commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2020-10-23 12:19:09 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new.3463 (New) Package is "ghostscript" Fri Oct 23 12:19:09 2020 rev:47 rq:843002 version:9.53.3 Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2020-07-31 15:52:39.804043267 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new.3463/ghostscript-mini.changes 2020-10-23 12:19:25.756561697 +0200 @@ -1,0 +2,62 @@ +Tue Oct 20 16:38:24 CEST 2020 - Ismail Dönmez + +- 41ef9a0bc36b9db7115fbe9623f989bfb47bbade.patch + fixes compilation with FreeType 2.10.3+ + http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=41ef9a0bc36b9db7115fbe9623f989bfb47bbade + c.f. https://bugs.ghostscript.com/show_bug.cgi?id=702985 + +--- +Tue Oct 20 16:03:48 CEST 2020 - jsm...@suse.de + +- Version upgrade to 9.53.3 + Highlights in this release include + (excerpts from the Ghostscript upstream release summary + in https://www.ghostscript.com/doc/9.53.3/News.htm): + * The 9.53.3 release is primarily maintenance. + * Issues arose with 9.53.0/1/2 that prompted the release +of a .3 patch: +A crash related to management of ICC profile objects. +A parameter type mismatch that would cause Ghostscript +to error out during initialisation, which +affected 64 big, big endian architectures. +An unexpected side effect of another change that prevented +multithreaded rendering and background rendering +from working correctly. + * The most obvious change is the (re-)introduction of the +patch level to the version number, this helps facilitate +a revised policy on handling security related issues. +To clarify: in the event we decide to release a patch revision, +it will replace the release with the previous patch number. +Release notes, highlights and warnings will remain the same, +except for the addition of whatever fix(es) prompted the patch. + * Our efforts in code hygiene and maintainability continue. + * We have added Python bindings for the gsapi interface, can be +found in demos/python. These are experimental, and we welcome +feedback from interested developers. + * For those integrating Ghostscript/GhostPDL via the gsapi +interface, we have added new capabilities to that, specifically +in terms of setting and interrogating device parameters. These, +along with the existing interface calls, are documented in: +Ghostscript Interpreter API at +https://www.ghostscript.com/doc/9.53.3/API.htm + * The usual round of bug fixes, compatibility changes, +and incremental improvements. + * For a list of open issues, or to report problems, please visit +bugs.ghostscript.com + Incompatible changes: + * As of 9.53.0, we have (re-)introduced the patch level to the +version number, this helps facilitate a revised policy +on handling security related issues. +Note for GSView Users: The patch level addition breaks +GSView 5 (it is hardcoded to check for versions 704-999). +It is possible, but not guaranteed that a GSView update might +be forthcoming to resolve this. + For a release summary see: + https://www.ghostscript.com/doc/9.53.3/News.htm + For details see the News.htm and History9.htm files. +- CVE-2020-15900.patch is no longer needed + because it is fixed in the upstream sources. +- Ghostscript 9.53.3 fixes in particular txtwrite memory issues + (boo#1177922). + +--- ghostscript.changes: same change Old: CVE-2020-15900.patch ghostscript-9.52.tar.gz New: 41ef9a0bc36b9db7115fbe9623f989bfb47bbade.patch ghostscript-9.53.3.tar.gz Other differences: -- ++ ghostscript-mini.spec ++ --- /var/tmp/diff_new_pack.K92Eu2/_old 2020-10-23 12:19:27.260562474 +0200 +++ /var/tmp/diff_new_pack.K92Eu2/_new 2020-10-23 12:19:27.264562476 +0200 @@ -47,7 +47,7 @@ # so that we keep additionally the previous version number to upgrade from the previous version: # Starting SLE12/rpm-4.10, one can use tildeversions: 9.15~rc1. #Version:9.25pre26rc1 -Version:9.52 +Version:9.53.3 Release:0 # Normal version for Ghostscript releases is the upstream version: # tarball_version is used below to specify the directory via "setup -n": @@ -58,8 +58,8 @@ # built_version is used below in the install and files sections: # Separated built_version needed in case of Ghostscript release candidates e.g. "define built_version 9.15". # For Ghostscript
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2020-07-31 15:52:18
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new.3592 (New)
Package is "ghostscript"
Fri Jul 31 15:52:18 2020 rev:46 rq:823078 version:9.52
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2020-05-08 23:03:13.813602227 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new.3592/ghostscript-mini.changes
2020-07-31 15:52:39.804043267 +0200
@@ -1,0 +2,7 @@
+Tue Jul 28 09:15:30 CEST 2020 - jsm...@suse.de
+
+- CVE-2020-15900.patch fixes CVE-2020-15900 Memory Corruption
+ cf. https://bugs.ghostscript.com/show_bug.cgi?id=702582
+ (bsc#1174415)
+
+---
ghostscript.changes: same change
New:
CVE-2020-15900.patch
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.3Lodx8/_old 2020-07-31 15:52:49.100052348 +0200
+++ /var/tmp/diff_new_pack.3Lodx8/_new 2020-07-31 15:52:49.104052352 +0200
@@ -78,6 +78,13 @@
Source0:ghostscript-%{version}.tar.gz
Source1:apparmor_ghostscript
# Patch0...Patch9 is for patches from upstream:
+# Patch1 CVE-2020-15900.patch is
+#
https://github.com/ArtifexSoftware/ghostpdl/commit/5d499272b95a6b890a1397e11d20937de000d31b
+# that fixes CVE-2020-15900 Memory Corruption
+# in the rsearch PostScript function that is implemented as search_impl() in
psi/zstring.c
+# cf. https://bugs.ghostscript.com/show_bug.cgi?id=702582
+# and https://bugzilla.suse.com/show_bug.cgi?id=1174415
+Patch1: CVE-2020-15900.patch
# Source10...Source99 is for sources from SUSE which are intended for upstream:
# Patch10...Patch99 is for patches from SUSE which are intended for upstream:
# Source100...Source999 is for sources from SUSE which are not intended for
upstream:
@@ -146,6 +153,13 @@
# Be quiet when unpacking and
# use a directory name matching Source0 to make it work also for
ghostscript-mini:
%setup -q -n ghostscript-%{tarball_version}
+# Patch1 CVE-2020-15900.patch is
+#
https://github.com/ArtifexSoftware/ghostpdl/commit/5d499272b95a6b890a1397e11d20937de000d31b
+# that fixes CVE-2020-15900 Memory Corruption
+# in the rsearch PostScript function that is implemented as search_impl() in
psi/zstring.c
+# cf. https://bugs.ghostscript.com/show_bug.cgi?id=702582
+# and https://bugzilla.suse.com/show_bug.cgi?id=1174415
+%patch1
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream
tarball.
# Again use the zlib sources from Ghostscript upstream
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.3Lodx8/_old 2020-07-31 15:52:49.128052375 +0200
+++ /var/tmp/diff_new_pack.3Lodx8/_new 2020-07-31 15:52:49.128052375 +0200
@@ -102,6 +102,13 @@
Source0:ghostscript-%{version}.tar.gz
Source1:apparmor_ghostscript
# Patch0...Patch9 is for patches from upstream:
+# Patch1 CVE-2020-15900.patch is
+#
https://github.com/ArtifexSoftware/ghostpdl/commit/5d499272b95a6b890a1397e11d20937de000d31b
+# that fixes CVE-2020-15900 Memory Corruption
+# in the rsearch PostScript function that is implemented as search_impl() in
psi/zstring.c
+# cf. https://bugs.ghostscript.com/show_bug.cgi?id=702582
+# and https://bugzilla.suse.com/show_bug.cgi?id=1174415
+Patch1: CVE-2020-15900.patch
# Source10...Source99 is for sources from SUSE which are intended for upstream:
# Patch10...Patch99 is for patches from SUSE which are intended for upstream:
# Source100...Source999 is for sources from SUSE which are not intended for
upstream:
@@ -283,6 +290,13 @@
# Be quiet when unpacking and
# use a directory name matching Source0 to make it work also for
ghostscript-mini:
%setup -q -n ghostscript-%{tarball_version}
+# Patch1 CVE-2020-15900.patch is
+#
https://github.com/ArtifexSoftware/ghostpdl/commit/5d499272b95a6b890a1397e11d20937de000d31b
+# that fixes CVE-2020-15900 Memory Corruption
+# in the rsearch PostScript function that is implemented as search_impl() in
psi/zstring.c
+# cf. https://bugs.ghostscript.com/show_bug.cgi?id=702582
+# and https://bugzilla.suse.com/show_bug.cgi?id=1174415
+%patch1
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream
tarball.
# Again use the zlib sources from Ghostscript upstream
++ CVE-2020-15900.patch ++
--- psi/zstring.c.orig 2020-03-19 09:21:42.0 +0100
+++ psi/zstring.c 2020-07-27 08:25:08.963425295 +0200
@@ -142,13 +142,18 @@
commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2020-05-08 23:02:56 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new.2738 (New) Package is "ghostscript" Fri May 8 23:02:56 2020 rev:45 rq:800666 version:9.52 Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2019-09-20 14:48:22.070940279 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new.2738/ghostscript-mini.changes 2020-05-08 23:03:13.813602227 +0200 @@ -1,0 +2,131 @@ +Wed Apr 29 12:09:39 CEST 2020 - jsm...@suse.de + +- The version upgrade to 9.52 fixes in particular + CVE-2020-12268: jbic2dec: heap-based buffer overflow + in jbig2_image_compose (bsc#1170603) +- Version upgrade to 9.52 + Highlights in this release include: + * The 9.52 release replaces the 9.51 release after a problem +was reported with 9.51 which warranted the quick turnaround. +Thus, like 9.51, 9.52 is primarily a maintenance release, +consolidating the changes we introduced in 9.50. + * IMPORTANT: We have forked LittleCMS2 into LittleCMS2mt +(the "mt" indicating "multi-thread"). +LCMS2 is not thread-safe, and cannot be made thread-safe +without breaking the ABI. Our fork will be thread-safe and +include performance enhancements (these changes have all +been offered and rejected upstream). We will maintain +compatibility between Ghostscript and LCMS2 for a time, +but not in perpetuity. If there is sufficient interest, +our fork will be available as its own package separately +from Ghostscript (and MuPDF). + * The usual round of bug fixes, compatibility changes, +and incremental improvements. + Incompatible changes: + * New option -dALLOWPSTRANSPARENCY: The transparency compositor +(and related features), whilst we are improving it, remains +sensitive to being driven correctly, and incorrect use +can have unexpected/undefined results. Hence, as part of +improving security, we limited access to these operators, +originally using the -dSAFER feature. As we made "SAFER" +the default mode, that became unacceptable, hence the +new option -dALLOWPSTRANSPARENCY which enables access +to the operators, cf. +https://www.ghostscript.com/doc/9.52/Use.htm#ALLOWPSTRANSPARENCY + For a release summary see: + https://www.ghostscript.com/doc/9.52/News.htm + For details see the News.htm and History9.htm files. +- Version upgrade to 9.51 + Highlights in this release include: + * 9.51 is primarily a maintainance release, consolidating +the changes we introduced in 9.50. + * We have continued our work on code hygiene for this release, +with a focus on the static analysis tool Coverity +(from Synopsys, Inc) and we are now maintaining a policy of +zero Coverity issues in the Ghostscript/GhostPDL source base. + * IMPORTANT: In consultation with a representative of +OpenPrinting (http://www.openprinting.org/) it is our +intention to deprecate and, in the not distant future, +remove the OpenPrinting Vector/Raster Printer Drivers +(that is, the opvp and oprp devices). +If you rely on either of these devices, please get in touch +with us (i.e. Ghostscript upstream), so we can discuss your +use case, and revise our plans accordingly. + * We (i.e. Ghostscript upstream) are in the process of forking +LittleCMS, cf. the other release notes entries below. + * The usual round of bug fixes, compatibility changes, +and incremental improvements. + For a release summary see: + https://www.ghostscript.com/doc/9.51/News.htm + For details see the News.htm and History9.htm files. +- Version upgrade to 9.50 + Highlights in this release include: + * The change to version 9.50 follows recognition +of the extent and importance of the file access control +redesign/reimplementation outlined below. + * The file access control capability (enable with -dSAFER) +has been completely rewritten, with a ground-up rethink +of the design. For more details, see: "SAFER" at +https://www.ghostscript.com/doc/9.50/Use.htm#Safer + * It is important to note that -dSAFER now only enables the +file access controls, and no longer applies restrictions +to standard Postscript functionality (specifically, +restrictions on setpagedevice). If your application relies +on these Postscript restrictions, see "OLDSAFER" at +https://www.ghostscript.com/doc/9.50/Use.htm#OldSafer +and please get in touch, as we do plan to remove those +Postscript restrictions unless we have reason not to. + IMPORTANT: File access controls are now enabled by default. +In order to run Ghostscript without these controls, +see "NOSAFER" at +
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2020-02-06 13:06:57
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new.26092 (New)
Package is "ghostscript"
Thu Feb 6 13:06:57 2020 rev:44 rq:769481 version:9.27
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2019-09-30
15:50:56.934565898 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new.26092/ghostscript.changes
2020-02-06 13:07:00.800296583 +0100
@@ -1,0 +2,5 @@
+Fri Jan 31 17:26:37 UTC 2020 - Stefan Brüns
+
+- Use system openjpeg2 on Tumbleweed/Factory.
+
+---
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.Bw7GLS/_old 2020-02-06 13:07:02.836297690 +0100
+++ /var/tmp/diff_new_pack.Bw7GLS/_new 2020-02-06 13:07:02.836297690 +0100
@@ -1,7 +1,7 @@
#
# spec file for package ghostscript-mini
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.Bw7GLS/_old 2020-02-06 13:07:02.852297699 +0100
+++ /var/tmp/diff_new_pack.Bw7GLS/_new 2020-02-06 13:07:02.852297699 +0100
@@ -1,7 +1,7 @@
#
# spec file for package ghostscript
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -47,7 +47,9 @@
BuildRequires: xorg-x11-fonts
BuildRequires: zlib-devel
# Always check if latest version of penjpeg becomes compatible with ghostscript
-#BuildRequires: pkgconfig(libopenjp2)
+%if 0%{?suse_version} >= 1550
+BuildRequires: pkgconfig(libopenjp2) >= 2.3.1
+%endif
%if 0%{?suse_version} >= 1500
BuildRequires: apparmor-abstractions
BuildRequires: apparmor-rpm-macros
@@ -322,6 +324,9 @@
%else
rm -rf freetype jpeg libpng tiff
%endif
+%if 0%{?suse_version} >= 1550
+rm -rf openjpeg
+%endif
# In contrast to the above we use lcms2 from SUSE since Ghostscript 9.23rc1
# because that is what Ghostscript upstream recommends according to
# https://ghostscript.com/pipermail/gs-devel/2018-March/010061.html
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2019-09-30 15:50:54
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new.2352 (New)
Package is "ghostscript"
Mon Sep 30 15:50:54 2019 rev:43 rq:732862 version:9.27
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2019-09-20
14:48:23.966939903 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new.2352/ghostscript.changes
2019-09-30 15:50:56.934565898 +0200
@@ -1,0 +2,6 @@
+Mon Sep 23 08:24:49 UTC 2019 - Johannes Segitz
+
+- Made ghostscript profile enforcing and limit it to the ghostscript
+ binaries (bsc#1150338)
+
+---
Other differences:
--
ghostscript.spec: same change
++ apparmor_ghostscript ++
--- /var/tmp/diff_new_pack.TAW5mB/_old 2019-09-30 15:50:58.262562364 +0200
+++ /var/tmp/diff_new_pack.TAW5mB/_new 2019-09-30 15:50:58.266562354 +0200
@@ -3,9 +3,7 @@
# this profile is mainly intended to prevent easy exploitation of
# issues in ghostscript. This is mainly intended as a hardening
# measure and doesn't alleviate the need for regular updates.
-# Currently this profile is in complain mode since it caused regressions
-# for tumbleweed users
-profile ghostscript
/usr/bin/{dvipdf,eps2eps,gs,gsbj,gsdj,gsdj500,gslj,gslp,gsnd,ps2ascii,ps2epsi,ps2pdf,ps2pdf12,ps2pdf13,ps2pdf14,ps2pdfwr,ps2ps,ps2ps2}
flags=(complain) {
+profile ghostscript /usr/bin/{gs,gs.bin} {
#include
#include
#include
@@ -13,7 +11,8 @@
# needed to read gc/write pdfs/eps/.. everywhere
/** wr,
-
/usr/bin/{dvipdf,eps2eps,gs,gsbj,gsdj,gsdj500,gslj,gslp,gsnd,ps2ascii,ps2epsi,ps2pdf,ps2pdf12,ps2pdf13,ps2pdf14,ps2pdfwr,ps2ps,ps2ps2}
mrix,
+ # have these spelled out in case we can narrow the line above down sometime
+ /usr/bin/{gs,gs.bin} mrix,
/usr/bin/dvips mrix,
/usr/lib64/ghostscript/** m,
/usr/lib64/libgs.so.* m,
@@ -34,28 +33,4 @@
/usr/share/snmp/mibs/*.txt r,
owner /var/spool/cups/tmp/gs_?? rw,
}
-
- /usr/bin/basename Cx,
- profile /usr/bin/basename {
-#include
-
-/usr/bin/basename mr,
- }
-
- /usr/bin/dirname Cx,
- profile /usr/bin/dirname {
-#include
-/usr/bin/dirname mr,
- }
-
- # for gsbj
- /usr/bin/date mrix,
- # for ps2epsi
- /usr/bin/{gawk,cat,ls,sed,which} mrix,
- /usr/bin/{mktemp,rm} Cx -> tempdir,
- profile tempdir {
-#include
-/usr/bin/{mktemp,rm} mr,
-owner /tmp/ps2epsi.* rw,
- }
}
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2019-09-20 14:48:11
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new.7948 (New)
Package is "ghostscript"
Fri Sep 20 14:48:11 2019 rev:42 rq:731293 version:9.27
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2019-08-24 18:39:37.465796461 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new.7948/ghostscript-mini.changes
2019-09-20 14:48:22.070940279 +0200
@@ -1,0 +2,19 @@
+Mon Sep 16 11:58:41 UTC 2019 - Dr. Werner Fink
+
+- Add patch gs-CVE-2019-14811-885444fc.patch to fix bsc#1146882
+ for CVE-2019-14811,CVE-2019-14812,CVE-2019-14813
+- Add patch gs-CVE-2019-14817-cd1b1cac.patch to fix bsc#1146884
+ for CVE-2019-14817
+
+---
+Fri Sep 13 14:15:10 UTC 2019 - Dr. Werner Fink
+
+- Add patch openjpeg4gs-CVE-2018-6616-8ee33522.patch to fix bsc#1140359
+ for CVE-2019-12973
+
+---
+Thu Aug 22 06:20:43 UTC 2019 - Jan Engelhardt
+
+- Update RPM groups.
+
+---
@@ -6 +25,9 @@
- use this with ist wrapper script
+ use this with its wrapper script
+
+---
+Mon Aug 12 11:32:08 UTC 2019 - Dr. Werner Fink
+
+- CVE-2019-10216.patch fixes CVE-2019-10216
+ forceput/superexec in .buildfont1 is still accessible
+ https://bugzilla.suse.com/show_bug.cgi?id=1144621 bsc#1144621
+ https://bugs.ghostscript.com/show_bug.cgi?id=701394
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2019-08-24
18:39:37.645796443 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new.7948/ghostscript.changes
2019-09-20 14:48:23.966939903 +0200
@@ -1,0 +2,19 @@
+Mon Sep 16 11:58:41 UTC 2019 - Dr. Werner Fink
+
+- Add patch gs-CVE-2019-14811-885444fc.patch to fix bsc#1146882
+ for CVE-2019-14811,CVE-2019-14812,CVE-2019-14813
+- Add patch gs-CVE-2019-14817-cd1b1cac.patch to fix bsc#1146884
+ for CVE-2019-14817
+
+---
+Fri Sep 13 14:15:10 UTC 2019 - Dr. Werner Fink
+
+- Add patch openjpeg4gs-CVE-2018-6616-8ee33522.patch to fix bsc#1140359
+ for CVE-2019-12973
+
+---
+Thu Aug 22 06:20:43 UTC 2019 - Jan Engelhardt
+
+- Update RPM groups.
+
+---
@@ -6 +25,9 @@
- use this with ist wrapper script
+ use this with its wrapper script
+
+---
+Mon Aug 12 11:32:08 UTC 2019 - Dr. Werner Fink
+
+- CVE-2019-10216.patch fixes CVE-2019-10216
+ forceput/superexec in .buildfont1 is still accessible
+ https://bugzilla.suse.com/show_bug.cgi?id=1144621 bsc#1144621
+ https://bugs.ghostscript.com/show_bug.cgi?id=701394
New:
CVE-2019-10216.patch
gs-CVE-2019-14811-885444fc.patch
gs-CVE-2019-14817-cd1b1cac.patch
openjpeg4gs-CVE-2018-6616-8ee33522.patch
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.dOCvcU/_old 2019-09-20 14:48:33.430938019 +0200
+++ /var/tmp/diff_new_pack.dOCvcU/_new 2019-09-20 14:48:33.438938017 +0200
@@ -35,8 +35,8 @@
Requires(preun): update-alternatives
Summary:Minimal Ghostscript for minimal build requirements
License:AGPL-3.0-only
-Group: System/Libraries
-Url:http://www.ghostscript.com/
+Group: Productivity/Office/Other
+URL:https://www.ghostscript.com/
# Special version needed for Ghostscript release candidates (e.g. "Version:
9.14pre15rc1" for 9.15rc1).
# Version 9.15rc1 would be newer than 9.15 (run "zypper vcmp 9.15rc1 9.15")
because the rpmvercmp algorithm
# would treat 9.15rc1 as 9.15.rc.1 (alphabetic and numeric sections get
separated into different elements)
@@ -45,6 +45,7 @@
# But only with the alphabetic prefix "9.pre15rc1" would be older than the
previous version number "9.14"
# because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are
older than numbers
# so that we keep additionally the previous version number to upgrade from the
previous version:
+# Starting SLE12/rpm-4.10, one can use tildeversions: 9.15~rc1.
#Version:9.25pre26rc1
Version:9.27
Release:0
@@ -77,6 +78,14 @@
Source0:ghostscript-%{version}.tar.gz
Source1:apparmor_ghostscript
# Patch0...Patch9 is for patches from upstream:
+# Patch0 Add commit from openjpeg upstream to fix CVE-2018-6616
+Patch0:
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2019-08-24 18:39:36
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new.7948 (New)
Package is "ghostscript"
Sat Aug 24 18:39:36 2019 rev:41 rq:724779 version:9.27
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2019-05-07 23:11:42.216013604 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new.7948/ghostscript-mini.changes
2019-08-24 18:39:37.465796461 +0200
@@ -1,0 +2,7 @@
+Tue Aug 13 12:38:45 UTC 2019 - Dr. Werner Fink
+
+- Use update-alternatives to get the real ghostscript binary from
+ /usr/bin/gs to /usr/bin/gs.bin and allow the gswrap package to
+ use this with ist wrapper script
+
+---
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2019-05-14
13:29:01.751130120 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new.7948/ghostscript.changes
2019-08-24 18:39:37.645796443 +0200
@@ -1,0 +2,7 @@
+Tue Aug 13 12:38:45 UTC 2019 - Dr. Werner Fink
+
+- Use update-alternatives to get the real ghostscript binary from
+ /usr/bin/gs to /usr/bin/gs.bin and allow the gswrap package to
+ use this with ist wrapper script
+
+---
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.DomlwX/_old 2019-08-24 18:39:38.657796346 +0200
+++ /var/tmp/diff_new_pack.DomlwX/_new 2019-08-24 18:39:38.657796346 +0200
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@@ -24,12 +24,15 @@
BuildRequires: libtiff-devel
BuildRequires: libtool
BuildRequires: pkg-config
+BuildRequires: update-alternatives
BuildRequires: zlib-devel
%if 0%{?suse_version} >= 1500
BuildRequires: apparmor-abstractions
BuildRequires: apparmor-rpm-macros
Requires: apparmor-abstractions
%endif
+Requires(post): update-alternatives
+Requires(preun): update-alternatives
Summary:Minimal Ghostscript for minimal build requirements
License:AGPL-3.0-only
Group: System/Libraries
@@ -321,19 +324,35 @@
install -m 644 catalog.devices $DOCDIR
install -D -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/apparmor.d/ghostscript
+# Move /usr/bin/gs to /usr/bin/gs.bin to be able to use update-alternatives
+install -d %buildroot%{_sysconfdir}/alternatives
+mv %{buildroot}%{_bindir}/gs %{buildroot}%{_bindir}/gs.bin
+ln -sf %{_bindir}/gs.bin %{buildroot}%{_sysconfdir}/alternatives/gs
+ln -sf %{_sysconfdir}/alternatives/gs %{buildroot}%{_bindir}/gs
+
%post
/sbin/ldconfig
%if 0%{?suse_version} >= 1500
%apparmor_reload /etc/apparmor.d/ghostscript
%endif
+%{_sbindir}/update-alternatives \
+ --install %{_bindir}/gs gs %{_bindir}/gs.bin 15
%postun -p /sbin/ldconfig
+%preun
+if test $1 -eq 0 ; then
+%{_sbindir}/update-alternatives \
+--remove gs %{_bindir}/gs.bin
+fi
+
%files
%defattr(-, root, root)
+%ghost %config %{_sysconfdir}/alternatives/gs
%{_bindir}/dvipdf
%{_bindir}/eps2eps
%{_bindir}/gs
+%{_bindir}/gs.bin
%{_bindir}/gsbj
%{_bindir}/gsdj
%{_bindir}/gsdj500
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.DomlwX/_old 2019-08-24 18:39:38.677796344 +0200
+++ /var/tmp/diff_new_pack.DomlwX/_new 2019-08-24 18:39:38.677796344 +0200
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@@ -42,6 +42,7 @@
BuildRequires: libtiff-devel
BuildRequires: libtool
BuildRequires: pkg-config
+BuildRequires: update-alternatives
BuildRequires: xorg-x11-devel
BuildRequires: xorg-x11-fonts
BuildRequires: zlib-devel
@@ -50,6 +51,8 @@
BuildRequires: apparmor-rpm-macros
Requires: apparmor-abstractions
%endif
+Requires(post): update-alternatives
+Requires(preun): update-alternatives
Summary:The Ghostscript interpreter for PostScript and PDF
License:AGPL-3.0-only
Group: System/Libraries
@@ -457,19 +460,35 @@
install -m 644 catalog.devices $DOCDIR
install -D -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/apparmor.d/ghostscript
+# Move /usr/bin/gs to /usr/bin/gs.bin to be able to use update-alternatives
+install -d %buildroot%{_sysconfdir}/alternatives
+mv %{buildroot}%{_bindir}/gs
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2019-05-14 13:28:57
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new.5148 (New)
Package is "ghostscript"
Tue May 14 13:28:57 2019 rev:40 rq:701738 version:9.27
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2019-05-07
23:11:42.692014494 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new.5148/ghostscript.changes
2019-05-14 13:29:01.751130120 +0200
@@ -1,0 +2,5 @@
+Wed May 8 08:46:43 UTC 2019 - jseg...@suse.com
+
+- Set AA profile to complain and added fixes for ps2epsi (boo#1134327)
+
+---
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.7ONNbO/_old 2019-05-14 13:29:04.523137344 +0200
+++ /var/tmp/diff_new_pack.7ONNbO/_new 2019-05-14 13:29:04.547137407 +0200
@@ -1,7 +1,7 @@
#
# spec file for package ghostscript-mini
#
-# Copyright (c) 2019 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.7ONNbO/_old 2019-05-14 13:29:04.851138199 +0200
+++ /var/tmp/diff_new_pack.7ONNbO/_new 2019-05-14 13:29:04.891138304 +0200
@@ -1,7 +1,7 @@
#
# spec file for package ghostscript
#
-# Copyright (c) 2019 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -218,7 +218,6 @@
%package x11
Summary:X11 library for Ghostscript
-Group: Productivity/Publishing/PS
# Require the exact matching version-release of the ghostscript main-package
because
# a non-matching ghostscript main-package may let it fail or even crash (e.g.
segfault)
# because all Ghostscript software is built from one same Ghostscript source
tar ball
@@ -226,6 +225,7 @@
# The exact matching version-release of the ghostscript main-package is
available
# on the same package repository where the ghostscript-x11 sub-package is
because
# all are built simulaneously from the same Ghostscript source package:
+Group: Productivity/Publishing/PS
Requires: ghostscript = %{version}-%{release}
# Unfortunately ghostscript-library.spec and ghostscript-mini.spec have
# an unversioned "Provides: ghostscript" and for RPM this means that both
++ apparmor_ghostscript ++
--- /var/tmp/diff_new_pack.7ONNbO/_old 2019-05-14 13:29:05.279139315 +0200
+++ /var/tmp/diff_new_pack.7ONNbO/_new 2019-05-14 13:29:05.299139367 +0200
@@ -2,8 +2,10 @@
# this profile is mainly intended to prevent easy exploitation of
# issues in ghostscript. This is mainly intended as a hardening
-# measure and doesn't alleviate the need for regular updates
-profile ghostscript
/usr/bin/{dvipdf,eps2eps,gs,gsbj,gsdj,gsdj500,gslj,gslp,gsnd,ps2ascii,ps2epsi,ps2pdf,ps2pdf12,ps2pdf13,ps2pdf14,ps2pdfwr,ps2ps,ps2ps2}
{
+# measure and doesn't alleviate the need for regular updates.
+# Currently this profile is in complain mode since it caused regressions
+# for tumbleweed users
+profile ghostscript
/usr/bin/{dvipdf,eps2eps,gs,gsbj,gsdj,gsdj500,gslj,gslp,gsnd,ps2ascii,ps2epsi,ps2pdf,ps2pdf12,ps2pdf13,ps2pdf14,ps2pdfwr,ps2ps,ps2ps2}
flags=(complain) {
#include
#include
#include
@@ -45,4 +47,15 @@
#include
/usr/bin/dirname mr,
}
+
+ # for gsbj
+ /usr/bin/date mrix,
+ # for ps2epsi
+ /usr/bin/{gawk,cat,ls,sed,which} mrix,
+ /usr/bin/{mktemp,rm} Cx -> tempdir,
+ profile tempdir {
+#include
+/usr/bin/{mktemp,rm} mr,
+owner /tmp/ps2epsi.* rw,
+ }
}
commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2019-05-07 23:11:37 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new.5148 (New) Package is "ghostscript" Tue May 7 23:11:37 2019 rev:39 rq:700982 version:9.27 Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2019-03-26 15:37:18.864374873 +0100 +++ /work/SRC/openSUSE:Factory/.ghostscript.new.5148/ghostscript-mini.changes 2019-05-07 23:11:42.216013604 +0200 @@ -1,0 +2,57 @@ +Thu Apr 4 14:37:09 CEST 2019 - jsm...@suse.de + +- Version upgrade to 9.27 + Highlights in this release include: + * We (i.e. Ghostscript upstream) have extensively cleaned up +the Postscript name space: removing access to internal and/or +undocumented Postscript operators, procedures and data. +This has benefits for security and maintainability. +Incompatible changes: +The process of "tidying" the Postscript name space should +have removed only non-standard and undocumented operators. +Nevertheless, it is possible that any integrations or +utilities that rely on those non-standard and undocumented +operators may stop working, or may change behaviour. +If you encounter such a case, please contact us (i.e. +Ghostscript upstream) - (either the #ghostscript IRC channel, +or the gs-devel mailing list would be best), and we'll work +with you to either find an alternative solution. + * Fontmap can now reference invidual fonts in a TrueType +Collection for font subsitution. Previously, a Fontmap entry +could only reference a TrueType collection and use the default +(first) font. +Now, the Fontmap syntax allows for specifying a specific index +in a TTC. See the comments at the top of (the default) +Fontmap.GS for details. + * The usual round of bug fixes, compatibility changes, +and incremental improvements. + IMPORTANT: It is our intention, within the next 12 months +(ideally sooner, in time for the next release) to make SAFER +the default mode of operation. For many users this will have +no effect, since they use SAFER explicitly, but some niche +uses which rely on SAFER being disabled may need to start +explicitly adding the "-dNOSAFER" option. + IMPORTANT: We (i.e. Ghostscript upstream) are in the process of +forking LittleCMS. LCMS2 is not thread safe, and cannot be made +thread safe without breaking the ABI. Our fork will be thread +safe, and include performance enhancements (these changes have +all be been offered and rejected upstream). We will maintain +compatibility between Ghostscript and LCMS2 for a time, but not +in perpetuity. Our fork will be available as its own package +separately from Ghostscript (and MuPDF). + For a release summary see: + http://www.ghostscript.com/doc/9.27/News.htm + For details see the News.htm and History9.htm files. + The Ghostscript 9.27 release should fix (cf. the entry below + dated 'Fri Sep 14 10:47:33 CEST 2018' what "should fix" means) + in particular those security issues: + * CVE-2019-3838 forceput in DefineResource is still accessible +https://bugzilla.suse.com/show_bug.cgi?id=1129186 bsc#1129186 +https://bugs.ghostscript.com/show_bug.cgi?id=700576 + * CVE-2019-3835: superexec operator is available +https://bugzilla.suse.com/show_bug.cgi?id=1129180 bsc#1129180 +https://bugs.ghostscript.com/show_bug.cgi?id=700585 +- ghostscript-2.26-subclassing-devices-fix-put_image-method.patch + is no longer needed because it is fixed in the upstream sources. + +--- ghostscript.changes: same change Old: ghostscript-2.26-subclassing-devices-fix-put_image-method.patch ghostscript-9.26a.tar.gz New: ghostscript-9.27.tar.gz Other differences: -- ++ ghostscript-mini.spec ++ --- /var/tmp/diff_new_pack.8Ljh25/_old 2019-05-07 23:11:43.896016746 +0200 +++ /var/tmp/diff_new_pack.8Ljh25/_new 2019-05-07 23:11:43.900016753 +0200 @@ -1,7 +1,7 @@ # # spec file for package ghostscript-mini # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -43,11 +43,7 @@ # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers # so that we keep additionally the previous version number to upgrade from the previous version: #Version:9.25pre26rc1 -# The upstream version
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2019-03-26 15:37:17
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new.25356 (New)
Package is "ghostscript"
Tue Mar 26 15:37:17 2019 rev:38 rq:687694 version:9.26a
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2019-03-01 20:25:31.374067406 +0100
+++ /work/SRC/openSUSE:Factory/.ghostscript.new.25356/ghostscript-mini.changes
2019-03-26 15:37:18.864374873 +0100
@@ -1,0 +2,20 @@
+Thu Mar 14 08:03:24 UTC 2019 - jseg...@suse.com
+
+- Added AA rules for dvips (bsc#1127934)
+- Allow execution of dirname (bsc#1128697)
+- Allow execution of hpijs (bsc#1128467). For now this is in
+ complain mode
+- Sane profile name "ghostscript", moved profile from
+ /etc/apparmor.d/usr.bin.gs to /etc/apparmor.d/ghostscript
+ (bsc#1128607)
+- Improved AA packaging (bsc#1128608)
+ Thanks to Christian Boltz for his help
+
+---
+Fri Mar 8 10:49:18 UTC 2019 - Martin Wilck
+
+- Fix IJS printing problem (bsc#1128467)
+ * added ijs_exec_server_dont_use_sh.patch
+ * allow exec'ing hpijs in apparmor profile
+
+---
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2019-03-12
09:48:15.227599787 +0100
+++ /work/SRC/openSUSE:Factory/.ghostscript.new.25356/ghostscript.changes
2019-03-26 15:37:19.192374743 +0100
@@ -1,0 +2,13 @@
+Thu Mar 14 08:03:24 UTC 2019 - jseg...@suse.com
+
+- Added AA rules for dvips (bsc#1127934)
+- Allow execution of dirname (bsc#1128697)
+- Allow execution of hpijs (bsc#1128467). For now this is in
+ complain mode
+- Sane profile name "ghostscript", moved profile from
+ /etc/apparmor.d/usr.bin.gs to /etc/apparmor.d/ghostscript
+ (bsc#1128607)
+- Improved AA packaging (bsc#1128608)
+ Thanks to Christian Boltz for his help
+
+---
Old:
apparmor_usr.bin.gs
New:
apparmor_ghostscript
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.lT2Uxk/_old 2019-03-26 15:37:21.388373869 +0100
+++ /var/tmp/diff_new_pack.lT2Uxk/_new 2019-03-26 15:37:21.392373868 +0100
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via https://bugs.opensuse.org/
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
@@ -25,6 +25,11 @@
BuildRequires: libtool
BuildRequires: pkg-config
BuildRequires: zlib-devel
+%if 0%{?suse_version} >= 1500
+BuildRequires: apparmor-abstractions
+BuildRequires: apparmor-rpm-macros
+Requires: apparmor-abstractions
+%endif
Summary:Minimal Ghostscript for minimal build requirements
License:AGPL-3.0-only
Group: System/Libraries
@@ -71,7 +76,7 @@
# wget -O gs926.MD5SUMS
https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs926/MD5SUMS
# MD5 checksum for Source0: 806bc2dedbc7f69b003f536658e08d4a
ghostscript-9.26.tar.gz
Source0:ghostscript-%{version}.tar.gz
-Source1:apparmor_usr.bin.gs
+Source1:apparmor_ghostscript
# Patch0...Patch9 is for patches from upstream:
Patch0: ghostscript-2.26-subclassing-devices-fix-put_image-method.patch
# Source10...Source99 is for sources from SUSE which are intended for upstream:
@@ -81,6 +86,7 @@
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream
tarball:
Patch100: remove-zlib-h-dependency.patch
+Patch101: ijs_exec_server_dont_use_sh.patch
# RPM dependencies:
Conflicts: ghostscript
Conflicts: ghostscript-x11
@@ -146,6 +152,7 @@
# and disable remove-zlib-h-dependency.patch because
# Ghostscript 9.21 does no longer build this way:
#patch100 -p1 -b remove-zlib-h-dependency.orig
+%patch101 -p1
# Remove patch backup files to avoid packaging
# cf. https://build.opensuse.org/request/show/581052
rm -f Resource/Init/*.ps.orig
@@ -312,9 +319,13 @@
# Switch back to the usual build log messages:
set -x
install -m 644 catalog.devices $DOCDIR
-install -D -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/apparmor.d/usr.bin.gs
+install -D -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/apparmor.d/ghostscript
-%post -p /sbin/ldconfig
+%post
+/sbin/ldconfig
+%if 0%{?suse_version} >= 1500
+%apparmor_reload /etc/apparmor.d/ghostscript
+%endif
%postun -p /sbin/ldconfig
@@ -392,8 +403,10 @@
%{_libdir}/libgs.so.*
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2019-03-12 09:48:10
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new.28833 (New)
Package is "ghostscript"
Tue Mar 12 09:48:10 2019 rev:37 rq:682815 version:9.26a
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2019-03-01
20:25:32.722067091 +0100
+++ /work/SRC/openSUSE:Factory/.ghostscript.new.28833/ghostscript.changes
2019-03-12 09:48:15.227599787 +0100
@@ -1,0 +2,7 @@
+Fri Mar 8 10:49:18 UTC 2019 - Martin Wilck
+
+- Fix IJS printing problem (bsc#1128467)
+ * added ijs_exec_server_dont_use_sh.patch
+ * allow exec'ing hpijs in apparmor profile
+
+---
New:
ijs_exec_server_dont_use_sh.patch
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.rp64Uy/_old 2019-03-12 09:48:16.615599511 +0100
+++ /var/tmp/diff_new_pack.rp64Uy/_new 2019-03-12 09:48:16.623599510 +0100
@@ -1,7 +1,7 @@
#
# spec file for package ghostscript-mini
#
-# Copyright (c) 2019 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.rp64Uy/_old 2019-03-12 09:48:16.659599503 +0100
+++ /var/tmp/diff_new_pack.rp64Uy/_new 2019-03-12 09:48:16.659599503 +0100
@@ -1,7 +1,7 @@
#
# spec file for package ghostscript
#
-# Copyright (c) 2019 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@@ -101,6 +101,7 @@
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream
tarball:
Patch100: remove-zlib-h-dependency.patch
+Patch101: ijs_exec_server_dont_use_sh.patch
# RPM dependencies:
# Additional RPM Provides of the ghostscript-library packages in openSUSE 11.4
from
# "rpm -q --provides ghostscript-library" and "rpm -q --provides
ghostscript-x11":
@@ -217,7 +218,6 @@
%package x11
Summary:X11 library for Ghostscript
-Group: Productivity/Publishing/PS
# Require the exact matching version-release of the ghostscript main-package
because
# a non-matching ghostscript main-package may let it fail or even crash (e.g.
segfault)
# because all Ghostscript software is built from one same Ghostscript source
tar ball
@@ -225,6 +225,7 @@
# The exact matching version-release of the ghostscript main-package is
available
# on the same package repository where the ghostscript-x11 sub-package is
because
# all are built simulaneously from the same Ghostscript source package:
+Group: Productivity/Publishing/PS
Requires: ghostscript = %{version}-%{release}
# Unfortunately ghostscript-library.spec and ghostscript-mini.spec have
# an unversioned "Provides: ghostscript" and for RPM this means that both
@@ -282,6 +283,7 @@
# and disable remove-zlib-h-dependency.patch because
# Ghostscript 9.21 does no longer build this way:
#patch100 -p1 -b remove-zlib-h-dependency.orig
+%patch101 -p1
# Remove patch backup files to avoid packaging
# cf. https://build.opensuse.org/request/show/581052
rm -f Resource/Init/*.ps.orig
++ apparmor_usr.bin.gs ++
--- /var/tmp/diff_new_pack.rp64Uy/_old 2019-03-12 09:48:16.695599495 +0100
+++ /var/tmp/diff_new_pack.rp64Uy/_new 2019-03-12 09:48:16.695599495 +0100
@@ -15,4 +15,5 @@
/usr/lib64/ghostscript/** m,
/usr/lib64/libgs.so.* m,
/usr/lib64/libijs-* m,
+ /usr/bin/hpijs ix,
}
++ ijs_exec_server_dont_use_sh.patch ++
>From 0d58bab5cdc7e76d7220ce441d39812c85329ba2 Mon Sep 17 00:00:00 2001
From: Martin Wilck
Date: Fri, 8 Mar 2019 12:01:13 +0100
Subject: [PATCH] ijs: ijs_exec_server(): don't use "sh"
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2019-03-01 20:25:28
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new.28833 (New)
Package is "ghostscript"
Fri Mar 1 20:25:28 2019 rev:36 rq:679465 version:9.26a
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2019-01-26 22:19:33.990994121 +0100
+++ /work/SRC/openSUSE:Factory/.ghostscript.new.28833/ghostscript-mini.changes
2019-03-01 20:25:31.374067406 +0100
@@ -1,0 +2,7 @@
+Thu Feb 7 09:27:44 UTC 2019 - jseg...@suse.com
+
+- Added apparmor_usr.bin.gs. This profile prevents execution of
+ executables to serve as hardening for the binaries that process
+ ghostscript. This is of limited use but prevents simple exploits.
+
+---
ghostscript.changes: same change
New:
apparmor_usr.bin.gs
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.Odml8g/_old 2019-03-01 20:25:33.890066817 +0100
+++ /var/tmp/diff_new_pack.Odml8g/_new 2019-03-01 20:25:33.894066816 +0100
@@ -71,6 +71,7 @@
# wget -O gs926.MD5SUMS
https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs926/MD5SUMS
# MD5 checksum for Source0: 806bc2dedbc7f69b003f536658e08d4a
ghostscript-9.26.tar.gz
Source0:ghostscript-%{version}.tar.gz
+Source1:apparmor_usr.bin.gs
# Patch0...Patch9 is for patches from upstream:
Patch0: ghostscript-2.26-subclassing-devices-fix-put_image-method.patch
# Source10...Source99 is for sources from SUSE which are intended for upstream:
@@ -311,6 +312,7 @@
# Switch back to the usual build log messages:
set -x
install -m 644 catalog.devices $DOCDIR
+install -D -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/apparmor.d/usr.bin.gs
%post -p /sbin/ldconfig
@@ -390,6 +392,8 @@
%{_libdir}/libgs.so.*
%{_libdir}/ghostscript/
%{_libdir}/libijs-0.35.so
+%dir %{_sysconfdir}/apparmor.d
+%{_sysconfdir}/apparmor.d/*
%files devel
%defattr(-,root,root)
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.Odml8g/_old 2019-03-01 20:25:33.906066813 +0100
+++ /var/tmp/diff_new_pack.Odml8g/_new 2019-03-01 20:25:33.910066812 +0100
@@ -91,6 +91,7 @@
# wget -O gs926.MD5SUMS
https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs926/MD5SUMS
# MD5 checksum for Source0: 806bc2dedbc7f69b003f536658e08d4a
ghostscript-9.26.tar.gz
Source0:ghostscript-%{version}.tar.gz
+Source1:apparmor_usr.bin.gs
# Patch0...Patch9 is for patches from upstream:
Patch0: ghostscript-2.26-subclassing-devices-fix-put_image-method.patch
# Source10...Source99 is for sources from SUSE which are intended for upstream:
@@ -447,6 +448,7 @@
# Switch back to the usual build log messages:
set -x
install -m 644 catalog.devices $DOCDIR
+install -D -m 644 %{SOURCE1} %{buildroot}%{_sysconfdir}/apparmor.d/usr.bin.gs
%post -p /sbin/ldconfig
@@ -527,6 +529,8 @@
%{_libdir}/ghostscript/
%{_libdir}/libijs-0.35.so
%exclude %{_libdir}/ghostscript/%{built_version}/X11.so
+%dir %{_sysconfdir}/apparmor.d
+%{_sysconfdir}/apparmor.d/*
%files x11
%defattr(-,root,root)
++ apparmor_usr.bin.gs ++
#include
# this profile is mainly intended to prevent easy exploitation of
# issues in ghostscript. This is mainly intended as a hardening
# measure and doesn't alleviate the need for regular updates
profile
/usr/bin/{dvipdf,eps2eps,gs,gsbj,gsdj,gsdj500,gslj,gslp,gsnd,ps2ascii,ps2epsi,ps2pdf,ps2pdf12,ps2pdf13,ps2pdf14,ps2pdfwr,ps2ps,ps2ps2}
{
#include
#include
#include
#include
# needed to read gc/write pdfs/eps/.. everywhere
/** wr,
/usr/lib64/ghostscript/** m,
/usr/lib64/libgs.so.* m,
/usr/lib64/libijs-* m,
}
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2019-01-26 22:19:30
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new.28833 (New)
Package is "ghostscript"
Sat Jan 26 22:19:30 2019 rev:35 rq:668141 version:9.26a
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2018-12-05 09:37:45.245075427 +0100
+++ /work/SRC/openSUSE:Factory/.ghostscript.new.28833/ghostscript-mini.changes
2019-01-26 22:19:33.990994121 +0100
@@ -1,0 +2,18 @@
+Wed Jan 23 16:52:00 CET 2019 - jsm...@suse.de
+
+- Version upgrade to 9.26a
+ The version 9.26a is a special security bugfix version to fix
+ * CVE-2019-6116: subroutines within pseudo-operators
+must themselves be pseudo-operators
+https://bugs.ghostscript.com/show_bug.cgi?id=700317
+https://bugzilla.suse.com/show_bug.cgi?id=1122319 bsc#1122319
+
+---
+Thu Jan 10 17:09:16 UTC 2019 - jweberho...@weberhofer.at
+
+- ghostscript-2.26-subclassing-devices-fix-put_image-method.patch
+ fixes Ghostscript issue #700315 and bsc#1121490
+ https://bugs.ghostscript.com/show_bug.cgi?id=700315
+ Segfault in GS 9.26 with certain PDFs with -dLastPage=1
+
+---
ghostscript.changes: same change
Old:
ghostscript-9.26.tar.gz
New:
ghostscript-2.26-subclassing-devices-fix-put_image-method.patch
ghostscript-9.26a.tar.gz
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.JFIWBP/_old 2019-01-26 22:19:35.002993301 +0100
+++ /var/tmp/diff_new_pack.JFIWBP/_new 2019-01-26 22:19:35.006993297 +0100
@@ -1,7 +1,7 @@
#
# spec file for package ghostscript-mini
#
-# Copyright (c) 2018 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -38,9 +38,13 @@
# because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are
older than numbers
# so that we keep additionally the previous version number to upgrade from the
previous version:
#Version:9.25pre26rc1
-# Normal version for Ghostscript releases is the upstream version:
-Version:9.26
+# The upstream version 9.26a is a special Ghostscript upstream security bugfix
tar ball
+# where upstream provides a complete and consistent state of the whole
Ghostscript code
+# that includes in particular the complete patchset that is really non-trivial
+# to fix the Ghostscript upstream bug 700317 CVE-2019-6116:
+Version:9.26a
Release:0
+# Normal version for Ghostscript releases is the upstream version:
# tarball_version is used below to specify the directory via "setup -n":
# Special tarball_version needed for Ghostscript release candidates e.g.
"define tarball_version 9.15rc1".
# For Ghostscript releases tarball_version and version are the same (i.e. the
upstream version):
@@ -49,8 +53,8 @@
# built_version is used below in the install and files sections:
# Separated built_version needed in case of Ghostscript release candidates
e.g. "define built_version 9.15".
# For Ghostscript releases built_version and version are the same (i.e. the
upstream version):
-%define built_version %{version}
-#define built_version 9.26
+#define built_version %{version}
+%define built_version 9.26
# Source0...Source9 is for sources from upstream:
# Special URLs for Ghostscript release candidates:
# see https://github.com/ArtifexSoftware/ghostpdl-downloads/releases
@@ -68,6 +72,7 @@
# MD5 checksum for Source0: 806bc2dedbc7f69b003f536658e08d4a
ghostscript-9.26.tar.gz
Source0:ghostscript-%{version}.tar.gz
# Patch0...Patch9 is for patches from upstream:
+Patch0: ghostscript-2.26-subclassing-devices-fix-put_image-method.patch
# Source10...Source99 is for sources from SUSE which are intended for upstream:
# Patch10...Patch99 is for patches from SUSE which are intended for upstream:
# Source100...Source999 is for sources from SUSE which are not intended for
upstream:
@@ -133,6 +138,7 @@
# Be quiet when unpacking and
# use a directory name matching Source0 to make it work also for
ghostscript-mini:
%setup -q -n ghostscript-%{tarball_version}
+%patch0 -p1
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream
tarball.
# Again use the zlib sources from Ghostscript upstream
++ ghostscript.spec ++
---
commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2018-12-05 09:37:36 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new.19453 (New) Package is "ghostscript" Wed Dec 5 09:37:36 2018 rev:34 rq:652827 version:9.26 Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2018-09-26 15:59:40.072676627 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new.19453/ghostscript-mini.changes 2018-12-05 09:37:45.245075427 +0100 @@ -1,0 +2,65 @@ +Fri Nov 30 09:01:17 CET 2018 - jsm...@suse.de + +- Version upgrade to 9.26 + Highlights in this release include: + * Security issues have been the primary focus of this release, +including solving several (well publicised) real and potential +exploits. +Thanks to Man Yue Mo of Semmle Security Research Team, +Jens Mueller of Ruhr-Universitaet Bochum and +Tavis Ormandy of Google's Project Zero +for their help to identify specific security issues. +PLEASE NOTE: +We (i.e. Ghostscript upstream) strongly urge users to upgrade +to this latest release to avoid these issues. + * The usual round of bug fixes, compatibility changes, +and incremental improvements. + For a release summary see: + http://www.ghostscript.com/doc/9.26/News.htm + For details see the News.htm and History9.htm files. + The Ghostscript 9.26 release should fix (cf. the entry below + dated 'Fri Sep 14 10:47:33 CEST 2018' what "should fix" means) + in particular those security issues (bsc#1117331) + * CVE-2018-19475: psi/zdevice2.c allows attackers to bypass +intended access restrictions +https://bugs.ghostscript.com/show_bug.cgi?id=700153 +https://bugzilla.suse.com/show_bug.cgi?id=1117327 bsc#1117327 + * CVE-2018-19476: psi/zicc.c allows attackers to bypass +intended access restrictions because of a setcolorspace +type confusion +https://bugs.ghostscript.com/show_bug.cgi?id=700169 +https://bugzilla.suse.com/show_bug.cgi?id=1117313 bsc#1117313 + * CVE-2018-19477: psi/zfjbig2.c allows attackers to bypass +intended access restrictions because of a JBIG2Decode +type confusion +https://bugs.ghostscript.com/show_bug.cgi?id=700168 +https://bugzilla.suse.com/show_bug.cgi?id=1117274 bsc#1117274 + * CVE-2018-19409: LockSafetyParams is not checked correctly +if another device is used +https://bugs.ghostscript.com/show_bug.cgi?id=700176 +https://bugzilla.suse.com/show_bug.cgi?id=1117022 bsc#1117022 + and those security issues + * CVE-2018-18284: 1Policy operator gives access to .forceput +https://bugs.ghostscript.com/show_bug.cgi?id=69963 +https://bugzilla.suse.com/show_bug.cgi?id=1112229 bsc#1112229 + * CVE-2018-18073: saved execution stacks can leak operator arrays +https://bugs.ghostscript.com/show_bug.cgi?id=699927 +https://bugzilla.suse.com/show_bug.cgi?id=480 bsc#480 + * CVE-2018-17961: bypassing executeonly to escape -dSAFER sandbox +https://bugs.ghostscript.com/show_bug.cgi?id=699816 +https://bugzilla.suse.com/show_bug.cgi?id=479 bsc#479 + * CVE-2018-17183: remote attackers could be able to supply +crafted PostScript to potentially overwrite or replace +error handlers to inject code +https://bugs.ghostscript.com/show_bug.cgi?id=699708 +https://bugzilla.suse.com/show_bug.cgi?id=1109105 bsc#1109105 + +--- +Fri Nov 9 11:25:19 CET 2018 - jsm...@suse.de + +- Version upgrade to 9.26rc1 (first release candidate for 9.26). + Highlights in this release include: + * Purely security and a few bug fixes, there are no new features, +and no API changes to report. + +--- ghostscript.changes: same change Old: ghostscript-9.25.tar.gz New: ghostscript-9.26.tar.gz Other differences: -- ++ ghostscript-mini.spec ++ --- /var/tmp/diff_new_pack.gMUd2w/_old 2018-12-05 09:37:49.385070894 +0100 +++ /var/tmp/diff_new_pack.gMUd2w/_new 2018-12-05 09:37:49.385070894 +0100 @@ -26,7 +26,7 @@ BuildRequires: pkg-config BuildRequires: zlib-devel Summary:Minimal Ghostscript for minimal build requirements -License:AGPL-3.0 +License:AGPL-3.0-only Group: System/Libraries Url:http://www.ghostscript.com/ # Special version needed for Ghostscript release candidates (e.g. "Version: 9.14pre15rc1" for 9.15rc1). @@ -37,35 +37,35 @@ # But only with the alphabetic prefix "9.pre15rc1" would be older than the previous version number "9.14" # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and
commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2018-09-26 15:59:35 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new (New) Package is "ghostscript" Wed Sep 26 15:59:35 2018 rev:33 rq:635773 version:9.25 Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2018-06-08 23:11:39.920298005 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes 2018-09-26 15:59:40.072676627 +0200 @@ -1,0 +2,163 @@ +Fri Sep 14 10:47:33 CEST 2018 - jsm...@suse.de + +- Version upgrade to 9.25 + For the highlights in this release see the highlights in the + 9.25rc1 first release candidate for 9.25 entry below. + PLEASE NOTE: + We (i.e. Ghostscript upstream) strongly urge users to upgrade + to this latest release to avoid these issues. + For a release summary see: + http://www.ghostscript.com/doc/9.25/News.htm + For details see the News.htm and History9.htm files. + The Ghostscript 9.25 release should fix (see below) + in particular those security issues: + * CVE-2018-15909: shading_param incomplete type checking +https://bugs.ghostscript.com/show_bug.cgi?id=699660 +https://bugzilla.suse.com/show_bug.cgi?id=1106172 bsc#1106172 + * CVE-2018-15908: .tempfile file permission issues +https://bugs.ghostscript.com/show_bug.cgi?id=699657 +https://bugzilla.suse.com/show_bug.cgi?id=1106171 bsc#1106171 + * CVE-2018-15910: LockDistillerParams type confusion +https://bugs.ghostscript.com/show_bug.cgi?id=699656 +https://bugzilla.suse.com/show_bug.cgi?id=1106173 bsc#1106173 + * CVE-2018-15911: uninitialized memory access in the aesdecode +https://bugs.ghostscript.com/show_bug.cgi?id=699665 +https://bugzilla.suse.com/show_bug.cgi?id=1106195 bsc#1106195 + * CVE-2018-16513: setcolor missing type check +https://bugs.ghostscript.com/show_bug.cgi?id=699655 +https://bugzilla.suse.com/show_bug.cgi?id=1107412 bsc#1107412 + * CVE-2018-16509: /invalidaccess bypass after failed restore +https://bugs.ghostscript.com/show_bug.cgi?id=699654 +https://bugzilla.suse.com/show_bug.cgi?id=1107410 bsc#1107410 + * CVE-2018-16510: Incorrect exec stack handling in the "CS" +and "SC" PDF primitives +https://bugs.ghostscript.com/show_bug.cgi?id=699671 +https://bugzilla.suse.com/show_bug.cgi?id=1107411 bsc#1107411 + * CVE-2018-16542: .definemodifiedfont memory corruption +if /typecheck is handled +https://bugs.ghostscript.com/show_bug.cgi?id=699668 +https://bugzilla.suse.com/show_bug.cgi?id=1107413 bsc#1107413 + * CVE-2018-16541 incorrect free logic in pagedevice replacement +https://bugs.ghostscript.com/show_bug.cgi?id=699664 +https://bugzilla.suse.com/show_bug.cgi?id=1107421 bsc#1107421 + * CVE-2018-16540 use-after-free in copydevice handling +https://bugs.ghostscript.com/show_bug.cgi?id=699661 +https://bugzilla.suse.com/show_bug.cgi?id=1107420 bsc#1107420 + * CVE-2018-16539: incorrect access checking in temp file +handling to disclose contents of files +https://bugs.ghostscript.com/show_bug.cgi?id=699658 +https://bugzilla.suse.com/show_bug.cgi?id=1107422 bsc#1107422 + * CVE-2018-16543: gssetresolution and gsgetresolution allow +for unspecified impact +https://bugs.ghostscript.com/show_bug.cgi?id=699670 +https://bugzilla.suse.com/show_bug.cgi?id=1107423 bsc#1107423 + * CVE-2018-16511: type confusion in "ztype" could be used by +remote attackers able to supply crafted PostScript to crash +the interpreter or possibly have unspecified other impact +https://bugs.ghostscript.com/show_bug.cgi?id=699659 +https://bugzilla.suse.com/show_bug.cgi?id=1107426 bsc#1107426 + * CVE-2018-16585 .setdistillerkeys PostScript command is +accepted even though it is not intended for use +https://bugzilla.suse.com/show_bug.cgi?id=1107581 bsc#1107581 + * CVE-2018-16802: Incorrect"restoration of privilege" checking +when running out of stack during exceptionhandling could be +used by attackers able to supply crafted PostScript to execute +code using the "pipe" instruction. This is due to an incomplete +fix for CVE-2018-16509 +https://bugs.ghostscript.com/show_bug.cgi?id=699714 +https://bugs.ghostscript.com/show_bug.cgi?id=699718 +https://bugzilla.suse.com/show_bug.cgi?id=1108027 bnc#1108027 + Regarding what the above "should fix" means: + PostScript is a general purpose Turing-complete programming + language (cf. https://en.wikipedia.org/wiki/PostScript) + that supports in particular file access on the system disk. + When Ghostscript processes PostScript it runs a PostScript + program as the user who runs Ghostscript. + When Ghostscript processes an arbitrary PostScript
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2018-06-08 23:11:31
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is "ghostscript"
Fri Jun 8 23:11:31 2018 rev:32 rq:614287 version:9.23
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2018-04-17 11:15:12.788893861 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2018-06-08 23:11:39.920298005 +0200
@@ -1,0 +2,8 @@
+Tue Jun 5 14:47:59 CEST 2018 - jsm...@suse.de
+
+- CVE-2018-10194.patch fixes stack-based buffer overflow
+ in gdevpdts.c (bsc#1090099), see
+ https://bugs.ghostscript.com/show_bug.cgi?id=699255 and
+
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
+
+---
ghostscript.changes: same change
New:
CVE-2018-10194.patch
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.Pz43Ss/_old 2018-06-08 23:11:43.564166431 +0200
+++ /var/tmp/diff_new_pack.Pz43Ss/_new 2018-06-08 23:11:43.596165276 +0200
@@ -79,6 +79,11 @@
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream
tarball:
Patch100: remove-zlib-h-dependency.patch
+# Patch101 fixes stack-based buffer overflow in gdevpdts.c
+# see https://bugzilla.suse.com/show_bug.cgi?id=1090099
+# and https://bugs.ghostscript.com/show_bug.cgi?id=699255
+# and
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
+Patch101: CVE-2018-10194.patch
# RPM dependencies:
Conflicts: ghostscript
Conflicts: ghostscript-x11
@@ -149,6 +154,11 @@
# and disable remove-zlib-h-dependency.patch because
# Ghostscript 9.21 does no longer build this way:
#patch100 -p1 -b remove-zlib-h-dependency.orig
+# Patch101 fixes stack-based buffer overflow in gdevpdts.c
+# see https://bugzilla.suse.com/show_bug.cgi?id=1090099
+# and https://bugs.ghostscript.com/show_bug.cgi?id=699255
+# and
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
+%patch101 -b CVE-2018-10194.orig
# Remove patch backup files to avoid packaging
# cf. https://build.opensuse.org/request/show/581052
rm -f Resource/Init/*.ps.orig
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.Pz43Ss/_old 2018-06-08 23:11:43.912153866 +0200
+++ /var/tmp/diff_new_pack.Pz43Ss/_new 2018-06-08 23:11:43.948152566 +0200
@@ -99,6 +99,11 @@
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream
tarball:
Patch100: remove-zlib-h-dependency.patch
+# Patch101 fixes stack-based buffer overflow in gdevpdts.c
+# see https://bugzilla.suse.com/show_bug.cgi?id=1090099
+# and https://bugs.ghostscript.com/show_bug.cgi?id=699255
+# and
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
+Patch101: CVE-2018-10194.patch
# RPM dependencies:
# Additional RPM Provides of the ghostscript-library packages in openSUSE 11.4
from
# "rpm -q --provides ghostscript-library" and "rpm -q --provides
ghostscript-x11":
@@ -285,6 +290,11 @@
# and disable remove-zlib-h-dependency.patch because
# Ghostscript 9.21 does no longer build this way:
#patch100 -p1 -b remove-zlib-h-dependency.orig
+# Patch101 fixes stack-based buffer overflow in gdevpdts.c
+# see https://bugzilla.suse.com/show_bug.cgi?id=1090099
+# and https://bugs.ghostscript.com/show_bug.cgi?id=699255
+# and
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
+%patch101 -b CVE-2018-10194.orig
# Remove patch backup files to avoid packaging
# cf. https://build.opensuse.org/request/show/581052
rm -f Resource/Init/*.ps.orig
++ CVE-2018-10194.patch ++
--- devices/vector/gdevpdts.c.orig 2018-03-21 09:48:06.0 +0100
+++ devices/vector/gdevpdts.c 2018-06-05 14:39:39.0 +0200
@@ -103,9 +103,14 @@ append_text_move(pdf_text_state_t *pts,
static int
set_text_distance(gs_point *pdist, double dx, double dy, const gs_matrix *pmat)
{
-int code = gs_distance_transform_inverse(dx, dy, pmat, pdist);
+int code;
double rounded;
+if (dx > 1e38 || dy > 1e38)
+code = gs_error_undefinedresult;
+else
+code = gs_distance_transform_inverse(dx, dy, pmat, pdist);
+
if (code == gs_error_undefinedresult) {
/* The CTM is degenerate.
Can't know the distance in user
commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2018-04-17 11:15:04 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new (New) Package is "ghostscript" Tue Apr 17 11:15:04 2018 rev:31 rq:590297 version:9.23 Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2018-03-09 10:35:05.679529229 +0100 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes 2018-04-17 11:15:12.788893861 +0200 @@ -1,0 +2,103 @@ +Thu Mar 22 12:51:39 CET 2018 - jsm...@suse.de + +- Version upgrade to 9.23 + Highlights in this release include: + * Ghostscript now has a family of 'pdfimage' devices +(pdfimage8, pdfimage24 and pdfimage32) which produce +rendered output wrapped up as an image in a PDF. +Additionally, there is a 'pclm' device which +produces PCLm format output. + * There is now a ColorAccuracy parameter allowing the user +to decide between speed or accuracy in ICC color transforms. + * JPEG Passthrough: devices which support it can now receive +the 'raw' JPEG stream from the interpreter. +The main use of this is the pdfwrite/ps2write family of devices +that can now take JPEG streams from the input file(s) and write +them unchanged to the output (thus avoiding additional +quantization effects). + * PDF transparency performance improvements + * IMPORTANT: We (i.e. Ghostscript upstream) are in the process +of forking LittleCMS. +LCMS2 is not thread safe, and cannot be made thread safe +without breaking the ABI. Our fork will be thread safe, +and include performance enhancements (these changes have all +be been offered and rejected upstream). We will maintain +compatibility between Ghostscript and LCMS2 for a time, +but not in perpetuity. Our fork will be available as its own +package separately from Ghostscript (and MuPDF). + * We have continued the focus on code hygiene in this release +cleaning up security issues, ignored return values, +and compiler warnings. + * The usual round of bug fixes, compatibility changes, +and incremental improvements. + Incompatible changes + * The planned device API tidy has, unfortunately, been +indefinitely postponed, until appropriate resources +are available. + For a release summary see: + http://www.ghostscript.com/doc/9.23/News.htm + For details see the News.htm and History9.htm files. + See also the entries below since "Version upgrade to 9.22" + (boo#1082896 and boo#1074266). + +--- +Fri Mar 16 12:39:36 CET 2018 - jsm...@suse.de + +- For now use lcms2 from SUSE because that is what currently + Ghostscript upstream recommends according to + https://ghostscript.com/pipermail/gs-devel/2018-March/010061.html + because since Ghostscript 9.23rc1 there is no longer lcms2 + in Ghostscript but now it is lcms2art which is the beginning + of a lcms2 fork, see News.htm that reads in particular + "LCMS2 is not thread safe ... Our fork will be thread safe ... + We will maintain compatibility between Ghostscript and LCMS2 + for a time, but not in perpetuity", see also + https://bugzilla.opensuse.org/show_bug.cgi?id=1082896#c14 +- On SLE11 and on SLE12-SP1 there is liblcms2-2-2.5 + which is too old so that configure fails there with +configure: error: lcms2 not found, or too old + but there is no configure option to build it without lcms2 + so that for SLE11 and SLE12-SP1 it is built with + the lcms2art in Ghostscript. +- ppc64le-support.patch is no longer needed because it only + contained a fix for lcms2art/include/lcms2art.h in Ghostscript + but currently lcms2 from SUSE is used instead (see above). +- Do no longer require any fonts packages in particular + neither require ghostscript-fonts-std because the PostScript + Base35 fonts are provided by Ghostscript (in 'Resource') + nor require ghostscript-fonts-other (provides Bitream Charter, + Adobe Utopia, URW Antiqua, URW Grotesq and Hershey fonts where + all but the last are also provided by texlive--fonts) and + those fonts are not required for PostScript compliance, see + https://bugzilla.opensuse.org/show_bug.cgi?id=1082896#c13 + +--- +Thu Mar 15 11:19:33 CET 2018 - jsm...@suse.de + +- Version upgrade to 9.23rc1 (first release candidate for 9.23). + For details see the News.htm and History9.htm files. + Regarding installing packages (in particular release candidates) + from the openSUSE build service development project "Printing" + see https://build.opensuse.org/project/show/Printing +- Adapted ppc64le-support.patch: In Ghostscript 9.23 there is now +
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2018-03-09 10:34:50
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is "ghostscript"
Fri Mar 9 10:34:50 2018 rev:30 rq:583719 version:9.22
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2017-12-10 18:14:08.820619777 +0100
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2018-03-09 10:35:05.679529229 +0100
@@ -1,0 +2,8 @@
+Tue Feb 27 14:55:51 CET 2018 - nov...@mirell.de
+
+- Add ghostscript-fix-debug-use.patch from upstream to fix broken
+ printing with some drivers (especially Dell Printers) from
+ https://bugs.ghostscript.com/show_bug.cgi?id=698837
+- Fix build for SLE targets
+
+---
ghostscript.changes: same change
New:
ghostscript-fix-debug-use.patch
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.JXNVih/_old 2018-03-09 10:35:07.115477531 +0100
+++ /var/tmp/diff_new_pack.JXNVih/_new 2018-03-09 10:35:07.119477387 +0100
@@ -1,7 +1,7 @@
#
# spec file for package ghostscript-mini
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -78,6 +78,9 @@
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream
tarball:
Patch100: remove-zlib-h-dependency.patch
+# Patch101 ghostscript-fix-debug-use.patch from upstream fixes file generation
in
+# debug mode which lead to Fuji Xerox printer drivers to fail printing without
any error.
+Patch101: ghostscript-fix-debug-use.patch
# RPM dependencies:
Conflicts: ghostscript
@@ -156,6 +159,7 @@
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream
tarball:
#patch100 -p1 -b remove-zlib-h-dependency.orig
+%patch101 -p1
# Do not use the freetype jpeg libpng tiff zlib sources from the Ghostscript
upstream tarball
# because we prefer to use for long-established standard libraries the ones
from SUSE
# in particular to automatically get SUSE security updates for standard
libraries.
@@ -221,6 +225,7 @@
# Configure and make libijs (that is not done regardless whether or not
--with-ijs is used above):
pushd ijs
./autogen.sh
+autoreconf -fi
./configure --prefix=%{_prefix} \
--bindir=%{_bindir} \
--libdir=%{_libdir} \
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.JXNVih/_old 2018-03-09 10:35:07.147476379 +0100
+++ /var/tmp/diff_new_pack.JXNVih/_new 2018-03-09 10:35:07.151476235 +0100
@@ -1,7 +1,7 @@
#
# spec file for package ghostscript
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -98,6 +98,9 @@
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream
tarball:
Patch100: remove-zlib-h-dependency.patch
+# Patch101 ghostscript-fix-debug-use.patch from upstream fixes file generation
in
+# debug mode which lead to Fuji Xerox printer drivers to fail printing without
any error.
+Patch101: ghostscript-fix-debug-use.patch
# RPM dependencies:
# Additional RPM Provides of the ghostscript-library packages in openSUSE 11.4
from
@@ -289,6 +292,7 @@
# but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed
# see http://bugs.ghostscript.com/show_bug.cgi?id=695544
%patch11 -p1 -b .ppc64le-support.orig
+%patch101 -p1
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream
tarball:
#patch100 -p1 -b remove-zlib-h-dependency.orig
@@ -357,6 +361,7 @@
# Configure and make libijs (that is not done regardless whether or not
--with-ijs is used above):
pushd ijs
./autogen.sh
+autoreconf -fi
./configure --prefix=%{_prefix} \
--bindir=%{_bindir} \
--libdir=%{_libdir} \
++ ghostscript-fix-debug-use.patch ++
>From f0fe2481a2e9b0b632a1d4e804a5a1d27fe9c017 Mon Sep 17 00:00:00 2001
From: Chris Liddell
commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2017-12-10 18:13:29 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new (New) Package is "ghostscript" Sun Dec 10 18:13:29 2017 rev:29 rq:554966 version:9.22 Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2017-06-17 10:19:27.241673334 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes 2017-12-10 18:14:08.820619777 +0100 @@ -1,0 +2,65 @@ +Wed Nov 29 16:04:48 CET 2017 - jsm...@suse.de + +- Version upgrade to 9.22. + For details see the News.htm and History9.htm files. + Highlights in this release include: + * Ghostscript can now consume and produce (via the pdfwrite +device) PDF 2.0 compliant files. + * The main focus of this release has been security and code +cleanliness. Hence many AddressSanitizer, Valgrind and +Coverity issues have been addressed. + * The usual round of bug fixes, compatibility changes, +and incremental improvements. + Incompatible changes + * The planned device API tidy (still!) did not happen for +this release, due to time pressures, but we still intend +to undertake the following: We plan to somewhat tidy up +the device API. We intend to remove deprecated device procs +(methods/function pointers) and change the device API +so every device proc takes a graphics state parameter +(rather than the current scheme where only a very few procs +take an imager state parameter). This should serve as notice +to anyone maintaining a Ghostscript device outside the +canonical source tree that you may (probably will) need +to update your device(s) when these changes happen. +Devices using only the non-deprecated procs should be +trivial to update. +- Up to 9.22rc1 it "just built" for all openSUSE versions but + since 9.22rc2 the libijs part does no longer buid for any + released openSUSE version where if fails with messages like +libtool: Version mismatch error. + This is libtool 2.4.6 Debian-2.4.6-2, but the + definition of this LT_INIT comes from libtool 2.4.2. + You should recreate aclocal.m4 with macros from + libtool 2.4.6 Debian-2.4.6-2 and run autoconf again. +Makefile: recipe for target 'ijs.lo' failed + so that currently it only builds for Tumbleweed/Factory. + Presumably it is not too complicated to make it build again + also for released openSUSE versions but currently I have + less than zero energy to fix on such "latest breaking changes" + so that for now Ghostscript 9.22 is only provided for + openSUSE Tumbleweed/Factory and the upcoming SLE15/Leap15. + +--- +Fri Sep 29 09:12:06 CEST 2017 - jsm...@suse.de + +- Version upgrade to 9.22rc2 (second release candidate for 9.22). + For details see the News.htm and History9.htm files. + Regarding installing packages (in particular release candidates) + from the openSUSE build service development project "Printing" + see https://build.opensuse.org/project/show/Printing + +--- +Thu Sep 14 15:19:40 CEST 2017 - jsm...@suse.de + +- Version upgrade to 9.22rc1 (first release candidate for 9.22). + For details see the News.htm and History9.htm files. + Regarding installing packages (in particular release candidates) + from the openSUSE build service development project "Printing" + see https://build.opensuse.org/project/show/Printing +- Since Ghostscript 9.22rc1 font2c and wftopfa are removed. +- CVE-2017-5951.patch CVE-2017-7207.patch + CVE-2017-8291.patch and CVE-2017-9216.patch + are fixed in the version 9.22rc1 upstream sources. + +--- @@ -4 +69,2 @@ -- CVE-2017-7207.patch fixes a NULL pointer dereference in mem_get_bits_rectangle +- CVE-2017-7207.patch fixes a NULL pointer dereference + in mem_get_bits_rectangle @@ -7 +73,2 @@ -- CVE-2017-9216.patch fixes a NULL pointer dereference in jbig2_huffman_get +- CVE-2017-9216.patch fixes a NULL pointer dereference + in jbig2_huffman_get ghostscript.changes: same change Old: CVE-2017-5951.patch CVE-2017-7207.patch CVE-2017-8291.patch CVE-2017-9216.patch ghostscript-9.21.tar.gz New: ghostscript-9.22.tar.gz Other differences: -- ++ ghostscript-mini.spec ++ --- /var/tmp/diff_new_pack.J7vaSB/_old 2017-12-10 18:14:11.112510613 +0100 +++ /var/tmp/diff_new_pack.J7vaSB/_new 2017-12-10 18:14:11.116510423 +0100 @@ -36,32 +36,33 @@ # But only with the alphabetic prefix "9.pre15rc1" would be older
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2017-06-17 10:19:25
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is "ghostscript"
Sat Jun 17 10:19:25 2017 rev:28 rq:501328 version:9.21
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2017-05-03 15:53:53.168212350 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2017-06-17 10:19:27.241673334 +0200
@@ -1,0 +2,10 @@
+Fri Jun 2 09:12:45 UTC 2017 - daniel.molken...@suse.com
+
+- CVE-2017-7207.patch fixes a NULL pointer dereference in
mem_get_bits_rectangle
+ see https://bugs.ghostscript.com/show_bug.cgi?id=697676
+ (bsc#1030263)
+- CVE-2017-9216.patch fixes a NULL pointer dereference in jbig2_huffman_get
+ see https://bugs.ghostscript.com/show_bug.cgi?id=697934
+ (bsc#1040643)
+
+---
ghostscript.changes: same change
New:
CVE-2017-7207.patch
CVE-2017-9216.patch
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.tffyyE/_old 2017-06-17 10:19:28.397510289 +0200
+++ /var/tmp/diff_new_pack.tffyyE/_new 2017-06-17 10:19:28.401509725 +0200
@@ -88,6 +88,15 @@
# and https://bugs.ghostscript.com/show_bug.cgi?id=697799
# and https://bugzilla.opensuse.org/show_bug.cgi?id=1036453
Patch102: CVE-2017-8291.patch
+# Patch103 fixes NULL pointer dereference in the jbig2_huffman_get function
+# see https://bugs.ghostscript.com/show_bug.cgi?id=697934
+# and https://bugzilla.suse.com/show_bug.cgi?id=1040643
+Patch103: CVE-2017-9216.patch
+# Patch104 CVE-2017-7207.patch fixes a NULL pointer dereference in
mem_get_bits_rectangle
+# see https://bugs.ghostscript.com/show_bug.cgi?id=697676
+# and https://bugzilla.suse.com/show_bug.cgi?id=1030263
+Patch104: CVE-2017-7207.patch
+
# RPM dependencies:
Conflicts: ghostscript
Conflicts: ghostscript-x11
@@ -183,7 +192,14 @@
# and https://bugs.ghostscript.com/show_bug.cgi?id=697799
# and https://bugzilla.opensuse.org/show_bug.cgi?id=1036453
%patch102 -p1 -b .CVE-2017-8291.orig
-
+# Patch103 fixes NULL pointer dereference in the jbig2_huffman_get function
+# see https://bugs.ghostscript.com/show_bug.cgi?id=697934
+# and https://bugzilla.suse.com/show_bug.cgi?id=1040643
+%patch103 -p1 -b .CVE-2017-9216.orig
+# Patch104 CVE-2017-7207.patch fixes a NULL pointer dereference in
mem_get_bits_rectangle
+# see https://bugs.ghostscript.com/show_bug.cgi?id=697676
+# and https://bugzilla.suse.com/show_bug.cgi?id=1030263
+%patch104 -p1 -b .CVE-2017-7207.orig
%build
# Derive build timestamp from latest changelog entry
export SOURCE_DATE_EPOCH=$(date -d "$(head -n 2 %{_sourcedir}/%{name}.changes
| tail -n 1 | cut -d- -f1 )" +%s)
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.tffyyE/_old 2017-06-17 10:19:28.433505211 +0200
+++ /var/tmp/diff_new_pack.tffyyE/_new 2017-06-17 10:19:28.437504647 +0200
@@ -108,6 +108,15 @@
# and https://bugs.ghostscript.com/show_bug.cgi?id=697799
# and https://bugzilla.opensuse.org/show_bug.cgi?id=1036453
Patch102: CVE-2017-8291.patch
+# Patch103 fixes NULL pointer dereference in the jbig2_huffman_get function
+# see https://bugs.ghostscript.com/show_bug.cgi?id=697934
+# and https://bugzilla.suse.com/show_bug.cgi?id=1040643
+Patch103: CVE-2017-9216.patch
+# Patch104 CVE-2017-7207.patch fixes a NULL pointer dereference in
mem_get_bits_rectangle
+# see https://bugs.ghostscript.com/show_bug.cgi?id=697676
+# and https://bugzilla.suse.com/show_bug.cgi?id=1030263
+Patch104: CVE-2017-7207.patch
+
# RPM dependencies:
# Additional RPM Provides of the ghostscript-library packages in openSUSE 11.4
from
# "rpm -q --provides ghostscript-library" and "rpm -q --provides
ghostscript-x11":
@@ -234,7 +243,6 @@
%package x11
Summary:X11 library for Ghostscript
-Group: Productivity/Publishing/PS
# Require the exact matching version-release of the ghostscript main-package
because
# a non-matching ghostscript main-package may let it fail or even crash (e.g.
segfault)
# because all Ghostscript software is built from one same Ghostscript source
tar ball
@@ -242,6 +250,7 @@
# The exact matching version-release of the ghostscript main-package is
available
# on the same package repository where the ghostscript-x11 sub-package is
because
# all are built simulaneously from the same Ghostscript source package:
+Group: Productivity/Publishing/PS
Requires: ghostscript = %{version}-%{release}
# Unfortunately ghostscript-library.spec and ghostscript-mini.spec have
# an
commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2017-05-03 15:53:38 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new (New) Package is "ghostscript" Wed May 3 15:53:38 2017 rev:27 rq:492485 version:9.21 Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2017-02-04 17:57:08.913012190 +0100 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes 2017-05-03 15:53:53.168212350 +0200 @@ -1,0 +2,96 @@ +Tue May 2 14:27:22 CEST 2017 - jsm...@suse.de + +- CVE-2017-8291.patch fixes + a type confusion in .rsdparams and .eqproc + see https://bugs.ghostscript.com/show_bug.cgi?id=697808 + and https://bugs.ghostscript.com/show_bug.cgi?id=697799 + (bsc#1036453). + +--- +Wed Apr 12 11:12:27 CEST 2017 - jsm...@suse.de + +- CVE-2016-10317 (bsc#1032230) + heap buffer overflow in fill_threshhold_buffer() + is not yet fixed because there is no fix available at + https://bugs.ghostscript.com/show_bug.cgi?id=697459 +- CVE-2016-10219 (bsc#1032138) + divide by zero in intersect() + https://bugs.ghostscript.com/show_bug.cgi?id=697453 + is fixed in the version 9.21 upstream sources +- CVE-2016-10218 (bsc#1032135) + null pointer dereference in pdf14_pop_transparency_group() + https://bugs.ghostscript.com/show_bug.cgi?id=697444 + is fixed in the version 9.21 upstream sources. +- CVE-2016-10217 (bsc#1032130) + use-after-free in pdf14_cleanup_parent_color_profiles() + that is related to pdf14_open() in base/gdevp14.c + https://bugs.ghostscript.com/show_bug.cgi?id=697456 + is fixed in the version 9.21 upstream sources. +- CVE-2016-10220 (bsc#1032120) + null pointer dereference in gx_device_finalize() that is + related to gs_makewordimagedevice() in base/gsdevmem.c + https://bugs.ghostscript.com/show_bug.cgi?id=697450 + is fixed in the version 9.21 upstream sources. +- CVE-2017-5951.patch fixes + null pointer dereference in ref_stack_index() that is + related to mem_get_bits_rectangle() in base/gdevmem.c + https://bugs.ghostscript.com/show_bug.cgi?id=697548 + (bsc#1032114) + +--- +Mon Apr 10 14:06:09 CEST 2017 - jsm...@suse.de + +- Version upgrade to 9.21. + For details see the News.htm and History9.htm files. + Highlights in this release include: + * pdfwrite now preserves annotations from +input PDFs (where possible). + * The GhostXPS interpreter now provides the pdfwrite device +with the data it requires to emit a ToUnicode CMap: thus +allowing fully searchable PDFs to be created from XPS +input (in the vast majority of cases). + * Ghostscript now allows the default color space +for PDF transparency blends. + * The Ghostscript/GhostPDL configure script now has much +better/fuller support for cross compiling. + * The tiffscaled and tiffscaled4 devices can now +use ETS (Even Tone Screening) + * The toolbin/pdf_info.ps utility can now emit +the PDF XML metadata. + * Ghostscript has a new scan converter available +(currently optional, but will become the default in a near +future release). It can be enabled by using the command line +option: '-dSCANCONVERTERTYPE=2'. This new implementation +provides vastly improved performance with large and complex +paths. + * The usual round of bug fixes, compatibility changes, +and incremental improvements. + Incompatible changes: + * The planned device API tidy (still!) did not happen for +this release, due to time pressures, but we still intend +to undertake the following: We plan to somewhat tidy up +the device API. We intend to remove deprecated device +procs (methods/function pointers) and change the device API +so every device proc takes a graphics state parameter +(rather than the current scheme where only a very few procs +take an imager state parameter). This should serve as notice +to anyone maintaining a Ghostscript device outside the +canonical source tree that you may (probably will) need to +update your device(s) when these changes happen. Devices using +only the non-deprecated procs should be trivial to update. +- CVE-2016-7976.patch and CVE-2016-7977.patch and + CVE-2016-7978.patch and CVE-2016-7979.patch and + CVE-2016-8602.patch are no longer needed because + those issues are fixed in the upstream sources. +- 0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch + and + 0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch + are no longer needed because both are included + in the upstream sources, see the upstream issue +
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2017-02-04 15:15:33
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is "ghostscript"
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2016-10-22 13:01:57.0 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2017-02-04 17:57:08.913012190 +0100
@@ -1,0 +2,9 @@
+Thu Jan 12 17:13:58 UTC 2017 - stefan.bru...@rwth-aachen.de
+
+- Set SOURCE_DATE_EPOCH based on changelog head
+- Add 0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch
+ * Use SOURCE_DATE_EPOCH for mkromfs output for reproducible build
+- Add 0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch
+ * Sort ROM contents for deterministic output
+
+---
ghostscript.changes: same change
New:
0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch
0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.J8Rwej/_old 2017-02-04 17:57:09.640908102 +0100
+++ /var/tmp/diff_new_pack.J8Rwej/_new 2017-02-04 17:57:09.640908102 +0100
@@ -1,7 +1,7 @@
#
# spec file for package ghostscript-mini
#
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -96,6 +96,11 @@
# but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed
# see http://bugs.ghostscript.com/show_bug.cgi?id=695544
Patch11:ppc64le-support.patch
+# Patch12 adds a reproducible timestamp to the mkromfs output, using the
+# SOURCE_DATE_EPOCH environment variable
+Patch12:0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch
+# Patch13 sorts the ROM contents by name for deterministic contents
+Patch13:0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch
# Source100...Source999 is for sources from SUSE which are not intended for
upstream:
# Patch100...Patch999 is for patches from SUSE which are not intended for
upstream:
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
@@ -199,6 +204,11 @@
# but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed
# see http://bugs.ghostscript.com/show_bug.cgi?id=695544
%patch11 -p1 -b ppc64le-support.orig
+# Patch12 adds a reproducible timestamp to the mkromfs output, using the
+# SOURCE_DATE_EPOCH environment variable
+%patch12 -p1 -b mkromfs-buildtime.orig
+# Patch13 sorts the ROM contents by name for deterministic contents
+%patch13 -p1 -b mkromfs-sort-contents.orig
# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h
# in makefiles as we do not use the zlib sources from the Ghostscript upstream
tarball:
%patch100 -p1 -b remove-zlib-h-dependency.orig
@@ -210,6 +220,8 @@
rm -rf freetype jpeg libpng tiff zlib
%build
+# Derive build timestamp from latest changelog entry
+export SOURCE_DATE_EPOCH=$(date -d "$(head -n 2 %{_sourcedir}/%{name}.changes
| tail -n 1 | cut -d- -f1 )" +%s)
# Set our preferred architecture-specific flags for the compiler and linker:
export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
export CXXFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.J8Rwej/_old 2017-02-04 17:57:09.660905242 +0100
+++ /var/tmp/diff_new_pack.J8Rwej/_new 2017-02-04 17:57:09.660905242 +0100
@@ -1,7 +1,7 @@
#
# spec file for package ghostscript
#
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -116,6 +116,11 @@
# but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed
# see http://bugs.ghostscript.com/show_bug.cgi?id=695544
Patch11:ppc64le-support.patch
+# Patch12 adds a reproducible timestamp to the mkromfs output, using the
+# SOURCE_DATE_EPOCH environment variable
+Patch12:0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch
+# Patch13 sorts the ROM contents by name for deterministic contents
+Patch13:0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch
# Source100...Source999 is for sources from SUSE which are not intended for
upstream:
# Patch100...Patch999 is for patches from SUSE which are not
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2016-10-22 13:01:56
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is "ghostscript"
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2016-10-13 11:23:41.0 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2016-10-22 13:01:57.0 +0200
@@ -1,0 +2,31 @@
+Mon Oct 17 13:36:57 CEST 2016 - jsm...@suse.de
+
+- CVE-2013-5653 (getenv and filenameforall ignore -dSAFER)
+ is fixed in the Ghostscript 9.20 upstream sources
+ see http://bugs.ghostscript.com/show_bug.cgi?id=694724
+ (bsc#1001951).
+- CVE-2016-7976.patch fixes that
+ various userparams allow %pipe% in paths, allowing
+ remote shell command execution
+ see http://bugs.ghostscript.com/show_bug.cgi?id=697178
+ (bsc#1001951).
+- CVE-2016-7977.patch fixes that
+ .libfile doesn't check PermitFileReading array, allowing
+ remote file disclosure
+ see http://bugs.ghostscript.com/show_bug.cgi?id=697169
+ (bsc#1001951).
+- CVE-2016-7978.patch fixes that
+ reference leak in .setdevice allows
+ use-after-free and remote code execution
+ see http://bugs.ghostscript.com/show_bug.cgi?id=697179
+ (bsc#1001951).
+- CVE-2016-7979.patch fixes that
+ type confusion in .initialize_dsc_parser allows
+ remote code execution
+ see http://bugs.ghostscript.com/show_bug.cgi?id=697190
+ (bsc#1001951).
+- CVE-2016-8602.patch fixes a NULL dereference in .sethalftone5
+ see http://bugs.ghostscript.com/show_bug.cgi?id=697203
+ (bsc#1004237).
+
+---
ghostscript.changes: same change
New:
CVE-2016-7976.patch
CVE-2016-7977.patch
CVE-2016-7978.patch
CVE-2016-7979.patch
CVE-2016-8602.patch
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.9WqK3X/_old 2016-10-22 13:01:58.0 +0200
+++ /var/tmp/diff_new_pack.9WqK3X/_new 2016-10-22 13:01:58.0 +0200
@@ -64,6 +64,30 @@
# MD5 checksum for Source0: 93c5987cd3ab341108be1ebbaadc24fe
Source0:ghostscript-%{version}.tar.gz
# Patch0...Patch9 is for patches from upstream:
+# Patch1 CVE-2016-7976.patch fixes that
+# various userparams allow %pipe% in paths, allowing remote shell command
execution
+# see http://bugs.ghostscript.com/show_bug.cgi?id=697178
+# and https://bugzilla.suse.com/show_bug.cgi?id=1001951
+Patch1: CVE-2016-7976.patch
+# Patch2 CVE-2016-7977.patch fixes that
+# .libfile doesn't check PermitFileReading array, allowing remote file
disclosure
+# see http://bugs.ghostscript.com/show_bug.cgi?id=697169
+# and https://bugzilla.suse.com/show_bug.cgi?id=1001951
+Patch2: CVE-2016-7977.patch
+# Patch3 CVE-2016-7978.patch fixes that
+# reference leak in .setdevice allows use-after-free and remote code execution
+# see http://bugs.ghostscript.com/show_bug.cgi?id=697179
+# and https://bugzilla.suse.com/show_bug.cgi?id=1001951
+Patch3: CVE-2016-7978.patch
+# Patch4 CVE-2016-7979.patch fixes that
+# type confusion in .initialize_dsc_parser allows remote code execution
+# see http://bugs.ghostscript.com/show_bug.cgi?id=697190
+# and https://bugzilla.suse.com/show_bug.cgi?id=1001951
+Patch4: CVE-2016-7979.patch
+# Patch5 CVE-2016-8602.patch fixes a NULL dereference in .sethalftone5
+# see http://bugs.ghostscript.com/show_bug.cgi?id=697203
+# and https://bugzilla.suse.com/show_bug.cgi?id=1004237
+Patch5: CVE-2016-8602.patch
# Source10...Source99 is for sources from SUSE which are intended for upstream:
# Patch10...Patch99 is for patches from SUSE which are intended for upstream:
# Patch11 ppc64le-support.patch is a remainder of the previous patch
@@ -145,6 +169,30 @@
# Be quiet when unpacking and
# use a directory name matching Source0 to make it work also for
ghostscript-mini:
%setup -q -n ghostscript-%{tarball_version}
+# Patch1 CVE-2016-7976.patch fixes that
+# various userparams allow %pipe% in paths, allowing remote shell command
execution
+# see http://bugs.ghostscript.com/show_bug.cgi?id=697178
+# and https://bugzilla.suse.com/show_bug.cgi?id=1001951
+%patch1 -p1 -b CVE-2016-7976.orig
+# Patch2 CVE-2016-7977.patch fixes that
+# .libfile doesn't check PermitFileReading array, allowing remote file
disclosure
+# see http://bugs.ghostscript.com/show_bug.cgi?id=697169
+# and https://bugzilla.suse.com/show_bug.cgi?id=1001951
+%patch2 -p1 -b CVE-2016-7977.orig
+# Patch3 CVE-2016-7978.patch fixes that
+# reference leak in .setdevice allows use-after-free and remote code execution
+# see http://bugs.ghostscript.com/show_bug.cgi?id=697179
+#
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2016-10-13 11:23:40
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is "ghostscript"
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2016-04-03 23:05:16.0 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2016-10-13 11:23:41.0 +0200
@@ -1,0 +2,31 @@
+Thu Sep 29 14:40:38 CEST 2016 - jsm...@suse.de
+
+- Version upgrade to 9.20. Purely a maintenance release.
+ For details see the News.htm and History9.htm files.
+ Highlights in this release include:
+ * The usual round of bug fixes, compatibility changes,
+and incremental improvements.
+ Incompatible changes:
+ * The planned device API tidy did not happen for this release,
+due to time pressures, but we still intend to undertake the
+following: We plan to somewhat tidy up the device API.
+We intend to remove deprecated device procs
+(methods/function pointers) and change the device API
+so every device proc takes a graphics state parameter (rather
+than the current scheme where only a very few procs take an
+imager state parameter). This should serve as notice to anyone
+maintaining a Ghostscript device outside the canonical source
+tree that you may (probably will) need to update your
+device(s) when these changes happen. Devices using only
+the non-deprecated procs should be trivial to update.
+
+---
+Thu Sep 15 10:12:03 CEST 2016 - jsm...@suse.de
+
+- Version upgrade to 9.20rc1 (first release candidate for 9.20).
+ For details see the News.htm and History9.htm files.
+ Regarding installing packages (in particular release candidates)
+ from the openSUSE build service development project "Printing"
+ see https://build.opensuse.org/project/show/Printing
+
+---
ghostscript.changes: same change
Old:
ghostscript-9.19.tar.gz
New:
ghostscript-9.20.tar.gz
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.abhW3v/_old 2016-10-13 11:23:43.0 +0200
+++ /var/tmp/diff_new_pack.abhW3v/_new 2016-10-13 11:23:43.0 +0200
@@ -36,35 +36,33 @@
# But only with the alphabetic prefix "9.pre15rc1" would be older than the
previous version number "9.14"
# because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are
older than numbers
# so that we keep additionally the previous version number to upgrade from the
previous version:
-#Version:9.18pre19rc1
+#Version:9.19pre20rc1
# Normal version for Ghostscript releases is the upstream version:
-Version:9.19
+Version:9.20
Release:0
# tarball_version is used below to specify the directory via "setup -n":
# Special tarball_version needed for Ghostscript release candidates e.g.
"define tarball_version 9.15rc1".
# For Ghostscript releases tarball_version and version are the same (i.e. the
upstream version):
%define tarball_version %{version}
-#define tarball_version 9.19rc1
+#define tarball_version 9.20rc1
# built_version is used below in the install and files sections:
# Separated built_version needed in case of Ghostscript release candidates
e.g. "define built_version 9.15".
# For Ghostscript releases built_version and version are the same (i.e. the
upstream version):
%define built_version %{version}
-#define built_version 9.19
+#%define built_version 9.20
# Source0...Source9 is for sources from upstream:
# Special URLs for Ghostscript release candidates:
-# URL for Source0:
http://downloads.ghostscript.com/public/.release_candidate/ghostscript-9.18rc2.tar.gz
-# URL for MD5 checksums: http://www.ghostscript.com/~chrisl/MD5SUMS
-#or http://www.ghostscript.com/~chrisl/MD5SUM
-#or
http://downloads.ghostscript.com/public/.release_candidate/MD5SUMS
-# MD5 checksum for Source0: 7cea0466e845de0a05e60b89225ab0d3
-#Source0:
http://downloads.ghostscript.com/public/.release_candidate/ghostscript-9.18rc2.tar.gz
-# URL for Source0:
https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/tag/gs919rc1
+# URL for Source0:
https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920rc1/ghostscript-9.20rc1.tar.gz
+# How to download it:
+# wget -O ghostscript-9.20rc1.tar.gz
https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs920rc1/ghostscript-9.20rc1.tar.gz
+#Source0:ghostscript-%{tarball_version}.tar.gz
# Normal
commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2016-04-03 23:05:13 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new (New) Package is "ghostscript" Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2015-12-17 15:52:34.0 +0100 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes 2016-04-03 23:05:16.0 +0200 @@ -1,0 +2,60 @@ +Wed Mar 23 15:43:27 CET 2016 - jsm...@suse.de + +- Version upgrade to 9.19. Mainly a maintenance release. + For details see the News.htm and History9.htm files. + Highlights in this release include: + * Metadata pdfmark is now implemented. This allows the user +to specify an XMP stream which will be written to the +Catalog of the PDF file. A new pdfmark 'Ext_Metadata' has +been defined. This takes a string parameter which contains +XML to be add to the XMP normally created by pdfwrite. +See "pdfwrite pdfmark extensions" for more information. + * An experimental, rudimentary raster trapping implementation +has been added to the Ghostscript graphics library. +See "Trapping" for details. + Incompatible changes: + * (Minor) API change: copy_alpha now supports 8 bit depth +(as well as the previous 2 and 4). + * The gs man pages are woefully out of date and basically +unmaintained. With the release following 9.19, we intend +to replace their contents with a very limited summary +of (unlikely to ever change aspects of) calling +Ghostscript, and a pointer to the (maintained) HTML +documentation. That is, unless a volunteer is willing +to update, and commit to maintaining the man pages. + * ijs-config is no longer provided + Planned incompatible changes: + * We plan (ideally for the release following 9.19) to somewhat +tidy up the device API. We plan to remove deprecated device +procs (methods/function pointers). We also intend to merge +the imager state and graphics state (thus eliminating the +imager state), and change the device API so every device proc +takes a graphics state parameter (rather than the current +scheme where only a very few procs take an imager state +parameter). This should serve as notice to anyone maintaining +a Ghostscript device outside the canonical source tree that +you may (probably will) need to update your device(s) when +these changes happen. Devices using only the non-deprecated +procs should be trivial to update. +- fix_make_install.patch fixes and + add_brackets_for_old_autoconf.patch are no longer needed + because both issues are fixed in the upstream sources. + +--- +Fri Mar 18 10:13:23 CET 2016 - jsm...@suse.de + +- Version upgrade to 9.19rc1 (first release candidate for 9.19). + For details see the News.htm and History9.htm files. + Regarding installing packages (in particular release candidates) + from the openSUSE build service development project "Printing" + see https://build.opensuse.org/project/show/Printing +- ijs-config is no longer provided +- fix_make_install.patch fixes an install error and + add_brackets_for_old_autoconf.patch fixes an autoconf error + see http://bugs.ghostscript.com/show_bug.cgi?id=696665 +- fix_ijs_and_x11_for_FirstPage_and_LastPage.patch is no longer + needed because it is fixed in the upstream sources. +- install_gserrors.h.patch is no longer needed because it is fixed + in the upstream sources. + +--- ghostscript.changes: same change Old: fix_ijs_and_x11_for_FirstPage_and_LastPage.patch ghostscript-9.18.tar.gz install_gserrors.h.patch New: ghostscript-9.19.tar.gz Other differences: -- ++ ghostscript-mini.spec ++ --- /var/tmp/diff_new_pack.w3JI65/_old 2016-04-03 23:05:17.0 +0200 +++ /var/tmp/diff_new_pack.w3JI65/_new 2016-04-03 23:05:17.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package ghostscript-mini # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -36,20 +36,20 @@ # But only with the alphabetic prefix "9.pre15rc1" would be older than the previous version number "9.14" # because rpmvercmp would treat 9.pre15rc1 as 9.pre.15.rc1 and letters are older than numbers # so that we keep additionally the previous version number to upgrade from the previous version: -#Version:
commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2015-12-17 15:52:33 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new (New) Package is "ghostscript" Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2015-11-17 14:20:40.0 +0100 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes 2015-12-17 15:52:34.0 +0100 @@ -1,0 +2,15 @@ +Wed Nov 18 11:46:58 UTC 2015 - sch...@suse.de + +- Do not use library sources for freetype jpeg libpng tiff zlib + from the Ghostscript upstream tarball because we prefer to use + for long-established standard libraries the ones from SUSE + in particular to automatically get SUSE security updates + for standard libraries. + In contrast we use e.g. lcms2 from the Ghostscript upstream + tarball because this one is specially modified to work with + Ghostscript so that we cannot use lcms2 from SUSE. +- remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h + in makefiles as we do not use the zlib sources from the + Ghostscript upstream tarball. + +--- ghostscript.changes: same change New: remove-zlib-h-dependency.patch Other differences: -- ++ ghostscript-mini.spec ++ --- /var/tmp/diff_new_pack.MWtkIr/_old 2015-12-17 15:52:36.0 +0100 +++ /var/tmp/diff_new_pack.MWtkIr/_new 2015-12-17 15:52:36.0 +0100 @@ -18,6 +18,7 @@ Name: ghostscript-mini BuildRequires: freetype2-devel +BuildRequires: libjpeg-devel BuildRequires: libpng-devel BuildRequires: libtiff-devel BuildRequires: libtool @@ -84,6 +85,10 @@ Patch11:ppc64le-support.patch # Source100...Source999 is for sources from SUSE which are not intended for upstream: # Patch100...Patch999 is for patches from SUSE which are not intended for upstream: +# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h +# in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball: +Patch100: remove-zlib-h-dependency.patch +# RPM dependencies: Conflicts: ghostscript Conflicts: ghostscript-x11 Conflicts: ghostscript-devel @@ -168,6 +173,15 @@ # but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed # see http://bugs.ghostscript.com/show_bug.cgi?id=695544 %patch11 -p1 -b ppc64le-support.orig +# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h +# in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball: +%patch100 -p1 -b remove-zlib-h-dependency.orig +# Do not use the freetype jpeg libpng tiff zlib sources from the Ghostscript upstream tarball +# because we prefer to use for long-established standard libraries the ones from SUSE +# in particular to automatically get SUSE security updates for standard libraries. +# In contrast we use e.g. lcms2 from the Ghostscript upstream tarball because this one +# is specially modified to work with Ghostscript so that we cannot use lcms2 from SUSE: +rm -rf freetype jpeg libpng tiff zlib %build # Set our preferred architecture-specific flags for the compiler and linker: ++ ghostscript.spec ++ --- /var/tmp/diff_new_pack.MWtkIr/_old 2015-12-17 15:52:36.0 +0100 +++ /var/tmp/diff_new_pack.MWtkIr/_new 2015-12-17 15:52:36.0 +0100 @@ -36,6 +36,7 @@ BuildRequires: dbus-1-devel BuildRequires: freetype2-devel BuildRequires: libexpat-devel +BuildRequires: libjpeg-devel BuildRequires: libpng-devel BuildRequires: libtiff-devel BuildRequires: libtool @@ -104,6 +105,9 @@ Patch11:ppc64le-support.patch # Source100...Source999 is for sources from SUSE which are not intended for upstream: # Patch100...Patch999 is for patches from SUSE which are not intended for upstream: +# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h +# in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball: +Patch100: remove-zlib-h-dependency.patch # RPM dependencies: # Additional RPM Provides of the ghostscript-library packages in openSUSE 11.4 from # "rpm -q --provides ghostscript-library" and "rpm -q --provides ghostscript-x11": @@ -305,6 +309,15 @@ # but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed # see http://bugs.ghostscript.com/show_bug.cgi?id=695544 %patch11 -p1 -b ppc64le-support.orig +# Patch100 remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h +# in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball: +%patch100 -p1 -b remove-zlib-h-dependency.orig +# Do
commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2015-11-17 14:20:38 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new (New) Package is "ghostscript" Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2015-08-10 09:11:52.0 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes 2015-11-17 14:20:40.0 +0100 @@ -1,0 +2,80 @@ +Thu Nov 5 13:33:14 CET 2015 - jsm...@suse.de + +- An incompatible change appeared when building other software + with Ghostscript 9.18. + Since version 9.18 Ghostscript does no longer provide + e_ (e.g. e_NeedInput) in its header files + (gserrors.h and ierrors.h). + When building other software with Ghostscript 9.18 + gs_error_ (e.g. gs_error_NeedInput) + must be used, see boo#953149 and + http://bugs.ghostscript.com/show_bug.cgi?id=696317 + +--- +Fri Oct 30 11:28:14 CET 2015 - jsm...@suse.de + +- install_gserrors.h.patch installs gserrors.h to fix + http://bugs.ghostscript.com/show_bug.cgi?id=696301 + because without gserrors.h several other packages fail to build + (in particular texlive, libspectre, gimp,...). + +--- +Mon Oct 12 10:26:52 CEST 2015 - jsm...@suse.de + +- fix_ijs_and_x11_for_FirstPage_and_LastPage.patch + fixes the Ghostscript device ijs and the x11* devices + so that they also work when -dFirstPage/-dLastPage is used, + see http://bugs.ghostscript.com/show_bug.cgi?id=696246 + +--- +Tue Oct 6 10:21:22 CEST 2015 - jsm...@suse.de + +- Version upgrade to 9.18. A maintenance release. + There are no recorded incompatible changes (as of this writing). + Highlights in this release include: + * A substantial revision of the build system and GhostPDL +directory structure. Ghostscript-only users should +not be affected by this change. + * A new method of internally inserting devices into the device +chain has been developed, named "device subclassing". +This allows suitably written devices to be more easily and +consistently as "filter" devices. +The first fruit of this is a new implementation of +the "-dFirstPage"/"-dLastPage" feature which functions +a device filter in the Ghostscript graphics library, meaning +it works consistently with all input languages. + * Plus the usual round of bug fixes, compatibility changes, +and incremental improvements. + See http://www.ghostscript.com/doc/9.18/News.htm + For details see the News.htm and History9.htm files. + +--- +Tue Sep 29 11:05:48 CEST 2015 - jsm...@suse.de + +- Version upgrade to 9.18rc2 (second release candidate for 9.18). + For details see the News.htm and History9.htm files. + Regarding installing packages (in particular release candidates) + from the openSUSE build service development project "Printing" + see https://build.opensuse.org/project/show/Printing +- assign_pointer_not_value_in_gximono.c.patch is no longer needed + because it is fixed in the upstream sources. + +--- +Thu Sep 24 10:29:04 CEST 2015 - jsm...@suse.de + +- Version upgrade to 9.18rc1 (first release candidate for 9.18). + For details see the News.htm and History9.htm files. + Regarding installing packages (in particular release candidates) + from the openSUSE build service development project "Printing" + see https://build.opensuse.org/project/show/Printing +- CVE-2015-3228.patch is no longer needed because it is fixed + in the upstream sources. +- assign_pointer_not_value_in_gximono.c.patch attempts to fix a + "assignment makes pointer from integer without a cast" compiler + warning by assigning the pointer and not the integer value. +- Removed --disable-compile-inits from configure, see + http://bugs.ghostscript.com/show_bug.cgi?id=696223 + and "Precompiled run-time data" in + /usr/share/ghostscript/9.18/doc/Make.htm + +--- ghostscript.changes: same change Old: CVE-2015-3228.patch ghostscript-9.16.tar.gz New: fix_ijs_and_x11_for_FirstPage_and_LastPage.patch ghostscript-9.18.tar.gz install_gserrors.h.patch Other differences: -- ++ ghostscript-mini.spec ++ --- /var/tmp/diff_new_pack.PStTAy/_old 2015-11-17 14:20:42.0 +0100 +++ /var/tmp/diff_new_pack.PStTAy/_new 2015-11-17 14:20:42.0 +0100 @@ -35,36 +35,46 @@ # But
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2015-08-10 09:11:51
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is ghostscript
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2015-04-05 02:03:38.0 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2015-08-10 09:11:52.0 +0200
@@ -1,0 +2,6 @@
+Wed Jul 29 15:20:46 CEST 2015 - jsm...@suse.de
+
+- CVE-2015-3228.patch fixes out of bound read/write cause
+ by integer overflow in gsmalloc.c (boo#939342).
+
+---
ghostscript.changes: same change
New:
CVE-2015-3228.patch
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.ID0vvU/_old 2015-08-10 09:11:53.0 +0200
+++ /var/tmp/diff_new_pack.ID0vvU/_new 2015-08-10 09:11:53.0 +0200
@@ -76,6 +76,9 @@
# Source100...Source999 is for sources from SUSE which are not intended for
upstream:
#
# Patch100...Patch999 is for patches from SUSE which are not intended for
upstream:
+# Patch101 CVE-2015-3228.patch fixes out of bound read/write cause by integer
overflow
+# in gsmalloc.c (see https://bugzilla.opensuse.org/show_bug.cgi?id=939342):
+Patch101: CVE-2015-3228.patch
#
Conflicts: ghostscript
Conflicts: ghostscript-x11
@@ -149,7 +152,10 @@
# because LCMS 1.x is removed since Ghostscript 9.16
# but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed
# see http://bugs.ghostscript.com/show_bug.cgi?id=695544
-%patch11 -p1
+%patch11 -p1 -b ppc64le-support.orig
+# Patch101 CVE-2015-3228.patch fixes out of bound read/write cause by integer
overflow
+# in gsmalloc.c (see https://bugzilla.opensuse.org/show_bug.cgi?id=939342):
+%patch101 -b .CVE-2015-3228.orig
%build
# Set our preferred architecture-specific flags for the compiler and linker:
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.ID0vvU/_old 2015-08-10 09:11:53.0 +0200
+++ /var/tmp/diff_new_pack.ID0vvU/_new 2015-08-10 09:11:53.0 +0200
@@ -96,6 +96,9 @@
# Source100...Source999 is for sources from SUSE which are not intended for
upstream:
#
# Patch100...Patch999 is for patches from SUSE which are not intended for
upstream:
+# Patch101 CVE-2015-3228.patch fixes out of bound read/write cause by integer
overflow
+# in gsmalloc.c (see https://bugzilla.opensuse.org/show_bug.cgi?id=939342):
+Patch101: CVE-2015-3228.patch
#
# RPM dependencies:
# Additional RPM Provides of the ghostscript-library packages in openSUSE 11.4
from
@@ -286,7 +289,10 @@
# because LCMS 1.x is removed since Ghostscript 9.16
# but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed
# see http://bugs.ghostscript.com/show_bug.cgi?id=695544
-%patch11 -p1
+%patch11 -p1 -b ppc64le-support.orig
+# Patch101 CVE-2015-3228.patch fixes out of bound read/write cause by integer
overflow
+# in gsmalloc.c (see https://bugzilla.opensuse.org/show_bug.cgi?id=939342):
+%patch101 -b .CVE-2015-3228.orig
%build
# Set our preferred architecture-specific flags for the compiler and linker:
++ CVE-2015-3228.patch ++
--- base/gsmalloc.c
+++ base/gsmalloc.c
@@ -178,7 +178,7 @@ gs_heap_alloc_bytes(gs_memory_t * mem, uint size,
client_name_t cname)
} else {
uint added = size + sizeof(gs_malloc_block_t);
-if (mmem-limit - added mmem-used)
+if (added = size || mmem-limit - added mmem-used)
set_msg(exceeded limit);
else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0)
set_msg(failed);
commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2015-04-05 02:03:36 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new (New) Package is ghostscript Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2014-10-01 07:40:28.0 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes 2015-04-05 02:03:38.0 +0200 @@ -1,0 +2,36 @@ +Tue Mar 31 10:18:06 CEST 2015 - jsm...@suse.de + +- Version upgrade to 9.16. Primarily a maintenance release. + There are no recorded incompatible changes (as of this writing). + Highlights in this release include: + * LockColorants command line option for tiffsep and psdcmyk +devices. + * Improved high level devices handling of Forms. + See http://www.ghostscript.com/doc/9.16/News.htm + For details see the News.htm and History9.htm files. +- fix.including.pread.pwrite.pthread_mutexattr_settype.diff + is no longer needed because it is fixed in the upstream sources. + +--- +Wed Mar 25 12:38:16 CET 2015 - jsm...@suse.de + +- fix.including.pread.pwrite.pthread_mutexattr_settype.diff + fixes on SLE11 implicit declaration of function warnings + for 'pread' 'pwrite' 'pthread_mutexattr_settype' see + http://bugs.ghostscript.com/show_bug.cgi?id=695882 +- ppc64le-support.patch is a remainder of the previous patch + now the hunk for LCMS (lcms/include/lcms.h) is removed + because LCMS 1.x is removed since Ghostscript 9.16 + but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed + see http://bugs.ghostscript.com/show_bug.cgi?id=695544 + +--- +Fri Mar 20 17:12:34 CET 2015 - jsm...@suse.de + +- Version upgrade to 9.16rc2 (second release candidate for 9.16). + For details see the News.htm and History9.htm files. + Regarding installing packages (in particular release candidates) + from the openSUSE build service development project Printing + see https://build.opensuse.org/project/show/Printing + +--- --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2014-10-01 07:40:29.0 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript.changes 2015-04-05 02:03:38.0 +0200 @@ -1,0 +2,42 @@ +Tue Mar 31 10:18:06 CEST 2015 - jsm...@suse.de + +- Version upgrade to 9.16. Primarily a maintenance release. + There are no recorded incompatible changes (as of this writing). + Highlights in this release include: + * LockColorants command line option for tiffsep and psdcmyk +devices. + * Improved high level devices handling of Forms. + See http://www.ghostscript.com/doc/9.16/News.htm + For details see the News.htm and History9.htm files. +- fix.including.pread.pwrite.pthread_mutexattr_settype.diff + is no longer needed because it is fixed in the upstream sources. + +--- +Wed Mar 25 12:38:16 CET 2015 - jsm...@suse.de + +- fix.including.pread.pwrite.pthread_mutexattr_settype.diff + fixes on SLE11 implicit declaration of function warnings + for 'pread' 'pwrite' 'pthread_mutexattr_settype' see + http://bugs.ghostscript.com/show_bug.cgi?id=695882 +- ppc64le-support.patch is a remainder of the previous patch + now the hunk for LCMS (lcms/include/lcms.h) is removed + because LCMS 1.x is removed since Ghostscript 9.16 + but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed + see http://bugs.ghostscript.com/show_bug.cgi?id=695544 + +--- +Fri Mar 20 17:12:34 CET 2015 - jsm...@suse.de + +- Version upgrade to 9.16rc2 (second release candidate for 9.16). + For details see the News.htm and History9.htm files. + Regarding installing packages (in particular release candidates) + from the openSUSE build service development project Printing + see https://build.opensuse.org/project/show/Printing + +--- +Fri Mar 20 10:52:47 CET 2015 - jsm...@suse.de + +- For SLE12 build it with traditional CUPS 1.5.4 to ensure + it works on SLE12 both with CUPS 1.7.5 and CUPS 1.5.4. + +--- Old: ghostscript-9.15.tar.gz New: ghostscript-9.16.tar.gz Other differences: -- ++ ghostscript-mini.spec ++ --- /var/tmp/diff_new_pack.84Py4S/_old 2015-04-05 02:03:40.0 +0200 +++ /var/tmp/diff_new_pack.84Py4S/_new 2015-04-05 02:03:40.0 +0200 @@ -1,7 +1,7
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2014-10-01 07:40:20
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is ghostscript
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2014-09-25 08:42:43.0 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2014-10-01 07:40:28.0 +0200
@@ -1,0 +2,10 @@
+Sun Sep 28 18:00:37 CEST 2014 - r...@suse.de
+
+- readd ppc64le patch ppc64le-support.patch (adapted for lcms2 in
+ Ghostscript version 9.15): the tests in lcms2.h cannot work
+ without include endian.h that is now added and
+ regardless that lcms is not used by default (unless the
+ configure option --with-lcms is set), lcms is again fixed
+ (see http://bugs.ghostscript.com/show_bug.cgi?id=695544).
+
+---
ghostscript.changes: same change
New:
ppc64le-support.patch
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.6cP5VX/_old 2014-10-01 07:40:32.0 +0200
+++ /var/tmp/diff_new_pack.6cP5VX/_new 2014-10-01 07:40:32.0 +0200
@@ -65,6 +65,10 @@
# Source10...Source99 is for sources from SUSE which are intended for upstream:
#
# Patch10...Patch99 is for patches from SUSE which are intended for upstream:
+# Patch11 ppc64le-support.patch is a remainder of the previous patch
+# lcms2 has been fixed upstream not working and lcms has not been fixed
+# see http://bugs.ghostscript.com/show_bug.cgi?id=695544
+Patch11:ppc64le-support.patch
#
# Source100...Source999 is for sources from SUSE which are not intended for
upstream:
#
@@ -137,6 +141,10 @@
# Be quiet when unpacking and
# use a directory name matching Source0 to make it work also for
ghostscript-mini:
%setup -q -n ghostscript-%{tarball_version}
+# Patch11 ppc64le-support.patch is a remainder of the previous patch
+# lcms2 has been fixed upstream not working and lcms has not been fixed
+# see http://bugs.ghostscript.com/show_bug.cgi?id=695544
+%patch11 -p1
%build
# Set our preferred architecture-specific flags for the compiler and linker:
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.6cP5VX/_old 2014-10-01 07:40:32.0 +0200
+++ /var/tmp/diff_new_pack.6cP5VX/_new 2014-10-01 07:40:32.0 +0200
@@ -71,6 +71,10 @@
# Source10...Source99 is for sources from SUSE which are intended for upstream:
#
# Patch10...Patch99 is for patches from SUSE which are intended for upstream:
+# Patch11 ppc64le-support.patch is a remainder of the previous patch
+# lcms2 has been fixed upstream not working and lcms has not been fixed
+# see http://bugs.ghostscript.com/show_bug.cgi?id=695544
+Patch11:ppc64le-support.patch
#
# Source100...Source999 is for sources from SUSE which are not intended for
upstream:
#
@@ -260,6 +264,10 @@
# Be quiet when unpacking and
# use a directory name matching Source0 to make it work also for
ghostscript-mini:
%setup -q -n ghostscript-%{tarball_version}
+# Patch11 ppc64le-support.patch is a remainder of the previous patch
+# lcms2 has been fixed upstream not working and lcms has not been fixed
+# see http://bugs.ghostscript.com/show_bug.cgi?id=695544
+%patch11 -p1
%build
# Set our preferred architecture-specific flags for the compiler and linker:
++ ppc64le-support.patch ++
--- ghostscript-9.15/lcms/include/lcms.h
+++ ghostscript-9.15/lcms/include/lcms.h
@@ -140,11 +140,15 @@
#endif
#if defined(__sgi__) || defined(__sgi) || defined(__powerpc__) ||
defined(sparc) || defined(__ppc__) || defined(__s390__) || defined(__s390x__)
+# ifndef __LITTLE_ENDIAN__
# define USE_BIG_ENDIAN 1
+# endif
#endif
#if TARGET_CPU_PPC
+# ifndef __LITTLE_ENDIAN__
# define USE_BIG_ENDIAN 1
+# endif
#endif
#if macintosh
--- ghostscript-9.15/lcms2/include/lcms2.h
+++ ghostscript-9.15/lcms2/include/lcms2.h
@@ -67,6 +67,7 @@
#include limits.h
#include time.h
#include stddef.h
+#include endian.h
#ifndef CMS_USE_CPP_API
# ifdef __cplusplus
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2014-09-25 08:42:28 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new (New) Package is ghostscript Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes 2014-03-31 20:43:10.0 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes 2014-09-25 08:42:43.0 +0200 @@ -1,0 +2,49 @@ +Tue Sep 23 10:14:28 CEST 2014 - jsm...@suse.de + +- Version upgrade to 9.15. Primarily a maintenance release. + There are no recorded incompatible changes (as of this writing). + Highlights in this release include: + * Ghostscript now supports the PDF security handler revision 6. + * The pdfwrite and ps2write (and related) devices can now be +forced to flatten glyphs into basic marking operations +(rather than writing fonts to the output), by giving +the -dNoOutputFonts command line option (defaults to false). + * PostScript programs can now use get_params or get_param to +determine if a page contains color markings by reading the +pageneutralcolor state from the device (so whether the page +is color or mono). Note that this is only accurate when in +clist mode, so -dMaxBitmap=0 and -dGrayDetection=true should +both be used. + * The pdfwrite device now supports Link annotations with GoTo +and GoToR actions. + * The pdfwrite device now supports BMC/BDC/EMC pdfmarks + * Regarding the new color management for the pdfwrite device +introduced in the previous release, the proscription on using +the new color management when producing PDF/A-1 compliant files +is now lifted. To reiterate, also, with the new color +management implementation, using the UseCIEColor option is +strongly discouraged. For further information on the new +pdfwrite color management, see in Ps2pdf.htm the +Color Conversion and Management section. + * Plus the usual round of bug fixes, compatibility changes, +and incremental improvements. + For details see the News.htm and History9.htm files. + +--- +Wed Sep 17 12:17:47 CEST 2014 - jsm...@suse.de + +- Version upgrade to 9.15rc2 (second release candidate for 9.15). + Ghostscript upstream QA highlighted a couple of issues + that they felt warranted a fresh release candidate. + For details see the History9.htm file. + +--- +Tue Sep 9 16:06:31 CEST 2014 - jsm...@suse.de + +- Version upgrade to 9.15rc1 (first release candidate for 9.15). + For details see the News.htm and History9.htm files. +- ppc64le-support.patch is no longer needed because + it is fixed in the upstream sources. +- Removed trailing whitespaces in spec file and changes file. + +--- --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2014-08-30 16:03:41.0 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript.changes 2014-09-25 08:42:43.0 +0200 @@ -1,0 +2,49 @@ +Tue Sep 23 10:14:28 CEST 2014 - jsm...@suse.de + +- Version upgrade to 9.15. Primarily a maintenance release. + There are no recorded incompatible changes (as of this writing). + Highlights in this release include: + * Ghostscript now supports the PDF security handler revision 6. + * The pdfwrite and ps2write (and related) devices can now be +forced to flatten glyphs into basic marking operations +(rather than writing fonts to the output), by giving +the -dNoOutputFonts command line option (defaults to false). + * PostScript programs can now use get_params or get_param to +determine if a page contains color markings by reading the +pageneutralcolor state from the device (so whether the page +is color or mono). Note that this is only accurate when in +clist mode, so -dMaxBitmap=0 and -dGrayDetection=true should +both be used. + * The pdfwrite device now supports Link annotations with GoTo +and GoToR actions. + * The pdfwrite device now supports BMC/BDC/EMC pdfmarks + * Regarding the new color management for the pdfwrite device +introduced in the previous release, the proscription on using +the new color management when producing PDF/A-1 compliant files +is now lifted. To reiterate, also, with the new color +management implementation, using the UseCIEColor option is +strongly discouraged. For further information on the new +pdfwrite color management, see in Ps2pdf.htm the +Color Conversion and Management section. + * Plus the usual round of bug fixes, compatibility changes, +and incremental improvements. + For details
commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2014-08-30 16:03:34 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new (New) Package is ghostscript Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2014-03-31 20:43:11.0 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript.changes 2014-08-30 16:03:41.0 +0200 @@ -1,0 +2,5 @@ +Mon Aug 18 15:12:28 UTC 2014 - meiss...@suse.com + +- gs does not seem to require libopenssl-devel for building. + +--- Other differences: -- ++ ghostscript.spec ++ --- /var/tmp/diff_new_pack.8rVILY/_old 2014-08-30 16:03:43.0 +0200 +++ /var/tmp/diff_new_pack.8rVILY/_new 2014-08-30 16:03:43.0 +0200 @@ -22,7 +22,6 @@ BuildRequires: dbus-1-devel BuildRequires: freetype2-devel BuildRequires: libexpat-devel -BuildRequires: libopenssl-devel BuildRequires: libpng-devel BuildRequires: libtiff-devel BuildRequires: libtool -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2014-03-31 20:43:05
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is ghostscript
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2013-12-22 19:32:44.0 +0100
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2014-03-31 20:43:10.0 +0200
@@ -1,0 +2,21 @@
+Thu Mar 27 12:21:55 CET 2014 - jsm...@suse.de
+
+- Version upgrade to 9.14. Primarily a maintenance release.
+ Highlights in this release include (excerpt):
+ * pdfwrite now uses the same color management engine as
+Ghostscript rendering devices (by default LCMS2). For
+the duration of this release a new switch -dPDFUseOldCMS
+is available which will restore the old color management.
+See: Color Conversion and Management in Ps2pdf.htm
+Due to constraints of the PDF/A-1 specification, the new color
+management does not yet apply when producing PDF/A files.
+ * A new device 'eps2write' has been added which allows for the
+creation of EPS files using the ps2write device instead of
+the deprecated and removed pswrite device. The epswrite device
+is now also deprecated and will be removed in a future release.
+ * Ghostscript has a new pwgraster output device for PWG Raster
+output.
+ * The CUPS device now has improved support for PPD-less printing.
+ For details see the News.htm and History9.htm files.
+
+---
ghostscript.changes: same change
Old:
ghostscript-9.10.tar.gz
New:
ghostscript-9.14.tar.gz
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.sOYu7j/_old 2014-03-31 20:43:12.0 +0200
+++ /var/tmp/diff_new_pack.sOYu7j/_new 2014-03-31 20:43:12.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package ghostscript-mini
#
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -15,6 +15,7 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
+
Name: ghostscript-mini
BuildRequires: freetype2-devel
BuildRequires: libpng-devel
@@ -33,7 +34,7 @@
# so that we use an alphabetic prefix to make it older than 9.10 (numbers are
considered newer than letters):
#Version:9.pre10rc1
# Normal version for Ghostscript releases is the upstream version:
-Version:9.10
+Version:9.14
Release:0
# tarball_version is used below to specify the directory via setup -n:
# Special tarball_version needed for Ghostscript release candidates e.g.
define tarball_version 9.10rc1.
@@ -50,9 +51,9 @@
# MD5 checksum for Source0: 0cdf23c5dff76040983bca74675f88be
#Source0:http://www.ghostscript.com/~chrisl/ghostscript-9.10rc1.tar.gz
# Normal URLs for Ghostscript releases:
-# URL for Source0:
http://downloads.ghostscript.com/public/ghostscript-9.10.tar.gz
+# URL for Source0:
http://downloads.ghostscript.com/public/ghostscript-9.14.tar.gz
# URL for MD5 checksums: http://downloads.ghostscript.com/public/MD5SUMS
-# MD5 checksum for Source0: 5f0c0a2670b08466a4050ddbd1f3de63
+# MD5 checksum for Source0: 586494befb443363338c1b6379f13973
Source0:
http://downloads.ghostscript.com/public/ghostscript-%{version}.tar.gz
# Patch0...Patch9 is for patches from upstream:
#
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.sOYu7j/_old 2014-03-31 20:43:12.0 +0200
+++ /var/tmp/diff_new_pack.sOYu7j/_new 2014-03-31 20:43:12.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package ghostscript
#
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -15,6 +15,7 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
+
Name: ghostscript
BuildRequires: cups-devel
# dbus-1-devel is needed for configure --enable-dbus (see below):
@@ -40,7 +41,7 @@
# so that we use an alphabetic prefix to make it older than 9.10 (numbers are
considered newer than letters):
#Version:9.pre10rc1
# Normal version for Ghostscript releases is the upstream version:
-Version:9.10
+Version:9.14
Release:0
# tarball_version is
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2013-12-22 19:32:43
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is ghostscript
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2013-04-14 10:14:25.0 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2013-12-22 19:32:44.0 +0100
@@ -1,0 +2,49 @@
+Fri Dec 13 19:09:12 UTC 2013 - uweig...@de.ibm.com
+
+- ppc64le-support.patch from IBM fixes endianness
+ in lcms (the Little-CMS library) to support the new
+ architecture ppc64le (IBM Power PC Little Endian architecture)
+ because ppc64 is big-endian and ppc64le is little-endian
+ and lcms has a hard-coded check that assumes PowerPC
+ is always big-endian which is incorrect on ppc64le.
+ The fix is already in the main Little-CMS repository
+ by this Git commit
+
https://github.com/mm2/Little-CMS/commit/b4f5c91a2c1582bd284f0d0f49cb43e2c2235a79
+ (There are some cosmetic changes in the upstream patch.)
+ It is not yet in the imported copy in Ghostscript.
+ IBM will work with upstream to get the fix imported too.
+
+---
+Tue Sep 3 16:26:46 CEST 2013 - jsm...@suse.de
+
+- Version upgrade to 9.10. Primarily a maintenance release.
+ Highlights in this release include:
+ * LittleCMS2 and libpng have both been updated to the
+latest versions.
+ * The URW Postscript font set has been updated to the
+latest version, fixing many compatibility problems
+with the Adobe fonts.
+ * The CUPS filters gstoraster and gstopxl have been
+removed from Ghostscript. Those filters are now provided by
+cups-filters (a free software package hosted by OpenPrinting)
+that contains all CUPS filters needed by CUPS under Linux
+(see also the openSUSE issue bnc#735404 comment#44 at
+ https://bugzilla.novell.com/show_bug.cgi?id=735404#c44).
+ For details see the News.htm and History9.htm files.
+- fix-undefined-operation.patch is no longer needed because
+ it is fixed in the upstream sources.
+
+---
+Thu Aug 29 15:06:13 CEST 2013 - jsm...@suse.de
+
+- Version upgrade to 9.10rc1 (release candidate for the 9.10 version).
+ For details see the News.htm and History9.htm files.
+- Prepare spec files to build both releases and release candidates
+ easily in the future by using special different version strings.
+- fix-undefined-operation.patch fixes
+ http://bugs.ghostscript.com/show_bug.cgi?id=694546
+- Removed BuildRequires for liblcms-devel because it is not needed
+ when we build Ghostscript that works in compliance with upstream
+ (see https://bugzilla.novell.com/show_bug.cgi?id=828751#c5).
+
+---
ghostscript.changes: same change
Old:
ghostscript-9.07.tar.gz
New:
ghostscript-9.10.tar.gz
ppc64le-support.patch
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.qLQyJt/_old 2013-12-22 19:32:46.0 +0100
+++ /var/tmp/diff_new_pack.qLQyJt/_new 2013-12-22 19:32:46.0 +0100
@@ -17,7 +17,6 @@
Name: ghostscript-mini
BuildRequires: freetype2-devel
-BuildRequires: liblcms-devel
BuildRequires: libpng-devel
BuildRequires: libtiff-devel
BuildRequires: libtool
@@ -27,18 +26,49 @@
License:AGPL-3.0
Group: System/Libraries
Url:http://www.ghostscript.com/
-Version:9.07
+# Special version needed for Ghostscript release candidates e.g. Version:
9.pre10rc1:
+# Version 9.10rc1 would be newer than 9.10 (run zypper vcmp 9.10rc1 9.10)
because the rpmvercmp algorithm
+# would treat 9.10rc1 as 9.10.rc.1 (alphabetic and numeric sections get
separated into different elements)
+# and 9.10.rc.1 is newer than 9.10 (it has one more element in the list while
previous elements are equal)
+# so that we use an alphabetic prefix to make it older than 9.10 (numbers are
considered newer than letters):
+#Version:9.pre10rc1
+# Normal version for Ghostscript releases is the upstream version:
+Version:9.10
Release:0
+# tarball_version is used below to specify the directory via setup -n:
+# Special tarball_version needed for Ghostscript release candidates e.g.
define tarball_version 9.10rc1.
+# For Ghostscript releases tarball_version and version are the same (i.e. the
upstream version):
+%define tarball_version %{version}
+# built_version is used below in the install and files sections:
+# Separated built_version needed in case
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2013-04-14 10:14:24
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is ghostscript, Maintainer is
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2013-02-22 16:51:11.0 +0100
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2013-04-14 10:14:25.0 +0200
@@ -1,0 +2,6 @@
+Wed Mar 27 07:58:08 UTC 2013 - mmeis...@suse.com
+
+- Added url as source.
+ Please see http://en.opensuse.org/SourceUrls
+
+---
ghostscript.changes: same change
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.QX49PP/_old 2013-04-14 10:14:27.0 +0200
+++ /var/tmp/diff_new_pack.QX49PP/_new 2013-04-14 10:14:27.0 +0200
@@ -15,7 +15,6 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
-
Name: ghostscript-mini
BuildRequires: freetype2-devel
BuildRequires: liblcms-devel
@@ -34,7 +33,7 @@
# URL for Source0:
http://downloads.ghostscript.com/public/ghostscript-9.07.tar.gz
# URL for MD5 checksums: http://downloads.ghostscript.com/public/MD5SUMS
# MD5 checksum for Source0: 57ebf17c5abcf0fc95a386bfff08c1a4
-Source0:ghostscript-%{version}.tar.gz
+Source0:
http://downloads.ghostscript.com/public/ghostscript-%{version}.tar.gz
# Patch0...Patch9 is for patches from upstream:
#
# Source10...Source99 is for sources from SUSE which are intended for upstream:
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.QX49PP/_old 2013-04-14 10:14:27.0 +0200
+++ /var/tmp/diff_new_pack.QX49PP/_new 2013-04-14 10:14:27.0 +0200
@@ -15,7 +15,6 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
-
Name: ghostscript
BuildRequires: cups-devel
# dbus-1-devel is needed for configure --enable-dbus (see below):
@@ -41,7 +40,7 @@
# URL for Source0:
http://downloads.ghostscript.com/public/ghostscript-9.07.tar.gz
# URL for MD5 checksums: http://downloads.ghostscript.com/public/MD5SUMS
# MD5 checksum for Source0: 57ebf17c5abcf0fc95a386bfff08c1a4
-Source0:ghostscript-%{version}.tar.gz
+Source0:
http://downloads.ghostscript.com/public/ghostscript-%{version}.tar.gz
# Patch0...Patch9 is for patches from upstream:
#
# Source10...Source99 is for sources from SUSE which are intended for upstream:
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2013-02-22 16:51:08
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is ghostscript, Maintainer is
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2013-01-10 11:16:44.0 +0100
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2013-02-22 16:51:11.0 +0100
@@ -1,0 +2,18 @@
+Tue Feb 19 13:51:06 CET 2013 - jsm...@suse.de
+
+- Version upgrade to 9.07.
+ * As of this release (9.07), Ghostscript is distributed
+under the GNU Affero General Public License (AGPL).
+ * Ghostscript has been extended to support file sizes 4Gb
+in particular reading and writing PDF files.
+ * Color management enhancements. Full details of the color
+management features can be found in: GS9_Color_Management.pdf
+ * The pdfwrite devices now supports linearized (or optimized
+for fast web view) output directly (-dFastWebView).
+ * With the addition of linearisation to pdfwrite, pdfopt.ps
+has become redundant. Since it is difficult to maintain,
+has a number of bugs, and is believed not to work properly
+anyway, it is removed. Accordingly the pdfopt shell script
+that used pdfopt.ps is also removed.
+
+---
ghostscript.changes: same change
Old:
ghostscript-9.06.tar.gz
New:
ghostscript-9.07.tar.gz
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.BC4Ifg/_old 2013-02-22 16:51:17.0 +0100
+++ /var/tmp/diff_new_pack.BC4Ifg/_new 2013-02-22 16:51:17.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package ghostscript-mini
#
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -25,15 +25,15 @@
BuildRequires: pkg-config
BuildRequires: zlib-devel
Summary:Minimal Ghostscript for minimal build requirements
-License:GPL-3.0
+License:AGPL-3.0
Group: System/Libraries
Url:http://www.ghostscript.com/
-Version:9.06
+Version:9.07
Release:0
# Source0...Source9 is for sources from upstream:
-# URL for Source0:
http://downloads.ghostscript.com/public/ghostscript-9.06.tar.gz
+# URL for Source0:
http://downloads.ghostscript.com/public/ghostscript-9.07.tar.gz
# URL for MD5 checksums: http://downloads.ghostscript.com/public/MD5SUMS
-# MD5 checksum for Source0: 153ddb0622cb155d2f600146f1e28d84
+# MD5 checksum for Source0: 57ebf17c5abcf0fc95a386bfff08c1a4
Source0:ghostscript-%{version}.tar.gz
# Patch0...Patch9 is for patches from upstream:
#
@@ -159,11 +159,11 @@
--with-libiconv=maybe \
%{with_or_without_system_libtiff} \
--enable-freetype \
---without-ijs \
--with-jbig2dec \
--without-jasper \
--enable-openjpeg \
--enable-dynamic \
+--without-ijs \
--disable-cups \
--disable-dbus \
--without-pdftoraster \
@@ -179,7 +179,7 @@
make
# Make libgs.so and two programs which use it, gsx and gsc:
make so
-# Configure and make libijs (that is not done regardless --with-ijs above):
+# Configure and make libijs (that is not done regardless whether or not
--with-ijs is used above):
pushd ijs
./autogen.sh
./configure --prefix=%{_prefix} \
@@ -205,6 +205,10 @@
rm %{buildroot}%{_bindir}/ijs_client_example
rm %{buildroot}%{_bindir}/ijs_server_example
rm %{buildroot}%{_libdir}/libijs.la
+# Remove installed but obsolete pdfopt man pages because pdfopt is removed
since version 9.07
+# and fail intentionally as notification when this is fixed upstream:
+rm %{buildroot}%{_mandir}/man1/pdfopt.1 || exit 99
+rm %{buildroot}%{_mandir}/de/man1/pdfopt.1 || exit 99
# Install documentation which is not installed by default
# see http://bugs.ghostscript.com/show_bug.cgi?id=693002
# and fail intentionally as notification if something changed:
@@ -261,7 +265,6 @@
%{_bindir}/lprsetup.sh
%{_bindir}/pdf2dsc
%{_bindir}/pdf2ps
-%{_bindir}/pdfopt
%{_bindir}/pf2afm
%{_bindir}/pfbtopfa
%{_bindir}/pphs
@@ -289,7 +292,6 @@
%doc %{_mandir}/man1/gsnd.1.gz
%doc %{_mandir}/man1/pdf2dsc.1.gz
%doc %{_mandir}/man1/pdf2ps.1.gz
-%doc %{_mandir}/man1/pdfopt.1.gz
%doc %{_mandir}/man1/pf2afm.1.gz
%doc %{_mandir}/man1/pfbtopfa.1.gz
%doc
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2013-01-10 11:16:43
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is ghostscript, Maintainer is
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2012-10-07 18:58:54.0 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2013-01-10 11:16:44.0 +0100
@@ -1,0 +2,7 @@
+Thu Jan 3 11:58:51 CET 2013 - jsm...@suse.de
+
+- Provide libijs (that is not done via configure --with-ijs)
+ because libijs is needed by the pdftoijs filter in the
+ cups-filters package (see the README file in cups-filters).
+
+---
@@ -8 +15 @@
- * remove moribund dumphint tool, ssee History9.htm and
+ * removed moribund dumphint tool, see History9.htm and
@@ -14,2 +21,2 @@
-- Disable -Wl,--as-needed, see upstream bug report
- http://bugs.ghostscript.com/show_bug.cgi?id=693100
+- export SUSE_ASNEEDED=0 disables -Wl,--as-needed linker flags,
+ see http://bugs.ghostscript.com/show_bug.cgi?id=693100
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2012-11-02
07:31:26.0 +0100
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript.changes
2013-01-10 11:16:44.0 +0100
@@ -1,0 +2,7 @@
+Thu Jan 3 11:58:51 CET 2013 - jsm...@suse.de
+
+- Provide libijs (that is not done via configure --with-ijs)
+ because libijs is needed by the pdftoijs filter in the
+ cups-filters package (see the README file in cups-filters).
+
+---
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.OfzdmG/_old 2013-01-10 11:16:46.0 +0100
+++ /var/tmp/diff_new_pack.OfzdmG/_new 2013-01-10 11:16:46.0 +0100
@@ -33,7 +33,7 @@
# Source0...Source9 is for sources from upstream:
# URL for Source0:
http://downloads.ghostscript.com/public/ghostscript-9.06.tar.gz
# URL for MD5 checksums: http://downloads.ghostscript.com/public/MD5SUMS
-# MD5 checksum for Source0: f7c6f0431ca8d44ee132a55d583212c1
+# MD5 checksum for Source0: 153ddb0622cb155d2f600146f1e28d84
Source0:ghostscript-%{version}.tar.gz
# Patch0...Patch9 is for patches from upstream:
#
@@ -109,7 +109,8 @@
This package contains the development files for Minimal Ghostscript.
%prep
-# Be quiet when unpacking using a directory name matching Source0:
+# Be quiet when unpacking and
+# use a directory name matching Source0 to make it work also for
ghostscript-mini:
%setup -q -n ghostscript-%{version}
%build
@@ -178,11 +179,32 @@
make
# Make libgs.so and two programs which use it, gsx and gsc:
make so
+# Configure and make libijs (that is not done regardless --with-ijs above):
+pushd ijs
+./autogen.sh
+./configure --prefix=%{_prefix} \
+--bindir=%{_bindir} \
+--libdir=%{_libdir} \
+--datadir=%{_datadir} \
+--mandir=%{_mandir} \
+--infodir=%{_infodir} \
+--enable-shared \
+--disable-static
+make
+popd
%install
make install DESTDIR=%{buildroot}
# Install libgs.so gsx gsc and some header files:
make soinstall DESTDIR=%{buildroot}
+# Install libijs and its header files:
+pushd ijs
+make install DESTDIR=%{buildroot}
+popd
+# Remove installed ijs example client and server and its .la file:
+rm %{buildroot}%{_bindir}/ijs_client_example
+rm %{buildroot}%{_bindir}/ijs_server_example
+rm %{buildroot}%{_libdir}/libijs.la
# Install documentation which is not installed by default
# see http://bugs.ghostscript.com/show_bug.cgi?id=693002
# and fail intentionally as notification if something changed:
@@ -280,6 +302,7 @@
%doc %{_mandir}/man1/ps2pdfwr.1.gz
%doc %{_mandir}/man1/ps2ps.1.gz
%doc %{_mandir}/man1/wftopfa.1.gz
+%doc %{_mandir}/man1/ijs-config.1.gz
%doc %{_mandir}/de/man1/dvipdf.1.gz
%doc %{_mandir}/de/man1/eps2eps.1.gz
%doc %{_mandir}/de/man1/font2c.1.gz
@@ -305,10 +328,15 @@
%{_datadir}/ghostscript/%{version}/Resource/
%{_libdir}/libgs.so.*
%{_libdir}/ghostscript/
+%{_libdir}/libijs-0.35.so
%files devel
%defattr(-,root,root)
%{_includedir}/ghostscript/
%{_libdir}/libgs.so
+%{_bindir}/ijs-config
+%{_includedir}/ijs/
+%{_libdir}/libijs.so
+%{_libdir}/pkgconfig/ijs.pc
%changelog
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.OfzdmG/_old 2013-01-10 11:16:46.0 +0100
+++ /var/tmp/diff_new_pack.OfzdmG/_new 2013-01-10 11:16:46.0 +0100
@@ -223,8 +223,9 @@
This package contains the development files for Ghostscript.
%prep
-# Be quiet when unpacking:
-%setup
commit ghostscript for openSUSE:Factory
Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2012-11-02 07:31:24 Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new (New) Package is ghostscript, Maintainer is Changes: --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2012-10-07 18:58:54.0 +0200 +++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript.changes 2012-11-02 07:31:26.0 +0100 @@ -8 +8 @@ - * remove moribund dumphint tool, ssee History9.htm and + * removed moribund dumphint tool, see History9.htm and @@ -14,2 +14,2 @@ -- Disable -Wl,--as-needed, see upstream bug report - http://bugs.ghostscript.com/show_bug.cgi?id=693100 +- export SUSE_ASNEEDED=0 disables -Wl,--as-needed linker flags, + see http://bugs.ghostscript.com/show_bug.cgi?id=693100 Other differences: -- ++ ghostscript-mini.spec ++ --- /var/tmp/diff_new_pack.l8qQUq/_old 2012-11-02 07:31:28.0 +0100 +++ /var/tmp/diff_new_pack.l8qQUq/_new 2012-11-02 07:31:28.0 +0100 @@ -15,6 +15,7 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + Name: ghostscript-mini BuildRequires: freetype2-devel BuildRequires: liblcms-devel ++ ghostscript.spec ++ --- /var/tmp/diff_new_pack.l8qQUq/_old 2012-11-02 07:31:28.0 +0100 +++ /var/tmp/diff_new_pack.l8qQUq/_new 2012-11-02 07:31:28.0 +0100 @@ -15,6 +15,7 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + Name: ghostscript BuildRequires: cups-devel # dbus-1-devel is needed for configure --enable-dbus (see below): -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2012-10-07 18:58:52
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is ghostscript, Maintainer is
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2012-09-25 14:18:04.0 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2012-10-07 18:58:54.0 +0200
@@ -2 +2,11 @@
-Mon Sep 24 10:46:00 UTC 2012 - idon...@suse.com
+Thu Sep 27 12:02:51 UTC 2012 - mmeis...@suse.com
+
+- Version upgrade to 9.06. Mainly a bugfix release.
+ * pdfwrite announcements:
+pdfwrite now supports the creation of PDF/A-2 files.
+For further details see the NEWS file.
+ * remove moribund dumphint tool, ssee History9.htm and
+http://bugs.ghostscript.com/show_bug.cgi?id=693223
+
+---
+Mon Sep 24 10:44:57 UTC 2012 - idon...@suse.com
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2012-09-25
14:18:04.0 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript.changes
2012-10-07 18:58:54.0 +0200
@@ -1,0 +2,10 @@
+Thu Sep 27 12:02:51 UTC 2012 - mmeis...@suse.com
+
+- Version upgrade to 9.06. Mainly a bugfix release.
+ * pdfwrite announcements:
+pdfwrite now supports the creation of PDF/A-2 files.
+For further details see the NEWS file.
+ * remove moribund dumphint tool, ssee History9.htm and
+http://bugs.ghostscript.com/show_bug.cgi?id=693223
+
+---
Old:
ghostscript-9.05.tar.gz
New:
ghostscript-9.06.tar.gz
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.4GZTPH/_old 2012-10-07 18:58:58.0 +0200
+++ /var/tmp/diff_new_pack.4GZTPH/_new 2012-10-07 18:58:59.0 +0200
@@ -15,7 +15,6 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
-
Name: ghostscript-mini
BuildRequires: freetype2-devel
BuildRequires: liblcms-devel
@@ -28,10 +27,10 @@
License:GPL-3.0
Group: System/Libraries
Url:http://www.ghostscript.com/
-Version:9.05
+Version:9.06
Release:0
# Source0...Source9 is for sources from upstream:
-# URL for Source0:
http://downloads.ghostscript.com/public/ghostscript-9.05.tar.gz
+# URL for Source0:
http://downloads.ghostscript.com/public/ghostscript-9.06.tar.gz
# URL for MD5 checksums: http://downloads.ghostscript.com/public/MD5SUMS
# MD5 checksum for Source0: f7c6f0431ca8d44ee132a55d583212c1
Source0:ghostscript-%{version}.tar.gz
@@ -187,7 +186,7 @@
# see http://bugs.ghostscript.com/show_bug.cgi?id=693002
# and fail intentionally as notification if something changed:
DOCDIR=%{buildroot}%{_datadir}/ghostscript/%{version}/doc
-for D in LICENSE doc/AUTHORS doc/COPYING doc/thirdparty.htm doc/WhatIsGS.htm
doc/GS9_Color_Management.pdf doc/gs-vms.hlp doc/Ps2ps2.htm
+for D in LICENSE
do test -e $DOCDIR/$( basename $D ) exit 99
install -m 644 $D $DOCDIR
done
@@ -224,7 +223,6 @@
%files
%defattr(-, root, root)
-%{_bindir}/dumphint
%{_bindir}/dvipdf
%{_bindir}/eps2eps
%{_bindir}/font2c
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.4GZTPH/_old 2012-10-07 18:58:59.0 +0200
+++ /var/tmp/diff_new_pack.4GZTPH/_new 2012-10-07 18:58:59.0 +0200
@@ -15,7 +15,6 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
-
Name: ghostscript
BuildRequires: cups-devel
# dbus-1-devel is needed for configure --enable-dbus (see below):
@@ -35,12 +34,12 @@
License:GPL-3.0
Group: System/Libraries
Url:http://www.ghostscript.com/
-Version:9.05
+Version:9.06
Release:0
# Source0...Source9 is for sources from upstream:
-# URL for Source0:
http://downloads.ghostscript.com/public/ghostscript-9.05.tar.gz
+# URL for Source0:
http://downloads.ghostscript.com/public/ghostscript-9.06.tar.gz
# URL for MD5 checksums: http://downloads.ghostscript.com/public/MD5SUMS
-# MD5 checksum for Source0: f7c6f0431ca8d44ee132a55d583212c1
+# MD5 checksum for Source0: 153ddb0622cb155d2f600146f1e28d84
Source0:ghostscript-%{version}.tar.gz
# Patch0...Patch9 is for patches from upstream:
#
@@ -302,7 +301,7 @@
# see http://bugs.ghostscript.com/show_bug.cgi?id=693002
# and fail intentionally as notification if something changed:
DOCDIR=%{buildroot}%{_datadir}/ghostscript/%{version}/doc
-for D in LICENSE doc/AUTHORS doc/COPYING doc/thirdparty.htm doc/WhatIsGS.htm
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2012-09-25 13:57:05
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is ghostscript, Maintainer is
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2012-05-22 10:10:07.0 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2012-09-25 14:18:04.0 +0200
@@ -1,0 +2,6 @@
+Mon Sep 24 10:46:00 UTC 2012 - idon...@suse.com
+
+- Disable -Wl,--as-needed, see upstream bug report
+ http://bugs.ghostscript.com/show_bug.cgi?id=693100
+
+---
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2012-05-22
10:10:07.0 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript.changes
2012-09-25 14:18:04.0 +0200
@@ -1,0 +2,6 @@
+Mon Sep 24 10:44:57 UTC 2012 - idon...@suse.com
+
+- Disable -Wl,--as-needed, see upstream bug report
+ http://bugs.ghostscript.com/show_bug.cgi?id=693100
+
+---
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.xMUxIG/_old 2012-09-25 14:18:05.0 +0200
+++ /var/tmp/diff_new_pack.xMUxIG/_new 2012-09-25 14:18:05.0 +0200
@@ -55,8 +55,8 @@
# separated packages ghostscript-fonts-std and ghostscript-fonts-other
# (regarding separated packages see
/usr/share/ghostscript/version/doc/Fonts.htm)
# so that a RPM requirement is needed to make sure that Ghostscript has its
fonts:
-Requires: ghostscript-fonts-std
Requires: ghostscript-fonts-other
+Requires: ghostscript-fonts-std
# Prerequire /sbin/ldconfig which is used in the traditional bash scriptlets
for post/postun:
PreReq: /sbin/ldconfig
# Install into this non-root directory (required when norootforbuild is used):
@@ -146,6 +146,8 @@
%else
%define with_or_without_system_libtiff --with-system-libtiff
%endif
+# See http://bugs.ghostscript.com/show_bug.cgi?id=693100
+export SUSE_ASNEEDED=0
./configure --prefix=%{_prefix} \
--bindir=%{_bindir} \
--libdir=%{_libdir} \
++ ghostscript.spec ++
--- /var/tmp/diff_new_pack.xMUxIG/_old 2012-09-25 14:18:05.0 +0200
+++ /var/tmp/diff_new_pack.xMUxIG/_new 2012-09-25 14:18:05.0 +0200
@@ -93,9 +93,9 @@
# graphviz-plugins BuildRequires ghostscript-mini
# Provide the additional RPM Provides of the ghostscript-library package
# (ghostscript_x11 is provided by the ghostscript-x11 sub-package, see below):
+Provides: ghostscript_any
Provides: gs
Provides: gs_lib
-Provides: ghostscript_any
# There is a needless requirement for pstoraster in gutenprint up to openSUSE
11.4.
# Satisfy it to be backward compatible with installed gutenprint packages:
Provides: pstoraster
@@ -135,8 +135,8 @@
# separated packages ghostscript-fonts-std and ghostscript-fonts-other
# (regarding separated packages see
/usr/share/ghostscript/version/doc/Fonts.htm)
# so that a RPM requirement is needed to make sure that Ghostscript has its
fonts:
-Requires: ghostscript-fonts-std
Requires: ghostscript-fonts-other
+Requires: ghostscript-fonts-std
# Prerequire /sbin/ldconfig which is used in the traditional bash scriptlets
for post/postun:
PreReq: /sbin/ldconfig
# Install into this non-root directory (required when norootforbuild is used):
@@ -261,6 +261,8 @@
%else
%define with_or_without_system_libtiff --with-system-libtiff
%endif
+# See http://bugs.ghostscript.com/show_bug.cgi?id=693100
+export SUSE_ASNEEDED=0
./configure --prefix=%{_prefix} \
--bindir=%{_bindir} \
--libdir=%{_libdir} \
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit ghostscript for openSUSE:Factory
Hello community,
here is the log from the commit of package ghostscript for openSUSE:Factory
checked in at 2012-05-22 10:10:01
Comparing /work/SRC/openSUSE:Factory/ghostscript (Old)
and /work/SRC/openSUSE:Factory/.ghostscript.new (New)
Package is ghostscript, Maintainer is
Changes:
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript-mini.changes
2012-05-09 18:28:52.0 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript-mini.changes
2012-05-22 10:10:07.0 +0200
@@ -1,0 +2,14 @@
+Thu May 10 15:49:33 CEST 2012 - jsm...@suse.de
+
+- Require Ghostscript's font packages because the
+ Ghostscript package provides the Fontmap file
+ /usr/share/ghostscript/version/Resource/Init/Fontmap.GS
+ which lists Ghostscript's fonts but the fonts itself
+ are provided in the separated packages ghostscript-fonts-std
+ and ghostscript-fonts-other so that a RPM requirement
+ is needed to make sure that Ghostscript has its fonts.
+- Extract the catalog of devices which are actually built-in
+ in exactly this Ghostscript and provide it as catalog.devices
+ in the Ghostscript package.
+
+---
--- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2012-05-09
18:28:52.0 +0200
+++ /work/SRC/openSUSE:Factory/.ghostscript.new/ghostscript.changes
2012-05-22 10:10:07.0 +0200
@@ -1,0 +2,14 @@
+Thu May 10 15:49:33 CEST 2012 - jsm...@suse.de
+
+- Require Ghostscript's font packages because the
+ Ghostscript package provides the Fontmap file
+ /usr/share/ghostscript/version/Resource/Init/Fontmap.GS
+ which lists Ghostscript's fonts but the fonts itself
+ are provided in the separated packages ghostscript-fonts-std
+ and ghostscript-fonts-other so that a RPM requirement
+ is needed to make sure that Ghostscript has its fonts.
+- Extract the catalog of devices which are actually built-in
+ in exactly this Ghostscript and provide it as catalog.devices
+ in the Ghostscript package.
+
+---
Other differences:
--
++ ghostscript-mini.spec ++
--- /var/tmp/diff_new_pack.n2Z8hg/_old 2012-05-22 10:10:09.0 +0200
+++ /var/tmp/diff_new_pack.n2Z8hg/_new 2012-05-22 10:10:09.0 +0200
@@ -15,6 +15,7 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
+
Name: ghostscript-mini
BuildRequires: freetype2-devel
BuildRequires: liblcms-devel
@@ -48,8 +49,14 @@
Conflicts: ghostscript-x11
Conflicts: ghostscript-devel
Conflicts: ghostscript-library
-# Require only the basic fonts for Ghostscript (but do not recommend
ghostscript-fonts-other):
+# Require Ghostscript's fonts because the Ghostscript package provides the
+# Fontmap file /usr/share/ghostscript/version/Resource/Init/Fontmap.GS
+# which lists Ghostscript's fonts but the fonts itself are provided in the
+# separated packages ghostscript-fonts-std and ghostscript-fonts-other
+# (regarding separated packages see
/usr/share/ghostscript/version/doc/Fonts.htm)
+# so that a RPM requirement is needed to make sure that Ghostscript has its
fonts:
Requires: ghostscript-fonts-std
+Requires: ghostscript-fonts-other
# Prerequire /sbin/ldconfig which is used in the traditional bash scriptlets
for post/postun:
PreReq: /sbin/ldconfig
# Install into this non-root directory (required when norootforbuild is used):
@@ -184,10 +191,22 @@
done
# Add a link from SUSE's usual documentation directory to Ghostscript's
documentation directory
# because configure --docdir=%%{_defaultdocdir}/%%{name} does not work (see
above):
-install -d -m755 %{buildroot}%{_defaultdocdir}
+install -d -m 755 %{buildroot}%{_defaultdocdir}
pushd %{buildroot}%{_defaultdocdir}
ln -s ../../ghostscript/%{version}/doc ghostscript
popd
+# Extract the catalog of devices which are actually built-in in exactly this
Ghostscript:
+# Do not pollute the build log file with zillions of meaningless messages:
+set +x
+cat /dev/null catalog.devices
+for D in $( %{buildroot}/usr/bin/gs -h | sed -n -e '/^Available
devices:/,/^Search path:/p' | egrep -v '^Available devices:|^Search path:' )
+do for F in base/devs.mak base/contrib.mak contrib/contrib.mak
+ do sed -n -e '/ Catalog /,/ End of catalog /p' $F | grep
[[:space:]]$D[[:space:]] | grep -o '[[:alnum:]].*' | tr -s '[:blank:]' ' ' |
sed -e 's/ /\t/' | expand -t16 catalog.devices
+ done
+done
+# Switch back to the usual build log messages:
+set -x
+install -m 644 catalog.devices $DOCDIR
# Use traditional bash scriptlet with an explicite exit 0 line at the end to
be fail safe
# see
