_NONE; + return_error(gs_error_rangecheck); + } ++ if (mdev->line_ptrs == 0x00) ++ return_error(gs_error_rangecheck); + if ((w <= 0) | (h <= 0)) { + if ((w | h) < 0) + return_error(gs_error_rangecheck); |