amaharaneko/guix-mirrors
1
1
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2025-10-02 02:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

gnu: ghostscript: Update to 9.53.3.

Browse source 
* gnu/packages/ghostscript.scm (ghostscript): Update to 9.53.3.
[source]: Remove obsolete patch 'ghostscript-CVE-2020-15900.patch'.
* gnu/packages/patches/ghostscript-CVE-2020-15900.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.

Signed-off-by: Leo Famulari <leo@famulari.name>
This commit is contained in:
Vincent Legoll 2021-02-20 22:10:09 +01:00 committed by Leo Famulari
parent 6579100df0
commit f49c13f183
No known key found for this signature in database
GPG key ID: 2646FA30BACA7F08
3 changed files with 2 additions and 40 deletions
Download patch file Download diff file Expand all files Collapse all files

1
gnu/local.mk
View file

@ -1061,7 +1061,6 @@ dist_patch_DATA = \
%D%/packages/patches/ghc-monad-par-fix-tests.patch \ %D%/packages/patches/ghc-monad-par-fix-tests.patch \
%D%/packages/patches/ghc-pandoc-fix-html-tests.patch \ %D%/packages/patches/ghc-pandoc-fix-html-tests.patch \
%D%/packages/patches/ghc-pandoc-fix-latex-test.patch \ %D%/packages/patches/ghc-pandoc-fix-latex-test.patch \
%D%/packages/patches/ghostscript-CVE-2020-15900.patch \
%D%/packages/patches/ghostscript-freetype-compat.patch \ %D%/packages/patches/ghostscript-freetype-compat.patch \
%D%/packages/patches/ghostscript-no-header-id.patch \ %D%/packages/patches/ghostscript-no-header-id.patch \
%D%/packages/patches/ghostscript-no-header-uuid.patch \ %D%/packages/patches/ghostscript-no-header-uuid.patch \

5
gnu/packages/ghostscript.scm
View file

@ -160,7 +160,7 @@ printing, and psresize, for adjusting page sizes.")
(define-public ghostscript (define-public ghostscript
(package (package
(name "ghostscript") (name "ghostscript")
(version "9.52") (version "9.53.3")
(source (source
(origin (origin
(method url-fetch) (method url-fetch)
@ -170,9 +170,8 @@ printing, and psresize, for adjusting page sizes.")
"/ghostscript-" version ".tar.xz")) "/ghostscript-" version ".tar.xz"))
(sha256 (sha256
(base32 (base32
"0z1w42y2jmcpl2m1l3z0sfii6zmvzcwcgzn6bydklia6ig7jli2p")) "0d52w9ajv1rz533119ywgmkzkapp74riwny0d21v0zkcbg45p7ww"))
(patches (search-patches "ghostscript-freetype-compat.patch" (patches (search-patches "ghostscript-freetype-compat.patch"
"ghostscript-CVE-2020-15900.patch"
"ghostscript-no-header-creationdate.patch" "ghostscript-no-header-creationdate.patch"
"ghostscript-no-header-id.patch" "ghostscript-no-header-id.patch"
"ghostscript-no-header-uuid.patch")) "ghostscript-no-header-uuid.patch"))

36
gnu/packages/patches/ghostscript-CVE-2020-15900.patch
View file

@ -1,36 +0,0 @@
Fix CVE-2020-15900.
https://cve.circl.lu/cve/CVE-2020-15900
https://artifex.com/security-advisories/CVE-2020-15900
Taken from upstream:
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5d499272b95a6b890a1397e11d20937de000d31b
diff --git a/psi/zstring.c b/psi/zstring.c
--- a/psi/zstring.c
+++ b/psi/zstring.c
@@ -142,13 +142,18 @@ search_impl(i_ctx_t *i_ctx_p, bool forward)
return 0;
found:
op->tas.type_attrs = op1->tas.type_attrs;
- op->value.bytes = ptr;
- r_set_size(op, size);
+ op->value.bytes = ptr; /* match */
+ op->tas.rsize = size; /* match */
push(2);
- op[-1] = *op1;
- r_set_size(op - 1, ptr - op[-1].value.bytes);
- op1->value.bytes = ptr + size;
- r_set_size(op1, count + (!forward ? (size - 1) : 0));
+ op[-1] = *op1; /* pre */
+ op[-3].value.bytes = ptr + size; /* post */
+ if (forward) {
+ op[-1].tas.rsize = ptr - op[-1].value.bytes; /* pre */
+ op[-3].tas.rsize = count; /* post */
+ } else {
+ op[-1].tas.rsize = count; /* pre */
+ op[-3].tas.rsize -= count + size; /* post */
+ }
make_true(op);
return 0;
}