rpms/ghostscript
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Added security patch for CVE-2016-10217

Browse Source 
Resolves: #1441564
This commit is contained in:
David Kaspar [Dee'Kej] 2017-04-27 17:58:32 +02:00
parent 3706c3f331
commit fb69d56b4e
2 changed files with 42 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
ghostscript-9.20-cve-2016-10217.patch Normal file
View File

@ -0,0 +1,33 @@
From 90fd0c7ca3efc1ddff64a86f4104b13b3ac969eb Mon Sep 17 00:00:00 2001
From: Michael Vrhel <michael.vrhel@artifex.com>
Date: Thu, 29 Dec 2016 14:00:21 -0800
Subject: [PATCH] Bug 697456. Dont create new ctx when pdf14 device reenabled
This bug had yet another weird case where the user created a
file that pushed the pdf14 device twice. We were in that case,
creating a new ctx and blowing away the original one with out
proper clean up. To avoid, only create a new one when we need it.
---
base/gdevp14.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/base/gdevp14.c b/base/gdevp14.c
index fd56ec9..f19318e 100644
--- a/base/gdevp14.c
+++ b/base/gdevp14.c
@@ -1669,8 +1669,10 @@ pdf14_open(gx_device *dev)
rect.p.y = 0;
rect.q.x = dev->width;
rect.q.y = dev->height;
- pdev->ctx = pdf14_ctx_new(&rect, dev->color_info.num_components,
- pdev->color_info.polarity != GX_CINFO_POLARITY_SUBTRACTIVE, dev);
+ /* If we are reenabling the device dont create a new ctx. Bug 697456 */
+ if (pdev->ctx == NULL)
+ pdev->ctx = pdf14_ctx_new(&rect, dev->color_info.num_components,
+ pdev->color_info.polarity != GX_CINFO_POLARITY_SUBTRACTIVE, dev);
if (pdev->ctx == NULL)
return_error(gs_error_VMerror);
pdev->free_devicen = true;
--
2.9.3

10
ghostscript.spec
View File

@ -5,7 +5,7 @@ Summary: A PostScript interpreter and renderer
Name: ghostscript Name: ghostscript
Version: %{gs_ver} Version: %{gs_ver}
Release: 8%{?dist} Release: 9%{?dist}
# Included CMap data is Redistributable, no modification permitted, # Included CMap data is Redistributable, no modification permitted,
# see http://bugzilla.redhat.com/487510 # see http://bugzilla.redhat.com/487510
@ -31,6 +31,7 @@ Patch8: ghostscript-9.20-cve-2016-8602.patch
Patch9: ghostscript-9.20-cve-2016-7977.patch Patch9: ghostscript-9.20-cve-2016-7977.patch
Patch12: ghostscript-9.20-cve-2016-9601.patch Patch12: ghostscript-9.20-cve-2016-9601.patch
Patch13: ghostscript-9.20-cve-2017-7207.patch Patch13: ghostscript-9.20-cve-2017-7207.patch
Patch14: ghostscript-9.20-cve-2016-10217.patch
Requires: %{name}-core%{?_isa} = %{version}-%{release} Requires: %{name}-core%{?_isa} = %{version}-%{release}
Requires: %{name}-x11%{?_isa} = %{version}-%{release} Requires: %{name}-x11%{?_isa} = %{version}-%{release}
@ -159,6 +160,9 @@ rm -rf expat freetype icclib jasper jpeg jpegxr lcms lcms2 libpng openjpeg zlib
# Check for null-pointer dereference in mem_get_bits_rectangle() (bug #1434497): # Check for null-pointer dereference in mem_get_bits_rectangle() (bug #1434497):
%patch13 -p1 %patch13 -p1
# CVE-2016-10217 (bug #1441564):
%patch14 -p1
# Convert manual pages to UTF-8 # Convert manual pages to UTF-8
from8859_1() { from8859_1() {
iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_" iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_"
@ -355,6 +359,10 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/libgs.so %{_libdir}/libgs.so
%changelog %changelog
* Thu Apr 27 2017 David Kaspar [Dee'Kej] <dkaspar@redhat.com> - 9.20-9
- Added security fixes for:
- CVE-2016-10217 (bug #1441564)
* Thu Apr 06 2017 David Kaspar [Dee'Kej] <dkaspar@redhat.com> - 9.20-8 * Thu Apr 06 2017 David Kaspar [Dee'Kej] <dkaspar@redhat.com> - 9.20-8
Added security fix for CVE-2017-7207 (bug #1434497) Added security fix for CVE-2017-7207 (bug #1434497)