Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2018-06-08 23:11:31 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ghostscript" Fri Jun 8 23:11:31 2018 rev:32 rq:614287 version:9.23 Changes: -------- --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2018-04-17 11:15:12.788893861 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes 2018-06-08 23:11:39.920298005 +0200 @@ -1,0 +2,8 @@ +Tue Jun 5 14:47:59 CEST 2018 - jsm...@suse.de + +- CVE-2018-10194.patch fixes stack-based buffer overflow + in gdevpdts.c (bsc#1090099), see + https://bugs.ghostscript.com/show_bug.cgi?id=699255 and + http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879 + +------------------------------------------------------------------- ghostscript.changes: same change New: ---- CVE-2018-10194.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ghostscript-mini.spec ++++++ --- /var/tmp/diff_new_pack.Pz43Ss/_old 2018-06-08 23:11:43.564166431 +0200 +++ /var/tmp/diff_new_pack.Pz43Ss/_new 2018-06-08 23:11:43.596165276 +0200 @@ -79,6 +79,11 @@ # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball: Patch100: remove-zlib-h-dependency.patch +# Patch101 fixes stack-based buffer overflow in gdevpdts.c +# see https://bugzilla.suse.com/show_bug.cgi?id=1090099 +# and https://bugs.ghostscript.com/show_bug.cgi?id=699255 +# and http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879 +Patch101: CVE-2018-10194.patch # RPM dependencies: Conflicts: ghostscript Conflicts: ghostscript-x11 @@ -149,6 +154,11 @@ # and disable remove-zlib-h-dependency.patch because # Ghostscript 9.21 does no longer build this way: #patch100 -p1 -b remove-zlib-h-dependency.orig +# Patch101 fixes stack-based buffer overflow in gdevpdts.c +# see https://bugzilla.suse.com/show_bug.cgi?id=1090099 +# and https://bugs.ghostscript.com/show_bug.cgi?id=699255 +# and http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879 +%patch101 -b CVE-2018-10194.orig # Remove patch backup files to avoid packaging # cf. https://build.opensuse.org/request/show/581052 rm -f Resource/Init/*.ps.orig ++++++ ghostscript.spec ++++++ --- /var/tmp/diff_new_pack.Pz43Ss/_old 2018-06-08 23:11:43.912153866 +0200 +++ /var/tmp/diff_new_pack.Pz43Ss/_new 2018-06-08 23:11:43.948152566 +0200 @@ -99,6 +99,11 @@ # Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h # in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball: Patch100: remove-zlib-h-dependency.patch +# Patch101 fixes stack-based buffer overflow in gdevpdts.c +# see https://bugzilla.suse.com/show_bug.cgi?id=1090099 +# and https://bugs.ghostscript.com/show_bug.cgi?id=699255 +# and http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879 +Patch101: CVE-2018-10194.patch # RPM dependencies: # Additional RPM Provides of the ghostscript-library packages in openSUSE 11.4 from # "rpm -q --provides ghostscript-library" and "rpm -q --provides ghostscript-x11": @@ -285,6 +290,11 @@ # and disable remove-zlib-h-dependency.patch because # Ghostscript 9.21 does no longer build this way: #patch100 -p1 -b remove-zlib-h-dependency.orig +# Patch101 fixes stack-based buffer overflow in gdevpdts.c +# see https://bugzilla.suse.com/show_bug.cgi?id=1090099 +# and https://bugs.ghostscript.com/show_bug.cgi?id=699255 +# and http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879 +%patch101 -b CVE-2018-10194.orig # Remove patch backup files to avoid packaging # cf. https://build.opensuse.org/request/show/581052 rm -f Resource/Init/*.ps.orig ++++++ CVE-2018-10194.patch ++++++ --- devices/vector/gdevpdts.c.orig 2018-03-21 09:48:06.000000000 +0100 +++ devices/vector/gdevpdts.c 2018-06-05 14:39:39.000000000 +0200 @@ -103,9 +103,14 @@ append_text_move(pdf_text_state_t *pts, static int set_text_distance(gs_point *pdist, double dx, double dy, const gs_matrix *pmat) { - int code = gs_distance_transform_inverse(dx, dy, pmat, pdist); + int code; double rounded; + if (dx > 1e38 || dy > 1e38) + code = gs_error_undefinedresult; + else + code = gs_distance_transform_inverse(dx, dy, pmat, pdist); + if (code == gs_error_undefinedresult) { /* The CTM is degenerate. Can't know the distance in user space.