Projects
Mega:23.09
ghostscript
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 3
View file
_service:tar_scm:ghostscript.spec
Changed
@@ -9,7 +9,7 @@ Name: ghostscript Version: 9.56.1 -Release: 1 +Release: 3 Summary: An interpreter for PostScript and PDF files License: AGPLv3+ URL: https://ghostscript.com/ @@ -39,6 +39,7 @@ # as the already fixed CVE-2020-16305 in devices/gdevpcx.c # see https://bugs.ghostscript.com/show_bug.cgi?id=701819 Patch103: CVE-2023-38559.patch +Patch104: backport-CVE-2023-46751.patch BuildRequires: automake gcc BuildRequires: adobe-mappings-cmap-devel adobe-mappings-pdf-devel @@ -110,6 +111,7 @@ %patch101 -p0 %patch102 -p0 %patch103 -p0 +%patch104 -p1 # Libraries that we already have packaged(see Build Requirements): rm -rf cups/libs freetype ijs jbig2dec jpeg lcms2* libpng openjpeg tiff zlib @@ -203,6 +205,12 @@ %{_bindir}/dvipdf %changelog +* Mon Dec 25 2023 liningjie <liningjie@xfusion.com> - 9.56.1-3 +- Type:CVE +- ID:NA +- SUG:NA +- DESC:fix CVE-2023-46751 + * Wed Aug 2 2023 dillon chen <dillon.chen@gmail.com> - 9.56.1-2 - Type:CVE - ID:NA
View file
_service:tar_scm:backport-CVE-2023-46751.patch
Added
@@ -0,0 +1,43 @@ +From 5d2da96e81c7455338302c71a291088a8396245a Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Mon, 16 Oct 2023 16:49:40 +0100 +Subject: PATCH Bug 707264: Fix tiffsep(1) requirement for seekable output + files + +In the device initialization redesign, tiffsep and tiffsep1 lost the requirement +for the output files to be seekable. + +Fixing that highlighted a problem with the error handling in +gdev_prn_open_printer_seekable() where closing the erroring file would leave a +dangling pointer, and lead to a crash. +--- + base/gdevprn.c | 1 + + devices/gdevtsep.c | 1 + + 2 files changed, 2 insertions(+) + +diff --git a/base/gdevprn.c b/base/gdevprn.c +index 0491a3c6c..033632387 100644 +--- a/base/gdevprn.c ++++ b/base/gdevprn.c +@@ -1271,6 +1271,7 @@ gdev_prn_open_printer_seekable(gx_device *pdev, bool binary_mode, + && !IS_LIBCTX_STDERR(pdev->memory, gp_get_file(ppdev->file))) { + + code = gx_device_close_output_file(pdev, ppdev->fname, ppdev->file); ++ ppdev->file = NULL; + if (code < 0) + return code; + } +diff --git a/devices/gdevtsep.c b/devices/gdevtsep.c +index 7fd3c5518..f7a1b174b 100644 +--- a/devices/gdevtsep.c ++++ b/devices/gdevtsep.c +@@ -737,6 +737,7 @@ tiffsep_initialize_device_procs(gx_device *dev) + { + gdev_prn_initialize_device_procs(dev); + ++ set_dev_proc(dev, output_page, gdev_prn_output_page_seekable); + set_dev_proc(dev, open_device, tiffsep_prn_open); + set_dev_proc(dev, close_device, tiffsep_prn_close); + set_dev_proc(dev, map_color_rgb, tiffsep_decode_color); +-- +2.34.1
View file
_service
Changed
@@ -2,7 +2,7 @@ <service name="tar_scm"> <param name="url">git@gitee.com:src-openeuler/ghostscript.git</param> <param name="scm">git</param> - <param name="revision">openEuler-23.09</param> + <param name="revision">master</param> <param name="exclude">*</param> <param name="extract">*</param> </service>
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2