Fixed CVE-2020-21683

Resolves: #1998594
This commit is contained in:
Ondrej Dubaj 2021-08-30 10:57:41 +02:00
parent a12d747fb9
commit 952fb15c98
2 changed files with 27 additions and 0 deletions

25
0010-CVE-2020-21683.patch Normal file
View File

@ -0,0 +1,25 @@
Subject: [PATCH] Fix pstricks fill with non-solid default color
In the pstricks output, filling an area with the shaded or tinted default color
is now equivalent to filling with shaded or tinted black color.
---
fig2dev/dev/genpstricks.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fig2dev/dev/genpstricks.c b/fig2dev/dev/genpstricks.c
index cf49207..40ea577 100644
--- a/fig2dev/dev/genpstricks.c
+++ b/fig2dev/dev/genpstricks.c
@@ -1856,7 +1856,8 @@ format_options(char *options, char *prefix, char *postfix, char *sqrb_init,
else if (fill_style <= 40)
/* shade or tint fill */
sprintf(tmps, "fillstyle=solid,fillcolor=%s",
- shade_or_tint_name_after_declare_color(tmpc, fill_style, fill_color));
+ shade_or_tint_name_after_declare_color(tmpc, fill_style,
+ fill_color == DEFAULT ? CT_BLACK : fill_color));
else {
char *type = 0, *ps;
int angle = 0;
--
2.31.1

View File

@ -16,6 +16,7 @@ Patch6: 0006-fig2dev-version-prints-version-information.patch
Patch7: 0007-Use-getopt-from-standard-libraries-if-available.patch Patch7: 0007-Use-getopt-from-standard-libraries-if-available.patch
Patch8: 0008-Replace-most-calls-to-fgets-by-getline-in-read.c.patch Patch8: 0008-Replace-most-calls-to-fgets-by-getline-in-read.c.patch
Patch9: 0009-CVE-2020-21681.patch Patch9: 0009-CVE-2020-21681.patch
Patch10: 0010-CVE-2020-21683.patch
Requires: ghostscript Requires: ghostscript
Requires: bc Requires: bc
@ -70,6 +71,7 @@ mv fig2dev.1.in.new man/fig2dev.1.in
%changelog %changelog
* Mon Aug 30 2021 Ondrej Dubaj <odubaj@redhat.com> - 1:3.2.7b-7 * Mon Aug 30 2021 Ondrej Dubaj <odubaj@redhat.com> - 1:3.2.7b-7
- Fixed CVE-2020-21681 (#1998350) - Fixed CVE-2020-21681 (#1998350)
- Fixed CVE-2020-21683 (#1998594)
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.2.7b-6 * Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1:3.2.7b-6
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags