From f7a5c92c658df12bc805fccee1edb3b759fe7810 Mon Sep 17 00:00:00 2001 From: Tim Waugh Date: Tue, 4 Mar 2008 17:44:08 +0000 Subject: [PATCH] - No longer need CVE-2008-0411 patch. --- ghostscript-CVE-2008-0411.patch | 13 ------------- ghostscript.spec | 16 ++++++++-------- 2 files changed, 8 insertions(+), 21 deletions(-) delete mode 100644 ghostscript-CVE-2008-0411.patch diff --git a/ghostscript-CVE-2008-0411.patch b/ghostscript-CVE-2008-0411.patch deleted file mode 100644 index 92b2916..0000000 --- a/ghostscript-CVE-2008-0411.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff -up ghostscript-8.61/src/zicc.c.CVE-2008-0411 ghostscript-8.61/src/zicc.c ---- ghostscript-8.61/src/zicc.c.CVE-2008-0411 2007-09-25 14:31:24.000000000 +0100 -+++ ghostscript-8.61/src/zicc.c 2008-02-27 17:07:30.000000000 +0000 -@@ -77,6 +77,9 @@ zseticcspace(i_ctx_t * i_ctx_p) - dict_find_string(op, "N", &pnval); - ncomps = pnval->value.intval; - -+ if (2*ncomps > sizeof(range_buff)/sizeof(float)) -+ return_error(e_rangecheck); -+ - /* verify the DataSource entry */ - if (dict_find_string(op, "DataSource", &pstrmval) <= 0) - return_error(e_undefined); diff --git a/ghostscript.spec b/ghostscript.spec index f95bc76..a258aec 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -5,7 +5,7 @@ Summary: A PostScript(TM) interpreter and renderer. Name: ghostscript Version: %{gs_ver} -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2 URL: http://www.ghostscript.com/ @@ -18,9 +18,8 @@ Patch1: ghostscript-multilib.patch Patch2: ghostscript-scripts.patch Patch3: ghostscript-noopt.patch Patch4: ghostscript-fPIC.patch -Patch6: ghostscript-runlibfileifexists.patch -Patch8: ghostscript-system-jasper.patch -Patch9: ghostscript-CVE-2008-0411.patch +Patch5: ghostscript-runlibfileifexists.patch +Patch6: ghostscript-system-jasper.patch Requires: urw-fonts >= 1.1, ghostscript-fonts BuildRequires: libjpeg-devel, libXt-devel @@ -89,11 +88,9 @@ rm -rf libpng zlib jpeg jasper %patch4 -p1 -b .fPIC # Define .runlibfileifexists. -%patch6 -p1 -b .runlibfileifexists +%patch5 -p1 -b .runlibfileifexists -%patch8 -p1 -b .system-jasper - -%patch9 -p1 -b .CVE-2008-0411 +%patch6 -p1 -b .system-jasper # Convert manual pages to UTF-8 from8859_1() { @@ -266,6 +263,9 @@ rm -rf $RPM_BUILD_ROOT %{_libdir}/libgs.so %changelog +* Tue Mar 4 2008 Tim Waugh 8.62-2 +- No longer need CVE-2008-0411 patch. + * Tue Mar 4 2008 Tim Waugh 8.62-1 - 8.62. No longer need IJS KRGB patch, or patch for gs bug 689577.