packages/ghostscript
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix CVE-2024-46956

Browse Source
This commit is contained in:
liningjie 2024-10-25 18:17:18 +08:00
parent fc0384a61d
commit 0a3ac139f6
2 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
backport-CVE-2024-46956.patch Normal file
View File

@ -0,0 +1,30 @@
From ea69a1388245ad959d31c272b5ba66d40cebba2c Mon Sep 17 00:00:00 2001
From: Zdenek Hutyra <zhutyra@centrum.cz>
Date: Tue, 23 Jul 2024 11:48:39 +0100
Subject: [PATCH] PostScript interpreter - fix buffer length check
Bug 707895
See bug report for details.
CVE-2024-46956
---
psi/zfile.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/psi/zfile.c b/psi/zfile.c
index fe3f7e9..027f412 100644
--- a/psi/zfile.c
+++ b/psi/zfile.c
@@ -440,7 +440,7 @@ file_continue(i_ctx_t *i_ctx_p)
if (code == ~(uint) 0) { /* all done */
esp -= 5; /* pop proc, pfen, devlen, iodev , mark */
return o_pop_estack;
- } else if (code > len) { /* overran string */
+ } else if (code > len - devlen) { /* overran string */
return_error(gs_error_rangecheck);
}
else if (iodev != iodev_default(imemory)
--
2.27.0

10
ghostscript.spec
View File

@ -9,7 +9,7 @@
Name: ghostscript Name: ghostscript
Version: 9.56.1 Version: 9.56.1
Release: 9 Release: 10
Summary: An interpreter for PostScript and PDF files Summary: An interpreter for PostScript and PDF files
License: AGPLv3+ License: AGPLv3+
URL: https://ghostscript.com/ URL: https://ghostscript.com/
@ -65,6 +65,7 @@ Patch116: Bug-707510-fix-LIBIDN-usage.patch
#This is the second part of the fix for CVE-2024-33869 #This is the second part of the fix for CVE-2024-33869
Patch117: fix-CVE-2024-33869-second.patch Patch117: fix-CVE-2024-33869-second.patch
Patch118: backport-CVE-2024-46953.patch Patch118: backport-CVE-2024-46953.patch
Patch119: backport-CVE-2024-46956.patch
BuildRequires: automake gcc BuildRequires: automake gcc
BuildRequires: adobe-mappings-cmap-devel adobe-mappings-pdf-devel BuildRequires: adobe-mappings-cmap-devel adobe-mappings-pdf-devel
@ -151,6 +152,7 @@ PDF files using Ghostscript and dvips
%patch116 -p1 %patch116 -p1
%patch117 -p1 %patch117 -p1
%patch118 -p1 %patch118 -p1
%patch119 -p1
# Libraries that we already have packaged(see Build Requirements): # Libraries that we already have packaged(see Build Requirements):
rm -rf cups/libs freetype ijs jbig2dec jpeg lcms2* libpng openjpeg tiff zlib rm -rf cups/libs freetype ijs jbig2dec jpeg lcms2* libpng openjpeg tiff zlib
@ -244,6 +246,12 @@ install -m 0755 -d %{buildroot}%{_datadir}/%{name}/conf.d/
%{_bindir}/dvipdf %{_bindir}/dvipdf
%changelog %changelog
* Fri Oct 25 2024 liningjie <liningjie@xfusion.com> - 9.56.1-10
- Type:CVE
- ID:NA
- SUG:NA
- DECS: Fix CVE-2024-46956
* Fri Oct 25 2024 liningjie <liningjie@xfusion.com> - 9.56.1-9 * Fri Oct 25 2024 liningjie <liningjie@xfusion.com> - 9.56.1-9
- Type:CVE - Type:CVE
- ID:NA - ID:NA