import ghostscript-9.25-5.el8_1.1
This commit is contained in:
parent
8ef68b1e7e
commit
43d4a0de8b
40
SOURCES/ghostscript-cve-2019-14869.patch
Normal file
40
SOURCES/ghostscript-cve-2019-14869.patch
Normal file
@ -0,0 +1,40 @@
|
||||
diff --git a/Resource/Init/gs_ttf.ps b/Resource/Init/gs_ttf.ps
|
||||
index 064b6c8..600907e 100644
|
||||
--- a/Resource/Init/gs_ttf.ps
|
||||
+++ b/Resource/Init/gs_ttf.ps
|
||||
@@ -1421,7 +1421,7 @@ mark
|
||||
TTFDEBUG { (\n1 setting alias: ) print dup ==only
|
||||
( to be the same as ) print 2 index //== exec } if
|
||||
|
||||
- 7 index 2 index 3 -1 roll exch .forceput
|
||||
+ 7 index 2 index 3 -1 roll exch put
|
||||
} forall
|
||||
pop pop pop
|
||||
}
|
||||
@@ -1439,7 +1439,7 @@ mark
|
||||
exch pop
|
||||
TTFDEBUG { (\n2 setting alias: ) print 1 index ==only
|
||||
( to use glyph index: ) print dup //== exec } if
|
||||
- 5 index 3 1 roll .forceput
|
||||
+ 5 index 3 1 roll put
|
||||
//false
|
||||
}
|
||||
{
|
||||
@@ -1456,7 +1456,7 @@ mark
|
||||
{ % CharStrings(dict) isunicode(boolean) cmap(dict) RAGL(dict) gname(name) codep(integer) gindex(integer)
|
||||
TTFDEBUG { (\3 nsetting alias: ) print 1 index ==only
|
||||
( to be index: ) print dup //== exec } if
|
||||
- exch pop 5 index 3 1 roll .forceput
|
||||
+ exch pop 5 index 3 1 roll put
|
||||
}
|
||||
{
|
||||
pop pop
|
||||
@@ -1486,7 +1486,7 @@ mark
|
||||
} ifelse
|
||||
]
|
||||
TTFDEBUG { (Encoding: ) print dup === flush } if
|
||||
-} .bind executeonly odef % hides .forceput
|
||||
+} .bind odef
|
||||
|
||||
% to be removed 9.09......
|
||||
currentdict /postalias undef
|
@ -37,7 +37,7 @@
|
||||
Name: ghostscript
|
||||
Summary: Interpreter for PostScript language & PDF
|
||||
Version: 9.25
|
||||
Release: 5%{?dist}
|
||||
Release: 5%{?dist}.1
|
||||
|
||||
License: AGPLv3+
|
||||
|
||||
@ -105,6 +105,7 @@ Patch014: ghostscript-pdf2dsc-regression.patch
|
||||
Patch015: ghostscript-cve-2019-10216.patch
|
||||
Patch016: ghostscript-cve-2019-14811-14812-14813.patch
|
||||
Patch017: ghostscript-cve-2019-14817.patch
|
||||
Patch018: ghostscript-cve-2019-14869.patch
|
||||
|
||||
# Downstream patches -- these should be always included when doing rebase:
|
||||
# ------------------
|
||||
@ -444,6 +445,9 @@ done
|
||||
# =============================================================================
|
||||
|
||||
%changelog
|
||||
* Fri Nov 08 2019 Zdenek Dohnal <zdohnal@redhat.com> - 9.25-5.1
|
||||
- 1769342 - CVE-2019-14869 ghostscript: -dSAFER escape in .charkeys
|
||||
|
||||
* Thu Aug 22 2019 Martin Osvald <mosvald@redhat.com> - 9.25-5
|
||||
- Resolves: #1744011 - CVE-2019-14811 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdf_hook_DSC_Creator (701445)
|
||||
- Resolves: #1744015 - CVE-2019-14812 ghostscript: Safer Mode Bypass by .forceput Exposure in setuserparams (701444)
|
||||
|
Loading…
Reference in New Issue
Block a user