svn commit: r544907 - in head/print/ghostscript9-agpl-base: . files
Hiroki Sato
hrs at FreeBSD.org
Sat Aug 15 02:34:43 UTC 2020
Author: hrs
Date: Sat Aug 15 02:34:41 2020
New Revision: 544907
URL: https://svnweb.freebsd.org/changeset/ports/544907
Log:
Fix a memory corruption issue which can allow overriding of file
access controls.
Security: CVE-2020-15900
Security: https://insomniasec.com/blog/ghostscript-cve-2020-15900
Obtained from: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5d499
272b95a6b890a1397e11d20937de000d31b
PR: 248580
Added:
head/print/ghostscript9-agpl-base/files/patch-psi-zstring.c (contents, props changed)
Modified:
head/print/ghostscript9-agpl-base/Makefile
head/print/ghostscript9-agpl-base/files/patch-Resource_Init_FAPIcidfmap
head/print/ghostscript9-agpl-base/files/patch-configure
head/print/ghostscript9-agpl-base/files/patch-lcms2mt
Modified: head/print/ghostscript9-agpl-base/Makefile
==============================================================================
--- head/print/ghostscript9-agpl-base/Makefile Sat Aug 15 01:21:00 2020 (r544906)
+++ head/print/ghostscript9-agpl-base/Makefile Sat Aug 15 02:34:41 2020 (r544907)
@@ -2,7 +2,7 @@
PORTNAME= ghostscript
PORTVERSION= 9.52
-PORTREVISION= 7
+PORTREVISION= 8
CATEGORIES= print
MASTER_SITES= https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${PORTVERSION:S/.//}/
PKGNAMESUFFIX= 9-agpl-base
Modified: head/print/ghostscript9-agpl-base/files/patch-Resource_Init_FAPIcidfmap
==============================================================================
--- head/print/ghostscript9-agpl-base/files/patch-Resource_Init_FAPIcidfmap Sat Aug 15 01:21:00 2020 (r544906)
+++ head/print/ghostscript9-agpl-base/files/patch-Resource_Init_FAPIcidfmap Sat Aug 15 02:34:41 2020 (r544907)
@@ -1,4 +1,4 @@
---- Resource/Init/FAPIcidfmap.orig 2012-08-08 08:01:36 UTC
+--- Resource/Init/FAPIcidfmap.orig 2020-03-19 08:21:42 UTC
+++ Resource/Init/FAPIcidfmap
@@ -29,4 +29,59 @@
%
@@ -6,7 +6,7 @@
% /HeiseiKakuGo-W5 << /Path (F:/WIN2000/Fonts/BATANG.TTC) /CIDFontType 0 /FAPI /UFST /CSI [(Japan1) 2] >> ;
+%/Ryumin-Light << /Path (Ryumin-Light) /CIDFontType 0 /FAPI /UFST /CSI [(Japan1) 2] >> ;
+%/GothicBBB-Medium << /Path (GothicBBB-Medium) /CIDFontType 0 /FAPI /UFST /CSI [(Japan1) 2] >> ;
-+
+
+/Ryumin-Medium /Ryumin-Light ;
+/Ryumin-Regular /Ryumin-Light ;
+/RyuminPro-Light /Ryumin-Light ;
@@ -28,7 +28,7 @@
+/HiraKakuStd-W8 /GothicBBB-Medium ;
+
+/HiraMaruPro-W4 /GothicBBB-Medium ;
-
++
+/HiraMinPro-W3 /Ryumin-Light ;
+
+/HeiseiMin-W3 /Ryumin-Light ;
Modified: head/print/ghostscript9-agpl-base/files/patch-configure
==============================================================================
--- head/print/ghostscript9-agpl-base/files/patch-configure Sat Aug 15 01:21:00 2020 (r544906)
+++ head/print/ghostscript9-agpl-base/files/patch-configure Sat Aug 15 02:34:41 2020 (r544907)
@@ -1,6 +1,6 @@
---- configure.orig 2020-03-12 12:27:23 UTC
+--- configure.orig 2020-03-19 08:22:25 UTC
+++ configure
-@@ -4523,8 +4523,8 @@ case $host in
+@@ -4522,8 +4522,8 @@ case $host in
;;
*bsd*)
if test $ac_cv_c_compiler_gnu = yes; then
@@ -11,7 +11,7 @@
fi
;;
*-darwin*)
-@@ -5358,7 +5358,7 @@ if test "${enable_threadsafe+set}" = set; then :
+@@ -5357,7 +5357,7 @@ if test "${enable_threadsafe+set}" = set; then :
fi
if test x$enable_threadsafe = xyes ; then
@@ -20,7 +20,7 @@
fi
-@@ -10682,42 +10682,42 @@ if test x$enable_threadsafe = xyes; then
+@@ -10683,42 +10683,42 @@ if test x$enable_threadsafe = xyes; then
for ntsdev in $NTS_DEVS ; do
NTS_EXCLUDES="$(echo \"$P_DEVS0{@:0}\" | grep -o $ntsdev) $NTS_EXCLUDES"
@@ -71,7 +71,7 @@
done
NTS_EXCLUDES=`echo "$NTS_EXCLUDES" | tr " " "\n" | sort | uniq | tr "\n" " "`
-@@ -10968,7 +10968,12 @@ if test "${enable_dynamic+set}" = set; then :
+@@ -10970,7 +10970,12 @@ if test "${enable_dynamic+set}" = set; then :
DBG_CFLAGS="$DYNAMIC_CFLAGS $DBG_CFLAGS"
;;
*bsd*)
Modified: head/print/ghostscript9-agpl-base/files/patch-lcms2mt
==============================================================================
--- head/print/ghostscript9-agpl-base/files/patch-lcms2mt Sat Aug 15 01:21:00 2020 (r544906)
+++ head/print/ghostscript9-agpl-base/files/patch-lcms2mt Sat Aug 15 02:34:41 2020 (r544907)
@@ -1,6 +1,6 @@
---- Makefile.in.orig
+--- Makefile.in.orig 2020-03-19 08:21:42 UTC
+++ Makefile.in
-@@ -462,6 +462,8 @@
+@@ -462,6 +462,8 @@ DBUS_LIBS=@DBUS_LIBS@
# defines from autoconf; note that we don't use all of these at present.
ACDEFS=@DEFS@
@@ -9,9 +9,9 @@
CFLAGS=$(CFLAGS_STANDARD) $(GCFLAGS) $(AC_CFLAGS) $(XCFLAGS) @CLUSTER_CFLAGS@
CFLAGSAUX=$(CFLAGSAUX_STANDARD) $(GCFLAGSAUX) $(XCFLAGSAUX)
---- base/lcms2mt.mak.orig
+--- base/lcms2mt.mak.orig 2020-03-19 08:21:42 UTC
+++ base/lcms2mt.mak
-@@ -80,7 +80,7 @@
+@@ -80,7 +80,7 @@ lcms2.config-clean :
# NB: we can't use the normal $(CC_) here because msvccmd.mak
# adds /Za which conflicts with the lcms source.
Added: head/print/ghostscript9-agpl-base/files/patch-psi-zstring.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/print/ghostscript9-agpl-base/files/patch-psi-zstring.c Sat Aug 15 02:34:41 2020 (r544907)
@@ -0,0 +1,27 @@
+--- psi/zstring.c.orig 2020-03-19 08:21:42 UTC
++++ psi/zstring.c
+@@ -142,13 +142,18 @@ search_impl(i_ctx_t *i_ctx_p, bool forward)
+ return 0;
+ found:
+ op->tas.type_attrs = op1->tas.type_attrs;
+- op->value.bytes = ptr;
+- r_set_size(op, size);
++ op->value.bytes = ptr; /* match */
++ op->tas.rsize = size; /* match */
+ push(2);
+- op[-1] = *op1;
+- r_set_size(op - 1, ptr - op[-1].value.bytes);
+- op1->value.bytes = ptr + size;
+- r_set_size(op1, count + (!forward ? (size - 1) : 0));
++ op[-1] = *op1; /* pre */
++ op[-3].value.bytes = ptr + size; /* post */
++ if (forward) {
++ op[-1].tas.rsize = ptr - op[-1].value.bytes; /* pre */
++ op[-3].tas.rsize = count; /* post */
++ } else {
++ op[-1].tas.rsize = count; /* pre */
++ op[-3].tas.rsize -= count + size; /* post */
++ }
+ make_true(op);
+ return 0;
+ }
More information about the svn-ports-head
mailing list