rpms/ghostscript
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Added security patch for CVE-2017-5951

Browse Source 
Resolves: #1441572
This commit is contained in:
David Kaspar [Dee'Kej] 2017-04-28 13:20:59 +02:00
parent e76b7b9160
commit a5b3ec305a
2 changed files with 44 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
ghostscript-9.20-cve-2017-5951.patch Normal file
View File

@ -0,0 +1,39 @@
From bfa6b2ecbe48edc69a7d9d22a12419aed25960b8 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Thu, 6 Apr 2017 16:44:54 +0100
Subject: [PATCH] Bug 697548: use the correct param list enumerator
When we encountered dictionary in a ref_param_list, we were using the enumerator
for the "parent" param_list, rather than the enumerator for the param_list
we just created for the dictionary. That parent was usually the stack
list enumerator, and caused a segfault.
Using the correct enumerator works better.
---
psi/iparam.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/psi/iparam.c b/psi/iparam.c
index 4e63b6d..b2fa85f 100644
--- a/psi/iparam.c
+++ b/psi/iparam.c
@@ -770,12 +770,13 @@ ref_param_read_typed(gs_param_list * plist, gs_param_name pkey,
gs_param_enumerator_t enumr;
gs_param_key_t key;
ref_type keytype;
+ dict_param_list *dlist = (dict_param_list *) pvalue->value.d.list;
param_init_enumerator(&enumr);
- if (!(*((iparam_list *) plist)->enumerate)
- ((iparam_list *) pvalue->value.d.list, &enumr, &key, &keytype)
+ if (!(*(dlist->enumerate))
+ ((iparam_list *) dlist, &enumr, &key, &keytype)
&& keytype == t_integer) {
- ((dict_param_list *) pvalue->value.d.list)->int_keys = 1;
+ dlist->int_keys = 1;
pvalue->type = gs_param_type_dict_int_keys;
}
}
--
2.9.3

5
ghostscript.spec
View File

@ -35,6 +35,7 @@ Patch14: ghostscript-9.20-cve-2016-10217.patch
Patch15: ghostscript-9.20-cve-2016-10218.patch Patch15: ghostscript-9.20-cve-2016-10218.patch
Patch16: ghostscript-9.20-cve-2016-10219.patch Patch16: ghostscript-9.20-cve-2016-10219.patch
Patch17: ghostscript-9.20-cve-2016-10220.patch Patch17: ghostscript-9.20-cve-2016-10220.patch
Patch18: ghostscript-9.20-cve-2017-5951.patch
Requires: %{name}-core%{?_isa} = %{version}-%{release} Requires: %{name}-core%{?_isa} = %{version}-%{release}
Requires: %{name}-x11%{?_isa} = %{version}-%{release} Requires: %{name}-x11%{?_isa} = %{version}-%{release}
@ -175,6 +176,9 @@ rm -rf expat freetype icclib jasper jpeg jpegxr lcms lcms2 libpng openjpeg zlib
# CVE-2016-10220 (bug #1441571): # CVE-2016-10220 (bug #1441571):
%patch17 -p1 %patch17 -p1
# CVE-2017-5951 (bug #1441572):
%patch18 -p1
# Convert manual pages to UTF-8 # Convert manual pages to UTF-8
from8859_1() { from8859_1() {
iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_" iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_"
@ -377,6 +381,7 @@ rm -rf $RPM_BUILD_ROOT
- CVE-2016-10218 (bug #1441568) - CVE-2016-10218 (bug #1441568)
- CVE-2016-10219 (bug #1441569) - CVE-2016-10219 (bug #1441569)
- CVE-2016-10220 (bug #1441571) - CVE-2016-10220 (bug #1441571)
- CVE-2017-5951 (bug #1441572)
* Thu Apr 06 2017 David Kaspar [Dee'Kej] <dkaspar@redhat.com> - 9.20-8 * Thu Apr 06 2017 David Kaspar [Dee'Kej] <dkaspar@redhat.com> - 9.20-8
Added security fix for CVE-2017-7207 (bug #1434497) Added security fix for CVE-2017-7207 (bug #1434497)