From af3d9cf35a2e1a4828cd51a4e5de177b26cab673 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 27 Sep 2022 05:08:17 -0400 Subject: [PATCH] import ghostscript-9.27-4.el8 --- ...hostscript-9.27-fix-use-of-HWMargins.patch | 16 ++++ SOURCES/ghostscript-cve-2020-16301.patch | 75 +++++++++++++++++++ SPECS/ghostscript.spec | 23 +++++- 3 files changed, 112 insertions(+), 2 deletions(-) create mode 100644 SOURCES/ghostscript-9.27-fix-use-of-HWMargins.patch create mode 100644 SOURCES/ghostscript-cve-2020-16301.patch diff --git a/SOURCES/ghostscript-9.27-fix-use-of-HWMargins.patch b/SOURCES/ghostscript-9.27-fix-use-of-HWMargins.patch new file mode 100644 index 0000000..08aec96 --- /dev/null +++ b/SOURCES/ghostscript-9.27-fix-use-of-HWMargins.patch @@ -0,0 +1,16 @@ +diff -Napur '--exclude=.git' ghostscript-9.27.old/devices/vector/opdfread.ps ghostscript-9.27.new/devices/vector/opdfread.ps +--- ghostscript-9.27.old/devices/vector/opdfread.ps 2019-04-04 00:43:14.000000000 -0700 ++++ ghostscript-9.27.new/devices/vector/opdfread.ps 2022-06-14 17:44:27.963033829 -0700 +@@ -998,10 +998,10 @@ currentdict end readonly def + } if % id obj node + 1 index exch /Context exch put % id obj + dup /ImmediateExec true put +- dup /IsPage true put +- SetPageSize {dup /Context get //SetupPageView exec} if + % This gets restored at the end of ExecuteStream if IsPage is true. + /pagesave save def ++ dup /IsPage true put ++ SetPageSize {dup /Context get //SetupPageView exec} if + } bind def + + /FontFileDaemon % FontFileDaemon diff --git a/SOURCES/ghostscript-cve-2020-16301.patch b/SOURCES/ghostscript-cve-2020-16301.patch new file mode 100644 index 0000000..582ff6d --- /dev/null +++ b/SOURCES/ghostscript-cve-2020-16301.patch @@ -0,0 +1,75 @@ +From f54414c8b15b2c27d1dcadd92cfe84f6d15f18dc Mon Sep 17 00:00:00 2001 +From: Julian Smith +Date: Thu, 31 Oct 2019 13:12:47 +0000 +Subject: [PATCH] Bug 701808: return error from okiibm_print_page1() if x_dpi + too high. + +Avoids asan error in: + ./sanbin/gs -dBATCH -dNOPAUSE -dSAFER -r599 -sOutputFile=tmp -sDEVICE=okiibm ../bug-701808.pdf +--- + devices/gdevokii.c | 46 ++++++++++++++++++++++++++++++++-------------- + 1 file changed, 32 insertions(+), 14 deletions(-) + +diff --git a/devices/gdevokii.c b/devices/gdevokii.c +index d8929a22c..97a1c3b88 100644 +--- a/devices/gdevokii.c ++++ b/devices/gdevokii.c +@@ -96,23 +96,41 @@ okiibm_print_page1(gx_device_printer *pdev, gp_file *prn_stream, int y_9pin_high + -1, 0 /*60*/, 1 /*120*/, -1, 3 /*240*/ + }; + +- int in_y_mult = (y_9pin_high ? 2 : 1); +- int line_size = gdev_mem_bytes_per_scan_line((gx_device *)pdev); +- /* Note that in_size is a multiple of 8. */ +- int in_size = line_size * (8 * in_y_mult); +- byte *buf1 = (byte *)gs_malloc(pdev->memory, in_size, 1, "okiibm_print_page(buf1)"); +- byte *buf2 = (byte *)gs_malloc(pdev->memory, in_size, 1, "okiibm_print_page(buf2)"); +- byte *in = buf1; +- byte *out = buf2; +- int out_y_mult = 1; +- int x_dpi = pdev->x_pixels_per_inch; +- char start_graphics = graphics_modes_9[x_dpi / 60]; +- int first_pass = (start_graphics == 3 ? 1 : 0); +- int last_pass = first_pass * 2; +- int y_passes = (y_9pin_high ? 2 : 1); ++ int in_y_mult; ++ int line_size; ++ int in_size; ++ byte *buf1; ++ byte *buf2; ++ byte *in; ++ byte *out; ++ int out_y_mult; ++ int x_dpi; ++ char start_graphics; ++ int first_pass; ++ int last_pass; ++ int y_passes; + int skip = 0, lnum = 0, pass, ypass; + int y_step = 0; + ++ x_dpi = pdev->x_pixels_per_inch; ++ if (x_dpi / 60 >= sizeof(graphics_modes_9)/sizeof(graphics_modes_9[0])) { ++ return_error(gs_error_rangecheck); ++ } ++ in_y_mult = (y_9pin_high ? 2 : 1); ++ line_size = gdev_mem_bytes_per_scan_line((gx_device *)pdev); ++ /* Note that in_size is a multiple of 8. */ ++ in_size = line_size * (8 * in_y_mult); ++ buf1 = (byte *)gs_malloc(pdev->memory, in_size, 1, "okiibm_print_page(buf1)"); ++ buf2 = (byte *)gs_malloc(pdev->memory, in_size, 1, "okiibm_print_page(buf2)"); ++ in = buf1; ++ out = buf2; ++ out_y_mult = 1; ++ start_graphics = graphics_modes_9[x_dpi / 60]; ++ first_pass = (start_graphics == 3 ? 1 : 0); ++ last_pass = first_pass * 2; ++ y_passes = (y_9pin_high ? 2 : 1); ++ y_step = 0; ++ + /* Check allocations */ + if ( buf1 == 0 || buf2 == 0 ) + { if ( buf1 ) +-- +2.35.3 + diff --git a/SPECS/ghostscript.spec b/SPECS/ghostscript.spec index fd1a3e1..dceffac 100644 --- a/SPECS/ghostscript.spec +++ b/SPECS/ghostscript.spec @@ -37,7 +37,7 @@ Name: ghostscript Summary: Interpreter for PostScript language & PDF Version: 9.27 -Release: 1%{?dist} +Release: 4%{?dist} License: AGPLv3+ @@ -45,6 +45,7 @@ URL: https://ghostscript.com/ Source: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs%{version_short}/ghostscript-%{version}.tar.xz Requires: libgs%{?_isa} = %{version}-%{release} +Requires: jbig2dec-libs >= 0.16 # Auxiliary build requirements: BuildRequires: automake @@ -101,6 +102,10 @@ Patch010: ghostscript-cve-2020-16304.patch Patch011: ghostscript-cve-2020-16306.patch Patch012: ghostscript-cve-2020-16307.patch Patch013: ghostscript-cve-2020-16310.patch +Patch014: ghostscript-cve-2020-16301.patch +# 2097448 - printed text drifts to the right +Patch015: ghostscript-9.27-fix-use-of-HWMargins.patch + # Downstream patches -- these should be always included when doing rebase: # ------------------ @@ -171,7 +176,7 @@ against Ghostscript's library, which provides Ghostscript's core functionality. %package tools-dvipdf Summary: Ghostscript's 'dvipdf' utility Requires: %{name}%{?_isa} = %{version}-%{release} -Requires: %{_bindir}/dvips +Requires: /usr/bin/dvips %description tools-dvipdf This package provides the utility 'dvipdf' for converting of TeX DVI files into @@ -440,6 +445,20 @@ done # ============================================================================= %changelog +* Mon Jul 25 2022 Richard Lescak - 9.27-4 +- changed requirement to jbig2dec-libs +- Resolves: rhbz#2097515, rhbz#2097448 + +* Wed Jul 20 2022 Richard Lescak - 9.27-3 +- fixed drifting text to the right when printing +- added Requirement for jbig2dec +- added patch for CVE-2020-16301 +- Resolves: rhbz#2097515, rhbz#2097448 + +* Fri Jan 22 2021 Anna Khaitovich - 9.27-2 +- tools-dvipdf: require /usr/bin/dvips not %{_bindir}/dvips +- Resolves: rhbz#1918937 + * Tue Sep 01 2020 Anna Khaitovich - 9.27-1 - Rebase to 9.27 - Resolves: rhbz#1874523