rpms/ghostscript
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Added security patch for CVE-2016-10218

Browse Source 
Resolves: #1441568
This commit is contained in:
David Kaspar [Dee'Kej] 2017-04-27 18:14:36 +02:00
parent fb69d56b4e
commit c929cf8ecd
2 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
ghostscript-9.20-cve-2016-10218.patch Normal file
View File

@ -0,0 +1,30 @@
From c0502b3771e4eac89a199a3558182337d146d4ab Mon Sep 17 00:00:00 2001
From: Michael Vrhel <michael.vrhel@artifex.com>
Date: Thu, 29 Dec 2016 12:00:40 -0800
Subject: [PATCH] Bug 697444 Unmatched transparency group pop
This issue can only occur if there is an unmatched group pop.
If the interpreter is doing that, then the interpreter is
broken. With this bug the user is intentionally doing it.
We now throw and error when it occurs.
---
base/gdevp14.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/base/gdevp14.c b/base/gdevp14.c
index ad3478f..84f0f40 100644
--- a/base/gdevp14.c
+++ b/base/gdevp14.c
@@ -985,6 +985,9 @@ pdf14_pop_transparency_group(gs_gstate *pgs, pdf14_ctx *ctx,
bool blendspot = pdev->blendspot;
bool nonicc_conversion = true;
+ if (nos == NULL)
+ return_error(gs_error_unknownerror); /* Unmatched group pop */
+
#ifdef DEBUG
pdf14_debug_mask_stack_state(ctx);
#endif
--
2.9.3

5
ghostscript.spec
View File

@ -32,6 +32,7 @@ Patch9: ghostscript-9.20-cve-2016-7977.patch
Patch12: ghostscript-9.20-cve-2016-9601.patch
Patch13: ghostscript-9.20-cve-2017-7207.patch
Patch14: ghostscript-9.20-cve-2016-10217.patch
Patch15: ghostscript-9.20-cve-2016-10218.patch
Requires: %{name}-core%{?_isa} = %{version}-%{release}
Requires: %{name}-x11%{?_isa} = %{version}-%{release}
@ -163,6 +164,9 @@ rm -rf expat freetype icclib jasper jpeg jpegxr lcms lcms2 libpng openjpeg zlib
# CVE-2016-10217 (bug #1441564):
%patch14 -p1
# CVE-2016-10218 (bug #1441568):
%patch15 -p1
# Convert manual pages to UTF-8
from8859_1() {
iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_"
@ -362,6 +366,7 @@ rm -rf $RPM_BUILD_ROOT
* Thu Apr 27 2017 David Kaspar [Dee'Kej] <dkaspar@redhat.com> - 9.20-9
- Added security fixes for:
- CVE-2016-10217 (bug #1441564)
- CVE-2016-10218 (bug #1441568)
* Thu Apr 06 2017 David Kaspar [Dee'Kej] <dkaspar@redhat.com> - 9.20-8
Added security fix for CVE-2017-7207 (bug #1434497)