Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2017-05-03 15:53:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ghostscript" Wed May 3 15:53:38 2017 rev:27 rq:492485 version:9.21 Changes: -------- --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2017-02-04 17:57:08.913012190 +0100 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes 2017-05-03 15:53:53.168212350 +0200 @@ -1,0 +2,96 @@ +Tue May 2 14:27:22 CEST 2017 - jsm...@suse.de + +- CVE-2017-8291.patch fixes + a type confusion in .rsdparams and .eqproc + see https://bugs.ghostscript.com/show_bug.cgi?id=697808 + and https://bugs.ghostscript.com/show_bug.cgi?id=697799 + (bsc#1036453). + +------------------------------------------------------------------- +Wed Apr 12 11:12:27 CEST 2017 - jsm...@suse.de + +- CVE-2016-10317 (bsc#1032230) + heap buffer overflow in fill_threshhold_buffer() + is not yet fixed because there is no fix available at + https://bugs.ghostscript.com/show_bug.cgi?id=697459 +- CVE-2016-10219 (bsc#1032138) + divide by zero in intersect() + https://bugs.ghostscript.com/show_bug.cgi?id=697453 + is fixed in the version 9.21 upstream sources +- CVE-2016-10218 (bsc#1032135) + null pointer dereference in pdf14_pop_transparency_group() + https://bugs.ghostscript.com/show_bug.cgi?id=697444 + is fixed in the version 9.21 upstream sources. +- CVE-2016-10217 (bsc#1032130) + use-after-free in pdf14_cleanup_parent_color_profiles() + that is related to pdf14_open() in base/gdevp14.c + https://bugs.ghostscript.com/show_bug.cgi?id=697456 + is fixed in the version 9.21 upstream sources. +- CVE-2016-10220 (bsc#1032120) + null pointer dereference in gx_device_finalize() that is + related to gs_makewordimagedevice() in base/gsdevmem.c + https://bugs.ghostscript.com/show_bug.cgi?id=697450 + is fixed in the version 9.21 upstream sources. +- CVE-2017-5951.patch fixes + null pointer dereference in ref_stack_index() that is + related to mem_get_bits_rectangle() in base/gdevmem.c + https://bugs.ghostscript.com/show_bug.cgi?id=697548 + (bsc#1032114) + +------------------------------------------------------------------- +Mon Apr 10 14:06:09 CEST 2017 - jsm...@suse.de + +- Version upgrade to 9.21. + For details see the News.htm and History9.htm files. + Highlights in this release include: + * pdfwrite now preserves annotations from + input PDFs (where possible). + * The GhostXPS interpreter now provides the pdfwrite device + with the data it requires to emit a ToUnicode CMap: thus + allowing fully searchable PDFs to be created from XPS + input (in the vast majority of cases). + * Ghostscript now allows the default color space + for PDF transparency blends. + * The Ghostscript/GhostPDL configure script now has much + better/fuller support for cross compiling. + * The tiffscaled and tiffscaled4 devices can now + use ETS (Even Tone Screening) + * The toolbin/pdf_info.ps utility can now emit + the PDF XML metadata. + * Ghostscript has a new scan converter available + (currently optional, but will become the default in a near + future release). It can be enabled by using the command line + option: '-dSCANCONVERTERTYPE=2'. This new implementation + provides vastly improved performance with large and complex + paths. + * The usual round of bug fixes, compatibility changes, + and incremental improvements. + Incompatible changes: + * The planned device API tidy (still!) did not happen for + this release, due to time pressures, but we still intend + to undertake the following: We plan to somewhat tidy up + the device API. We intend to remove deprecated device + procs (methods/function pointers) and change the device API + so every device proc takes a graphics state parameter + (rather than the current scheme where only a very few procs + take an imager state parameter). This should serve as notice + to anyone maintaining a Ghostscript device outside the + canonical source tree that you may (probably will) need to + update your device(s) when these changes happen. Devices using + only the non-deprecated procs should be trivial to update. +- CVE-2016-7976.patch and CVE-2016-7977.patch and + CVE-2016-7978.patch and CVE-2016-7979.patch and + CVE-2016-8602.patch are no longer needed because + those issues are fixed in the upstream sources. +- 0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch + and + 0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch + are no longer needed because both are included + in the upstream sources, see the upstream issue + https://bugs.ghostscript.com/show_bug.cgi?id=697484 +- Again use the zlib sources from Ghostscript upstream + and disable remove-zlib-h-dependency.patch because + Ghostscript 9.21 does no longer build this way, + cf. the entry below dated "Wed Nov 18 11:46:58 UTC 2015" + +------------------------------------------------------------------- ghostscript.changes: same change Old: ---- 0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch 0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch CVE-2016-7976.patch CVE-2016-7977.patch CVE-2016-7978.patch CVE-2016-7979.patch CVE-2016-8602.patch ghostscript-9.20.tar.gz New: ---- CVE-2017-5951.patch CVE-2017-8291.patch ghostscript-9.21.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ghostscript-mini.spec ++++++ --- /var/tmp/diff_new_pack.V62YRs/_old 2017-05-03 15:53:55.371901243 +0200 +++ /var/tmp/diff_new_pack.V62YRs/_new 2017-05-03 15:53:55.371901243 +0200 @@ -38,7 +38,7 @@ # so that we keep additionally the previous version number to upgrade from the previous version: #Version: 9.19pre20rc1 # Normal version for Ghostscript releases is the upstream version: -Version: 9.20 +Version: 9.21 Release: 0 # tarball_version is used below to specify the directory via "setup -n": # Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1". @@ -49,7 +49,7 @@ # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15". # For Ghostscript releases built_version and version are the same (i.e. the upstream version): %define built_version %{version} -#%define built_version 9.20 +#define built_version 9.20 # Source0...Source9 is for sources from upstream: # Special URLs for Ghostscript release candidates: # URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920rc1/ghostscript-9.20rc1.tar.gz @@ -57,37 +57,13 @@ # wget -O ghostscript-9.20rc1.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920rc1/ghostscript-9.20rc1.tar.gz #Source0: ghostscript-%{tarball_version}.tar.gz # Normal URLs for Ghostscript releases: -# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920/ghostscript-9.20.tar.gz +# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/ghostscript-9.21.tar.gz # How to download it: -# wget -O ghostscript-9.20.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920/ghostscript-9.20.tar.gz -# URL for MD5 checksums: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920/MD5SUMS -# MD5 checksum for Source0: 93c5987cd3ab341108be1ebbaadc24fe +# wget -O ghostscript-9.21.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/ghostscript-9.21.tar.gz +# URL for MD5 checksums: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/MD5SUMS +# MD5 checksum for Source0: 5f213281761d2750fcf27476c404d17f Source0: ghostscript-%{version}.tar.gz # Patch0...Patch9 is for patches from upstream: -# Patch1 CVE-2016-7976.patch fixes that -# various userparams allow %pipe% in paths, allowing remote shell command execution -# see http://bugs.ghostscript.com/show_bug.cgi?id=697178 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -Patch1: CVE-2016-7976.patch -# Patch2 CVE-2016-7977.patch fixes that -# .libfile doesn't check PermitFileReading array, allowing remote file disclosure -# see http://bugs.ghostscript.com/show_bug.cgi?id=697169 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -Patch2: CVE-2016-7977.patch -# Patch3 CVE-2016-7978.patch fixes that -# reference leak in .setdevice allows use-after-free and remote code execution -# see http://bugs.ghostscript.com/show_bug.cgi?id=697179 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -Patch3: CVE-2016-7978.patch -# Patch4 CVE-2016-7979.patch fixes that -# type confusion in .initialize_dsc_parser allows remote code execution -# see http://bugs.ghostscript.com/show_bug.cgi?id=697190 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -Patch4: CVE-2016-7979.patch -# Patch5 CVE-2016-8602.patch fixes a NULL dereference in .sethalftone5 -# see http://bugs.ghostscript.com/show_bug.cgi?id=697203 -# and https://bugzilla.suse.com/show_bug.cgi?id=1004237 -Patch5: CVE-2016-8602.patch # Source10...Source99 is for sources from SUSE which are intended for upstream: # Patch10...Patch99 is for patches from SUSE which are intended for upstream: # Patch11 ppc64le-support.patch is a remainder of the previous patch @@ -96,16 +72,22 @@ # but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed # see http://bugs.ghostscript.com/show_bug.cgi?id=695544 Patch11: ppc64le-support.patch -# Patch12 adds a reproducible timestamp to the mkromfs output, using the -# SOURCE_DATE_EPOCH environment variable -Patch12: 0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch -# Patch13 sorts the ROM contents by name for deterministic contents -Patch13: 0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch # Source100...Source999 is for sources from SUSE which are not intended for upstream: # Patch100...Patch999 is for patches from SUSE which are not intended for upstream: # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball: Patch100: remove-zlib-h-dependency.patch +# Patch101 CVE-2017-5951.patch fixes +# null pointer dereference in ref_stack_index() that is +# related to mem_get_bits_rectangle() in base/gdevmem.c +# https://bugs.ghostscript.com/show_bug.cgi?id=697548 +# (bsc#1032114) +Patch101: CVE-2017-5951.patch +# Patch102 CVE-2017-8291.patch fixes a type confusion in .rsdparams and .eqproc +# see https://bugs.ghostscript.com/show_bug.cgi?id=697808 +# and https://bugs.ghostscript.com/show_bug.cgi?id=697799 +# and https://bugzilla.opensuse.org/show_bug.cgi?id=1036453 +Patch102: CVE-2017-8291.patch # RPM dependencies: Conflicts: ghostscript Conflicts: ghostscript-x11 @@ -174,50 +156,33 @@ # Be quiet when unpacking and # use a directory name matching Source0 to make it work also for ghostscript-mini: %setup -q -n ghostscript-%{tarball_version} -# Patch1 CVE-2016-7976.patch fixes that -# various userparams allow %pipe% in paths, allowing remote shell command execution -# see http://bugs.ghostscript.com/show_bug.cgi?id=697178 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -%patch1 -p1 -b CVE-2016-7976.orig -# Patch2 CVE-2016-7977.patch fixes that -# .libfile doesn't check PermitFileReading array, allowing remote file disclosure -# see http://bugs.ghostscript.com/show_bug.cgi?id=697169 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -%patch2 -p1 -b CVE-2016-7977.orig -# Patch3 CVE-2016-7978.patch fixes that -# reference leak in .setdevice allows use-after-free and remote code execution -# see http://bugs.ghostscript.com/show_bug.cgi?id=697179 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -%patch3 -p1 -b CVE-2016-7978.orig -# Patch4 CVE-2016-7979.patch fixes that -# type confusion in .initialize_dsc_parser allows remote code execution -# see http://bugs.ghostscript.com/show_bug.cgi?id=697190 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -%patch4 -p1 -b CVE-2016-7979.orig -# Patch5 CVE-2016-8602.patch fixes a NULL dereference in .sethalftone5 -# see http://bugs.ghostscript.com/show_bug.cgi?id=697203 -# and https://bugzilla.suse.com/show_bug.cgi?id=1004237 -%patch5 -p1 -b CVE-2016-8602.orig # Patch11 ppc64le-support.patch is a remainder of the previous patch # now the hunk for LCMS (lcms/include/lcms.h) is removed # because LCMS 1.x is removed since Ghostscript 9.16 # but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed # see http://bugs.ghostscript.com/show_bug.cgi?id=695544 -%patch11 -p1 -b ppc64le-support.orig -# Patch12 adds a reproducible timestamp to the mkromfs output, using the -# SOURCE_DATE_EPOCH environment variable -%patch12 -p1 -b mkromfs-buildtime.orig -# Patch13 sorts the ROM contents by name for deterministic contents -%patch13 -p1 -b mkromfs-sort-contents.orig +%patch11 -p1 -b .ppc64le-support.orig # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball: -%patch100 -p1 -b remove-zlib-h-dependency.orig +#patch100 -p1 -b remove-zlib-h-dependency.orig # Do not use the freetype jpeg libpng tiff zlib sources from the Ghostscript upstream tarball # because we prefer to use for long-established standard libraries the ones from SUSE # in particular to automatically get SUSE security updates for standard libraries. # In contrast we use e.g. lcms2 from the Ghostscript upstream tarball because this one # is specially modified to work with Ghostscript so that we cannot use lcms2 from SUSE: -rm -rf freetype jpeg libpng tiff zlib +#rm -rf freetype jpeg libpng tiff zlib +rm -rf freetype jpeg libpng tiff +# Patch101 CVE-2017-5951.patch fixes +# null pointer dereference in ref_stack_index() that is +# related to mem_get_bits_rectangle() in base/gdevmem.c +# https://bugs.ghostscript.com/show_bug.cgi?id=697548 +# (bsc#1032114) +%patch101 -b .CVE-2017-5951.orig +# Patch102 CVE-2017-8291.patch fixes a type confusion in .rsdparams and .eqproc +# see https://bugs.ghostscript.com/show_bug.cgi?id=697808 +# and https://bugs.ghostscript.com/show_bug.cgi?id=697799 +# and https://bugzilla.opensuse.org/show_bug.cgi?id=1036453 +%patch102 -p1 -b .CVE-2017-8291.orig %build # Derive build timestamp from latest changelog entry ++++++ ghostscript.spec ++++++ --- /var/tmp/diff_new_pack.V62YRs/_old 2017-05-03 15:53:55.399897291 +0200 +++ /var/tmp/diff_new_pack.V62YRs/_new 2017-05-03 15:53:55.399897291 +0200 @@ -58,7 +58,7 @@ # so that we keep additionally the previous version number to upgrade from the previous version: #Version: 9.19pre20rc1 # Normal version for Ghostscript releases is the upstream version: -Version: 9.20 +Version: 9.21 Release: 0 # tarball_version is used below to specify the directory via "setup -n": # Special tarball_version needed for Ghostscript release candidates e.g. "define tarball_version 9.15rc1". @@ -69,7 +69,7 @@ # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15". # For Ghostscript releases built_version and version are the same (i.e. the upstream version): %define built_version %{version} -#%define built_version 9.20 +#define built_version 9.20 # Source0...Source9 is for sources from upstream: # Special URLs for Ghostscript release candidates: # URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920rc1/ghostscript-9.20rc1.tar.gz @@ -77,37 +77,13 @@ # wget -O ghostscript-9.20rc1.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920rc1/ghostscript-9.20rc1.tar.gz #Source0: ghostscript-%{tarball_version}.tar.gz # Normal URLs for Ghostscript releases: -# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920/ghostscript-9.20.tar.gz +# URL for Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/ghostscript-9.21.tar.gz # How to download it: -# wget -O ghostscript-9.20.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920/ghostscript-9.20.tar.gz -# URL for MD5 checksums: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920/MD5SUMS -# MD5 checksum for Source0: 93c5987cd3ab341108be1ebbaadc24fe +# wget -O ghostscript-9.21.tar.gz https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/ghostscript-9.21.tar.gz +# URL for MD5 checksums: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs921/MD5SUMS +# MD5 checksum for Source0: 5f213281761d2750fcf27476c404d17f Source0: ghostscript-%{version}.tar.gz # Patch0...Patch9 is for patches from upstream: -# Patch1 CVE-2016-7976.patch fixes that -# various userparams allow %pipe% in paths, allowing remote shell command execution -# see http://bugs.ghostscript.com/show_bug.cgi?id=697178 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -Patch1: CVE-2016-7976.patch -# Patch2 CVE-2016-7977.patch fixes that -# .libfile doesn't check PermitFileReading array, allowing remote file disclosure -# see http://bugs.ghostscript.com/show_bug.cgi?id=697169 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -Patch2: CVE-2016-7977.patch -# Patch3 CVE-2016-7978.patch fixes that -# reference leak in .setdevice allows use-after-free and remote code execution -# see http://bugs.ghostscript.com/show_bug.cgi?id=697179 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -Patch3: CVE-2016-7978.patch -# Patch4 CVE-2016-7979.patch fixes that -# type confusion in .initialize_dsc_parser allows remote code execution -# see http://bugs.ghostscript.com/show_bug.cgi?id=697190 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -Patch4: CVE-2016-7979.patch -# Patch5 CVE-2016-8602.patch fixes a NULL dereference in .sethalftone5 -# see http://bugs.ghostscript.com/show_bug.cgi?id=697203 -# and https://bugzilla.suse.com/show_bug.cgi?id=1004237 -Patch5: CVE-2016-8602.patch # Source10...Source99 is for sources from SUSE which are intended for upstream: # Patch10...Patch99 is for patches from SUSE which are intended for upstream: # Patch11 ppc64le-support.patch is a remainder of the previous patch @@ -116,16 +92,22 @@ # but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed # see http://bugs.ghostscript.com/show_bug.cgi?id=695544 Patch11: ppc64le-support.patch -# Patch12 adds a reproducible timestamp to the mkromfs output, using the -# SOURCE_DATE_EPOCH environment variable -Patch12: 0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch -# Patch13 sorts the ROM contents by name for deterministic contents -Patch13: 0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch # Source100...Source999 is for sources from SUSE which are not intended for upstream: # Patch100...Patch999 is for patches from SUSE which are not intended for upstream: # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball: Patch100: remove-zlib-h-dependency.patch +# Patch101 CVE-2017-5951.patch fixes +# null pointer dereference in ref_stack_index() that is +# related to mem_get_bits_rectangle() in base/gdevmem.c +# https://bugs.ghostscript.com/show_bug.cgi?id=697548 +# (bsc#1032114) +Patch101: CVE-2017-5951.patch +# Patch102 CVE-2017-8291.patch fixes a type confusion in .rsdparams and .eqproc +# see https://bugs.ghostscript.com/show_bug.cgi?id=697808 +# and https://bugs.ghostscript.com/show_bug.cgi?id=697799 +# and https://bugzilla.opensuse.org/show_bug.cgi?id=1036453 +Patch102: CVE-2017-8291.patch # RPM dependencies: # Additional RPM Provides of the ghostscript-library packages in openSUSE 11.4 from # "rpm -q --provides ghostscript-library" and "rpm -q --provides ghostscript-x11": @@ -310,50 +292,33 @@ # Be quiet when unpacking and # use a directory name matching Source0 to make it work also for ghostscript-mini: %setup -q -n ghostscript-%{tarball_version} -# Patch1 CVE-2016-7976.patch fixes that -# various userparams allow %pipe% in paths, allowing remote shell command execution -# see http://bugs.ghostscript.com/show_bug.cgi?id=697178 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -%patch1 -p1 -b CVE-2016-7976.orig -# Patch2 CVE-2016-7977.patch fixes that -# .libfile doesn't check PermitFileReading array, allowing remote file disclosure -# see http://bugs.ghostscript.com/show_bug.cgi?id=697169 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -%patch2 -p1 -b CVE-2016-7977.orig -# Patch3 CVE-2016-7978.patch fixes that -# reference leak in .setdevice allows use-after-free and remote code execution -# see http://bugs.ghostscript.com/show_bug.cgi?id=697179 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -%patch3 -p1 -b CVE-2016-7978.orig -# Patch4 CVE-2016-7979.patch fixes that -# type confusion in .initialize_dsc_parser allows remote code execution -# see http://bugs.ghostscript.com/show_bug.cgi?id=697190 -# and https://bugzilla.suse.com/show_bug.cgi?id=1001951 -%patch4 -p1 -b CVE-2016-7979.orig -# Patch5 CVE-2016-8602.patch fixes a NULL dereference in .sethalftone5 -# see http://bugs.ghostscript.com/show_bug.cgi?id=697203 -# and https://bugzilla.suse.com/show_bug.cgi?id=1004237 -%patch5 -p1 -b CVE-2016-8602.orig # Patch11 ppc64le-support.patch is a remainder of the previous patch # now the hunk for LCMS (lcms/include/lcms.h) is removed # because LCMS 1.x is removed since Ghostscript 9.16 # but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed # see http://bugs.ghostscript.com/show_bug.cgi?id=695544 -%patch11 -p1 -b ppc64le-support.orig -# Patch12 adds a reproducible timestamp to the mkromfs output, using the -# SOURCE_DATE_EPOCH environment variable -%patch12 -p1 -b mkromfs-buildtime.orig -# Patch13 sorts the ROM contents by name for deterministic contents -%patch13 -p1 -b mkromfs-sort-contents.orig +%patch11 -p1 -b .ppc64le-support.orig # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball: -%patch100 -p1 -b remove-zlib-h-dependency.orig +#patch100 -p1 -b remove-zlib-h-dependency.orig # Do not use the freetype jpeg libpng tiff zlib sources from the Ghostscript upstream tarball # because we prefer to use for long-established standard libraries the ones from SUSE # in particular to automatically get SUSE security updates for standard libraries. # In contrast we use e.g. lcms2 from the Ghostscript upstream tarball because this one # is specially modified to work with Ghostscript so that we cannot use lcms2 from SUSE: -rm -rf freetype jpeg libpng tiff zlib +#rm -rf freetype jpeg libpng tiff zlib +rm -rf freetype jpeg libpng tiff +# Patch101 CVE-2017-5951.patch fixes +# null pointer dereference in ref_stack_index() that is +# related to mem_get_bits_rectangle() in base/gdevmem.c +# https://bugs.ghostscript.com/show_bug.cgi?id=697548 +# (bsc#1032114) +%patch101 -b .CVE-2017-5951.orig +# Patch102 CVE-2017-8291.patch fixes a type confusion in .rsdparams and .eqproc +# see https://bugs.ghostscript.com/show_bug.cgi?id=697808 +# and https://bugs.ghostscript.com/show_bug.cgi?id=697799 +# and https://bugzilla.opensuse.org/show_bug.cgi?id=1036453 +%patch102 -p1 -b .CVE-2017-8291.orig %build # Derive build timestamp from latest changelog entry ++++++ CVE-2016-7976.patch -> CVE-2017-5951.patch ++++++ --- /work/SRC/openSUSE:Factory/ghostscript/CVE-2016-7976.patch 2016-10-22 13:01:57.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/CVE-2017-5951.patch 2017-05-03 15:53:51.368466430 +0200 @@ -1,171 +1,19 @@ -From: Chris Liddell <chris.lidd...@artifex.com> -Date: Wed, 5 Oct 2016 08:55:55 +0000 (+0100) -Subject: Bug 697178: Add a file permissions callback -X-Git-Url: http://git.ghostscript.com/?p=user%2Fchrisl%2Fghostpdl.git;a=commitdiff_plain;h=71ac87493b1e445d6c07554d4246cf7d4f44875c;hp=cf046d2f0fa2c6973c6ca8d582a9b185cc4bd280 - -Bug 697178: Add a file permissions callback - -For the rare occasions when the graphics library directly opens a file -(currently for reading), this allows us to apply any restrictions on -file access normally applied in the interpteter. ---- - -diff --git a/base/gsicc_manage.c b/base/gsicc_manage.c -index 931c2a6..e9c09c3 100644 ---- a/base/gsicc_manage.c -+++ b/base/gsicc_manage.c -@@ -1124,10 +1124,12 @@ gsicc_open_search(const char* pname, int namelen, gs_memory_t *mem_gc, - } - - /* First just try it like it is */ -- str = sfopen(pname, "r", mem_gc); -- if (str != NULL) { -- *strp = str; -- return 0; -+ if (gs_check_file_permission(mem_gc, pname, namelen, "r") >= 0) { -+ str = sfopen(pname, "r", mem_gc); -+ if (str != NULL) { -+ *strp = str; -+ return 0; -+ } - } - - /* If that fails, try %rom% */ /* FIXME: Not sure this is needed or correct */ -diff --git a/base/gslibctx.c b/base/gslibctx.c -index eaa0458..37ce1ca 100644 ---- a/base/gslibctx.c -+++ b/base/gslibctx.c -@@ -189,7 +189,7 @@ Failure: - mem->gs_lib_ctx = NULL; - return -1; - } -- -+ pio->client_check_file_permission = NULL; - gp_get_realtime(pio->real_time_0); - - /* Set scanconverter to 1 (default) */ -@@ -343,3 +343,13 @@ void errflush(const gs_memory_t *mem) - fflush(mem->gs_lib_ctx->fstderr); - /* else nothing to flush */ - } -+ -+int -+gs_check_file_permission (gs_memory_t *mem, const char *fname, const int len, const char *permission) -+{ -+ int code = 0; -+ if (mem->gs_lib_ctx->client_check_file_permission != NULL) { -+ code = mem->gs_lib_ctx->client_check_file_permission(mem, fname, len, permission); -+ } -+ return code; -+} -diff --git a/base/gslibctx.h b/base/gslibctx.h -index 7a4e110..020e2d9 100644 ---- a/base/gslibctx.h -+++ b/base/gslibctx.h -@@ -32,6 +32,9 @@ typedef struct gs_fapi_server_s gs_fapi_server; - # define gs_font_dir_DEFINED - typedef struct gs_font_dir_s gs_font_dir; - #endif -+ -+typedef int (*client_check_file_permission_t) (gs_memory_t *mem, const char *fname, const int len, const char *permission); -+ - typedef struct gs_lib_ctx_s - { - gs_memory_t *memory; /* mem->gs_lib_ctx->memory == mem */ -@@ -61,6 +64,7 @@ typedef struct gs_lib_ctx_s - struct gx_io_device_s **io_device_table; - int io_device_table_count; - int io_device_table_size; -+ client_check_file_permission_t client_check_file_permission; - /* Define the default value of AccurateScreens that affects setscreen - and setcolorscreen. */ - bool screen_accurate_screens; -@@ -133,6 +137,9 @@ int - gs_lib_ctx_get_default_device_list(const gs_memory_t *mem, char** dev_list_str, - int *list_str_len); - -+int -+gs_check_file_permission (gs_memory_t *mem, const char *fname, const int len, const char *permission); -+ - #define IS_LIBCTX_STDOUT(mem, f) (f == mem->gs_lib_ctx->fstdout) - #define IS_LIBCTX_STDERR(mem, f) (f == mem->gs_lib_ctx->fstderr) - -diff --git a/psi/imain.c b/psi/imain.c -index 9a9bb5d..6874128 100644 ---- a/psi/imain.c -+++ b/psi/imain.c -@@ -57,6 +57,7 @@ - #include "ivmspace.h" - #include "idisp.h" /* for setting display device callback */ - #include "iplugin.h" -+#include "zfile.h" - - #ifdef PACIFY_VALGRIND - #include "valgrind.h" -@@ -212,6 +213,7 @@ gs_main_init1(gs_main_instance * minst) - "the_gs_name_table"); - if (code < 0) - return code; -+ mem->gs_lib_ctx->client_check_file_permission = z_check_file_permissions; - } - code = obj_init(&minst->i_ctx_p, &idmem); /* requires name_init */ - if (code < 0) -diff --git a/psi/int.mak b/psi/int.mak -index 4654afc..bb30d51 100644 ---- a/psi/int.mak -+++ b/psi/int.mak -@@ -2024,7 +2024,7 @@ $(PSOBJ)imain.$(OBJ) : $(PSSRC)imain.c $(GH) $(memory__h) $(string__h)\ - $(ialloc_h) $(iconf_h) $(idebug_h) $(idict_h) $(idisp_h) $(iinit_h)\ - $(iname_h) $(interp_h) $(iplugin_h) $(isave_h) $(iscan_h) $(ivmspace_h)\ - $(iinit_h) $(main_h) $(oper_h) $(ostack_h)\ -- $(sfilter_h) $(store_h) $(stream_h) $(strimpl_h)\ -+ $(sfilter_h) $(store_h) $(stream_h) $(strimpl_h) $(zfile_h)\ - $(INT_MAK) $(MAKEDIRS) - $(PSCC) $(PSO_)imain.$(OBJ) $(C_) $(PSSRC)imain.c - -diff --git a/psi/zfile.c b/psi/zfile.c -index 2c6c958..bc6c70f 100644 ---- a/psi/zfile.c -+++ b/psi/zfile.c -@@ -197,6 +197,25 @@ check_file_permissions(i_ctx_t *i_ctx_p, const char *fname, int len, - return check_file_permissions_reduced(i_ctx_p, fname_reduced, rlen, permitgroup); - } - -+/* z_check_file_permissions: see zfile.h for explanation -+ */ -+int -+z_check_file_permissions(gs_memory_t *mem, const char *fname, const int len, const char *permission) -+{ -+ i_ctx_t *i_ctx_p = get_minst_from_memory(mem)->i_ctx_p; -+ gs_parsed_file_name_t pname; -+ char *permitgroup = permission[0] == 'r' ? "PermitFileReading" : "PermitFileWriting"; -+ int code = gs_parse_file_name(&pname, fname, len, imemory); -+ if (code < 0) -+ return code; -+ -+ if (pname.iodev && i_ctx_p->LockFilePermissions && strcmp(pname.iodev->dname, "%pipe%") == 0) -+ return gs_error_invalidfileaccess; -+ -+ code = check_file_permissions(i_ctx_p, fname, len, permitgroup); -+ return code; -+} -+ - /* <name_string> <access_string> file <file> */ - int /* exported for zsysvm.c */ - zfile(i_ctx_t *i_ctx_p) -diff --git a/psi/zfile.h b/psi/zfile.h -index fdf1373..a9399c7 100644 ---- a/psi/zfile.h -+++ b/psi/zfile.h -@@ -22,4 +22,11 @@ - int zopen_file(i_ctx_t *i_ctx_p, const gs_parsed_file_name_t *pfn, - const char *file_access, stream **ps, gs_memory_t *mem); - -+/* z_check_file_permissions: a callback (via mem->gs_lib_ctx->client_check_file_permission) -+ * to allow applying the above permissions checks when opening file(s) from -+ * the graphics library -+ */ -+int -+z_check_file_permissions(gs_memory_t *mem, const char *fname, -+ const int len, const char *permission); - #endif +--- psi/iparam.c.orig 2017-03-16 11:12:02.000000000 +0100 ++++ psi/iparam.c 2017-04-12 11:42:57.000000000 +0200 +@@ -770,12 +770,13 @@ ref_param_read_typed(gs_param_list * pli + gs_param_enumerator_t enumr; + gs_param_key_t key; + ref_type keytype; ++ dict_param_list *dlist = (dict_param_list *) pvalue->value.d.list; + + param_init_enumerator(&enumr); +- if (!(*((iparam_list *) plist)->enumerate) +- ((iparam_list *) pvalue->value.d.list, &enumr, &key, &keytype) ++ if (!(*(dlist->enumerate)) ++ ((iparam_list *) dlist, &enumr, &key, &keytype) + && keytype == t_integer) { +- ((dict_param_list *) pvalue->value.d.list)->int_keys = 1; ++ dlist->int_keys = 1; + pvalue->type = gs_param_type_dict_int_keys; + } + } ++++++ CVE-2016-7976.patch -> CVE-2017-8291.patch ++++++ --- /work/SRC/openSUSE:Factory/ghostscript/CVE-2016-7976.patch 2016-10-22 13:01:57.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/CVE-2017-8291.patch 2017-05-03 15:53:51.440456267 +0200 @@ -1,171 +1,59 @@ -From: Chris Liddell <chris.lidd...@artifex.com> -Date: Wed, 5 Oct 2016 08:55:55 +0000 (+0100) -Subject: Bug 697178: Add a file permissions callback -X-Git-Url: http://git.ghostscript.com/?p=user%2Fchrisl%2Fghostpdl.git;a=commitdiff_plain;h=71ac87493b1e445d6c07554d4246cf7d4f44875c;hp=cf046d2f0fa2c6973c6ca8d582a9b185cc4bd280 - -Bug 697178: Add a file permissions callback - -For the rare occasions when the graphics library directly opens a file -(currently for reading), this allows us to apply any restrictions on -file access normally applied in the interpteter. ---- - -diff --git a/base/gsicc_manage.c b/base/gsicc_manage.c -index 931c2a6..e9c09c3 100644 ---- a/base/gsicc_manage.c -+++ b/base/gsicc_manage.c -@@ -1124,10 +1124,12 @@ gsicc_open_search(const char* pname, int namelen, gs_memory_t *mem_gc, - } - - /* First just try it like it is */ -- str = sfopen(pname, "r", mem_gc); -- if (str != NULL) { -- *strp = str; -- return 0; -+ if (gs_check_file_permission(mem_gc, pname, namelen, "r") >= 0) { -+ str = sfopen(pname, "r", mem_gc); -+ if (str != NULL) { -+ *strp = str; -+ return 0; -+ } - } - - /* If that fails, try %rom% */ /* FIXME: Not sure this is needed or correct */ -diff --git a/base/gslibctx.c b/base/gslibctx.c -index eaa0458..37ce1ca 100644 ---- a/base/gslibctx.c -+++ b/base/gslibctx.c -@@ -189,7 +189,7 @@ Failure: - mem->gs_lib_ctx = NULL; - return -1; - } -- -+ pio->client_check_file_permission = NULL; - gp_get_realtime(pio->real_time_0); - - /* Set scanconverter to 1 (default) */ -@@ -343,3 +343,13 @@ void errflush(const gs_memory_t *mem) - fflush(mem->gs_lib_ctx->fstderr); - /* else nothing to flush */ - } -+ -+int -+gs_check_file_permission (gs_memory_t *mem, const char *fname, const int len, const char *permission) -+{ -+ int code = 0; -+ if (mem->gs_lib_ctx->client_check_file_permission != NULL) { -+ code = mem->gs_lib_ctx->client_check_file_permission(mem, fname, len, permission); +--- ghostscript-9.21/psi/zmisc3.c.orig 2017-03-16 11:12:02.000000000 +0100 ++++ ghostscript-9.21/psi/zmisc3.c 2017-05-02 14:43:41.000000000 +0200 +@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p) + ref2_t stack[MAX_DEPTH + 1]; + ref2_t *top = stack; + ++ if (ref_stack_count(&o_stack) < 2) ++ return_error(gs_error_stackunderflow); ++ if (!r_is_array(op - 1) || !r_is_array(op)) { ++ return_error(gs_error_typecheck); + } -+ return code; -+} -diff --git a/base/gslibctx.h b/base/gslibctx.h -index 7a4e110..020e2d9 100644 ---- a/base/gslibctx.h -+++ b/base/gslibctx.h -@@ -32,6 +32,9 @@ typedef struct gs_fapi_server_s gs_fapi_server; - # define gs_font_dir_DEFINED - typedef struct gs_font_dir_s gs_font_dir; - #endif + -+typedef int (*client_check_file_permission_t) (gs_memory_t *mem, const char *fname, const int len, const char *permission); -+ - typedef struct gs_lib_ctx_s - { - gs_memory_t *memory; /* mem->gs_lib_ctx->memory == mem */ -@@ -61,6 +64,7 @@ typedef struct gs_lib_ctx_s - struct gx_io_device_s **io_device_table; - int io_device_table_count; - int io_device_table_size; -+ client_check_file_permission_t client_check_file_permission; - /* Define the default value of AccurateScreens that affects setscreen - and setcolorscreen. */ - bool screen_accurate_screens; -@@ -133,6 +137,9 @@ int - gs_lib_ctx_get_default_device_list(const gs_memory_t *mem, char** dev_list_str, - int *list_str_len); - -+int -+gs_check_file_permission (gs_memory_t *mem, const char *fname, const int len, const char *permission); + make_array(&stack[0].proc1, 0, 1, op - 1); + make_array(&stack[0].proc2, 0, 1, op); + for (;;) { +--- ghostscript-9.21/psi/zfrsd.c.orig 2017-03-16 11:12:02.000000000 +0100 ++++ ghostscript-9.21/psi/zfrsd.c 2017-05-02 14:45:35.000000000 +0200 +@@ -49,13 +49,20 @@ zrsdparams(i_ctx_t *i_ctx_p) + ref *pFilter; + ref *pDecodeParms; + int Intent = 0; +- bool AsyncRead; ++ bool AsyncRead = false; + ref empty_array, filter1_array, parms1_array; + uint i; +- int code; ++ int code = 0; + - #define IS_LIBCTX_STDOUT(mem, f) (f == mem->gs_lib_ctx->fstdout) - #define IS_LIBCTX_STDERR(mem, f) (f == mem->gs_lib_ctx->fstderr) - -diff --git a/psi/imain.c b/psi/imain.c -index 9a9bb5d..6874128 100644 ---- a/psi/imain.c -+++ b/psi/imain.c -@@ -57,6 +57,7 @@ - #include "ivmspace.h" - #include "idisp.h" /* for setting display device callback */ - #include "iplugin.h" -+#include "zfile.h" ++ if (ref_stack_count(&o_stack) < 1) ++ return_error(gs_error_stackunderflow); ++ if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) { ++ return_error(gs_error_typecheck); ++ } - #ifdef PACIFY_VALGRIND - #include "valgrind.h" -@@ -212,6 +213,7 @@ gs_main_init1(gs_main_instance * minst) - "the_gs_name_table"); - if (code < 0) - return code; -+ mem->gs_lib_ctx->client_check_file_permission = z_check_file_permissions; + make_empty_array(&empty_array, a_readonly); +- if (dict_find_string(op, "Filter", &pFilter) > 0) { ++ if (r_has_type(op, t_dictionary) ++ && dict_find_string(op, "Filter", &pFilter) > 0) { + if (!r_is_array(pFilter)) { + if (!r_has_type(pFilter, t_name)) + return_error(gs_error_typecheck); +@@ -94,12 +101,13 @@ zrsdparams(i_ctx_t *i_ctx_p) + return_error(gs_error_typecheck); } - code = obj_init(&minst->i_ctx_p, &idmem); /* requires name_init */ - if (code < 0) -diff --git a/psi/int.mak b/psi/int.mak -index 4654afc..bb30d51 100644 ---- a/psi/int.mak -+++ b/psi/int.mak -@@ -2024,7 +2024,7 @@ $(PSOBJ)imain.$(OBJ) : $(PSSRC)imain.c $(GH) $(memory__h) $(string__h)\ - $(ialloc_h) $(iconf_h) $(idebug_h) $(idict_h) $(idisp_h) $(iinit_h)\ - $(iname_h) $(interp_h) $(iplugin_h) $(isave_h) $(iscan_h) $(ivmspace_h)\ - $(iinit_h) $(main_h) $(oper_h) $(ostack_h)\ -- $(sfilter_h) $(store_h) $(stream_h) $(strimpl_h)\ -+ $(sfilter_h) $(store_h) $(stream_h) $(strimpl_h) $(zfile_h)\ - $(INT_MAK) $(MAKEDIRS) - $(PSCC) $(PSO_)imain.$(OBJ) $(C_) $(PSSRC)imain.c - -diff --git a/psi/zfile.c b/psi/zfile.c -index 2c6c958..bc6c70f 100644 ---- a/psi/zfile.c -+++ b/psi/zfile.c -@@ -197,6 +197,25 @@ check_file_permissions(i_ctx_t *i_ctx_p, const char *fname, int len, - return check_file_permissions_reduced(i_ctx_p, fname_reduced, rlen, permitgroup); - } - -+/* z_check_file_permissions: see zfile.h for explanation -+ */ -+int -+z_check_file_permissions(gs_memory_t *mem, const char *fname, const int len, const char *permission) -+{ -+ i_ctx_t *i_ctx_p = get_minst_from_memory(mem)->i_ctx_p; -+ gs_parsed_file_name_t pname; -+ char *permitgroup = permission[0] == 'r' ? "PermitFileReading" : "PermitFileWriting"; -+ int code = gs_parse_file_name(&pname, fname, len, imemory); -+ if (code < 0) -+ return code; -+ -+ if (pname.iodev && i_ctx_p->LockFilePermissions && strcmp(pname.iodev->dname, "%pipe%") == 0) -+ return gs_error_invalidfileaccess; -+ -+ code = check_file_permissions(i_ctx_p, fname, len, permitgroup); -+ return code; -+} -+ - /* <name_string> <access_string> file <file> */ - int /* exported for zsysvm.c */ - zfile(i_ctx_t *i_ctx_p) -diff --git a/psi/zfile.h b/psi/zfile.h -index fdf1373..a9399c7 100644 ---- a/psi/zfile.h -+++ b/psi/zfile.h -@@ -22,4 +22,11 @@ - int zopen_file(i_ctx_t *i_ctx_p, const gs_parsed_file_name_t *pfn, - const char *file_access, stream **ps, gs_memory_t *mem); - -+/* z_check_file_permissions: a callback (via mem->gs_lib_ctx->client_check_file_permission) -+ * to allow applying the above permissions checks when opening file(s) from -+ * the graphics library -+ */ -+int -+z_check_file_permissions(gs_memory_t *mem, const char *fname, -+ const int len, const char *permission); - #endif + } +- code = dict_int_param(op, "Intent", 0, 3, 0, &Intent); ++ if (r_has_type(op, t_dictionary)) ++ code = dict_int_param(op, "Intent", 0, 3, 0, &Intent); + if (code < 0 && code != gs_error_rangecheck) /* out-of-range int is ok, use 0 */ + return code; +- if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0 +- ) +- return code; ++ if (r_has_type(op, t_dictionary)) ++ if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0) ++ return code; + push(1); + op[-1] = *pFilter; + if (pDecodeParms) ++++++ ghostscript-9.20.tar.gz -> ghostscript-9.21.tar.gz ++++++ /work/SRC/openSUSE:Factory/ghostscript/ghostscript-9.20.tar.gz /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-9.21.tar.gz differ: char 5, line 1
