From 577ec8f749c409b4e40d311e369c406dd8fa7b6b Mon Sep 17 00:00:00 2001 From: Zdenek Dohnal Date: Fri, 15 Nov 2019 10:51:14 +0100 Subject: [PATCH] 1772486 - ghostscript: -dSAFER escape in .charkeys (701841) --- ghostscript-cve-2019-14869.patch | 40 ++++++++++++++++++++++++++++++++ ghostscript.spec | 6 ++++- 2 files changed, 45 insertions(+), 1 deletion(-) create mode 100644 ghostscript-cve-2019-14869.patch diff --git a/ghostscript-cve-2019-14869.patch b/ghostscript-cve-2019-14869.patch new file mode 100644 index 0000000..240e732 --- /dev/null +++ b/ghostscript-cve-2019-14869.patch @@ -0,0 +1,40 @@ +diff --git a/Resource/Init/gs_ttf.ps b/Resource/Init/gs_ttf.ps +index e34967d..5354ff0 100644 +--- a/Resource/Init/gs_ttf.ps ++++ b/Resource/Init/gs_ttf.ps +@@ -1301,7 +1301,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef + TTFDEBUG { (\n1 setting alias: ) print dup ==only + ( to be the same as ) print 2 index //== exec } if + +- 7 index 2 index 3 -1 roll exch .forceput ++ 7 index 2 index 3 -1 roll exch put + } forall + pop pop pop + } +@@ -1319,7 +1319,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef + exch pop + TTFDEBUG { (\n2 setting alias: ) print 1 index ==only + ( to use glyph index: ) print dup //== exec } if +- 5 index 3 1 roll .forceput ++ 5 index 3 1 roll put + //false + } + { +@@ -1336,7 +1336,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef + { % CharStrings(dict) isunicode(boolean) cmap(dict) RAGL(dict) gname(name) codep(integer) gindex(integer) + TTFDEBUG { (\3 nsetting alias: ) print 1 index ==only + ( to be index: ) print dup //== exec } if +- exch pop 5 index 3 1 roll .forceput ++ exch pop 5 index 3 1 roll put + } + { + pop pop +@@ -1366,7 +1366,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef + } ifelse + ] + TTFDEBUG { (Encoding: ) print dup === flush } if +-} .bind executeonly odef % hides .forceput ++} .bind odef + + % ---------------- CIDFontType 2 font loading ---------------- % + diff --git a/ghostscript.spec b/ghostscript.spec index 407ec31..4b0b8cd 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -43,7 +43,7 @@ Name: ghostscript Summary: Interpreter for PostScript language & PDF Version: 9.27 -Release: 1%{?dist} +Release: 2%{?dist} License: AGPLv3+ @@ -96,6 +96,7 @@ BuildRequires: libXt-devel Patch000: ghostscript-cve-2019-10216.patch Patch001: ghostscript-cve-2019-14811-14812-14813.patch Patch002: ghostscript-cve-2019-14817.patch +Patch003: ghostscript-cve-2019-14869.patch # Downstream patches -- these should be always included when doing rebase: @@ -461,6 +462,9 @@ done # ============================================================================= %changelog +* Thu Nov 14 2019 Zdenek Dohnal - 9.27-2 +- 1772486 - ghostscript: -dSAFER escape in .charkeys (701841) + * Fri Sep 06 2019 Martin Osvald - 9.27-1 - rebase to latest upstream version 9.27 - security fixes added for: