diff --git a/ghostscript-9.27-CVE-2023-4042.patch b/ghostscript-9.27-CVE-2023-4042.patch new file mode 100644 index 0000000..d2b9af7 --- /dev/null +++ b/ghostscript-9.27-CVE-2023-4042.patch @@ -0,0 +1,28 @@ +From 2793769ff107d8d22dadd30c6e68cd781b569550 Mon Sep 17 00:00:00 2001 +From: Julian Smith +Date: Mon, 4 Nov 2019 12:30:33 +0000 +Subject: [PATCH] Bug 701819: fixed ordering in if expression to avoid + out-of-bounds access. + +Fixes: + ./sanbin/gs -dBATCH -dNOPAUSE -r965 -sOutputFile=tmp -sDEVICE=pcx16 ../bug-701819.pdf +--- + devices/gdevpcx.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/devices/gdevpcx.c b/devices/gdevpcx.c +index 1735851d2..91de4abb6 100644 +--- a/devices/gdevpcx.c ++++ b/devices/gdevpcx.c +@@ -442,7 +442,7 @@ pcx_write_rle(const byte * from, const byte * end, int step, gp_file * file) + byte data = *from; + + from += step; +- if (data != *from || from == end) { ++ if (from >= end || data != *from) { + if (data >= 0xc0) + putc(0xc1, file); + } else { +-- +2.41.0 + diff --git a/ghostscript.spec b/ghostscript.spec index a9a73eb..6a4b9b5 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -37,7 +37,7 @@ Name: ghostscript Summary: Interpreter for PostScript language & PDF Version: 9.27 -Release: 10%{?dist} +Release: 11%{?dist} License: AGPLv3+ @@ -111,6 +111,7 @@ Patch018: ghostscript-9.27-fix-bbox.patch Patch019: ghostscript-9.27-pdfwrite-Substituted-TTF-CIDFont-CID-hand.patch Patch020: ghostscript-9.27-CVE-2023-28879.patch Patch021: ghostscript-9.27-CVE-2023-38559.patch +Patch022: ghostscript-9.27-CVE-2023-4042.patch # Downstream patches -- these should be always included when doing rebase: @@ -451,6 +452,10 @@ done # ============================================================================= %changelog +* Fri Aug 04 2023 Richard Lescak - 9.27-11 +- fix for CVE-2023-4042 +- Resolves: rhbz#2228153 + * Fri Aug 04 2023 Richard Lescak - 9.27-10 - fix for CVE-2023-38559 - Resolves: rhbz#2224371