diff options
| author | Vincent Legoll <vincent.legoll@gmail.com> | 2021-02-20 22:10:09 +0100 |
|---|---|---|
| committer | Leo Famulari <leo@famulari.name> | 2021-02-20 17:38:26 -0500 |
| commit | f49c13f1833f0db5a5ddcb751c16f6e9ed56355f (patch) | |
| tree | 8458a434e3fc320ac53379e91211bd66f93e84ad | |
| parent | 6579100df09aa906dd3f38aaafa2e22adcf5f991 (diff) | |
| download | guix-f49c13f1833f0db5a5ddcb751c16f6e9ed56355f.tar.gz | |
gnu: ghostscript: Update to 9.53.3.
* gnu/packages/ghostscript.scm (ghostscript): Update to 9.53.3. [source]: Remove obsolete patch 'ghostscript-CVE-2020-15900.patch'. * gnu/packages/patches/ghostscript-CVE-2020-15900.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. Signed-off-by: Leo Famulari <leo@famulari.name>
| -rw-r--r-- | gnu/local.mk | 1 | ||||
| -rw-r--r-- | gnu/packages/ghostscript.scm | 5 | ||||
| -rw-r--r-- | gnu/packages/patches/ghostscript-CVE-2020-15900.patch | 36 |
3 files changed, 2 insertions, 40 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index b9757fe69e..3caa6c6fc9 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1061,7 +1061,6 @@ dist_patch_DATA = \ %D%/packages/patches/ghc-monad-par-fix-tests.patch \ %D%/packages/patches/ghc-pandoc-fix-html-tests.patch \ %D%/packages/patches/ghc-pandoc-fix-latex-test.patch \ - %D%/packages/patches/ghostscript-CVE-2020-15900.patch \ %D%/packages/patches/ghostscript-freetype-compat.patch \ %D%/packages/patches/ghostscript-no-header-id.patch \ %D%/packages/patches/ghostscript-no-header-uuid.patch \ diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm index 19430d315a..2a13cbd83f 100644 --- a/gnu/packages/ghostscript.scm +++ b/gnu/packages/ghostscript.scm @@ -160,7 +160,7 @@ printing, and psresize, for adjusting page sizes.") (define-public ghostscript (package (name "ghostscript") - (version "9.52") + (version "9.53.3") (source (origin (method url-fetch) @@ -170,9 +170,8 @@ printing, and psresize, for adjusting page sizes.") "/ghostscript-" version ".tar.xz")) (sha256 (base32 - "0z1w42y2jmcpl2m1l3z0sfii6zmvzcwcgzn6bydklia6ig7jli2p")) + "0d52w9ajv1rz533119ywgmkzkapp74riwny0d21v0zkcbg45p7ww")) (patches (search-patches "ghostscript-freetype-compat.patch" - "ghostscript-CVE-2020-15900.patch" "ghostscript-no-header-creationdate.patch" "ghostscript-no-header-id.patch" "ghostscript-no-header-uuid.patch")) diff --git a/gnu/packages/patches/ghostscript-CVE-2020-15900.patch b/gnu/packages/patches/ghostscript-CVE-2020-15900.patch deleted file mode 100644 index b6658d7c7f..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2020-15900.patch +++ /dev/null @@ -1,36 +0,0 @@ -Fix CVE-2020-15900. - -https://cve.circl.lu/cve/CVE-2020-15900 -https://artifex.com/security-advisories/CVE-2020-15900 - -Taken from upstream: -https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5d499272b95a6b890a1397e11d20937de000d31b - -diff --git a/psi/zstring.c b/psi/zstring.c ---- a/psi/zstring.c -+++ b/psi/zstring.c -@@ -142,13 +142,18 @@ search_impl(i_ctx_t *i_ctx_p, bool forward) - return 0; - found: - op->tas.type_attrs = op1->tas.type_attrs; -- op->value.bytes = ptr; -- r_set_size(op, size); -+ op->value.bytes = ptr; /* match */ -+ op->tas.rsize = size; /* match */ - push(2); -- op[-1] = *op1; -- r_set_size(op - 1, ptr - op[-1].value.bytes); -- op1->value.bytes = ptr + size; -- r_set_size(op1, count + (!forward ? (size - 1) : 0)); -+ op[-1] = *op1; /* pre */ -+ op[-3].value.bytes = ptr + size; /* post */ -+ if (forward) { -+ op[-1].tas.rsize = ptr - op[-1].value.bytes; /* pre */ -+ op[-3].tas.rsize = count; /* post */ -+ } else { -+ op[-1].tas.rsize = count; /* pre */ -+ op[-3].tas.rsize -= count + size; /* post */ -+ } - make_true(op); - return 0; - } |