From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:40882)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1fyb75-0001jn-Q4
	for guix-patches@gnu.org; Sat, 08 Sep 2018 07:09:16 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1fyb6x-0004pp-Sw
	for guix-patches@gnu.org; Sat, 08 Sep 2018 07:09:11 -0400
Received: from debbugs.gnu.org ([208.118.235.43]:45033)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1fyb6s-0004hM-G8
	for guix-patches@gnu.org; Sat, 08 Sep 2018 07:09:04 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1fyb6s-0003lx-97
	for guix-patches@gnu.org; Sat, 08 Sep 2018 07:09:02 -0400
Subject: [bug#32663] [PATCH 0/2] Ghostscript fixes
Resent-Message-ID: <handler.32663.B.153640491214445@debbugs.gnu.org>
Received: from eggs.gnu.org ([208.118.235.92]:40579)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mbakke@fastmail.com>) id 1fyb6E-0001BL-Bb
	for guix-patches@gnu.org; Sat, 08 Sep 2018 07:08:23 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mbakke@fastmail.com>) id 1fyb6B-0003Lx-7d
	for guix-patches@gnu.org; Sat, 08 Sep 2018 07:08:22 -0400
Received: from out1-smtp.messagingengine.com ([66.111.4.25]:60719)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <mbakke@fastmail.com>) id 1fyb6A-0003Ji-Vy
	for guix-patches@gnu.org; Sat, 08 Sep 2018 07:08:19 -0400
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45])
	by mailout.nyi.internal (Postfix) with ESMTP id 7D0C821ADF
	for <guix-patches@gnu.org>; Sat,  8 Sep 2018 07:08:18 -0400 (EDT)
Received: from localhost (140.226.16.62.customer.cdi.no [62.16.226.140])
	by mail.messagingengine.com (Postfix) with ESMTPA id C9178E4122
	for <guix-patches@gnu.org>; Sat,  8 Sep 2018 07:08:17 -0400 (EDT)
From: Marius Bakke <mbakke@fastmail.com>
Date: Sat,  8 Sep 2018 13:08:16 +0200
Message-Id: <20180908110816.23518-1-mbakke@fastmail.com>
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: 32663@debbugs.gnu.org

These patches aim to fix the recent security issues in Ghostscript.
I have verified that the reproducers in
<https://bugs.chromium.org/p/project-zero/issues/detail?id=1640> no
longer work with these patches.

Marius Bakke (2):
  gnu: jbig2dec: Replace with 0.15 [security fixes].
  gnu: ghostscript: Update replacement to 9.24 [security fixes].

 gnu/local.mk                                  |   2 +-
 gnu/packages/ghostscript.scm                  |  36 +++-
 gnu/packages/image.scm                        |  15 ++
 .../patches/ghostscript-CVE-2018-10194.patch  |  52 -----
 .../patches/ghostscript-CVE-2018-16509.patch  | 193 ++++++++++++++++++
 5 files changed, 242 insertions(+), 56 deletions(-)
 delete mode 100644 gnu/packages/patches/ghostscript-CVE-2018-10194.patch
 create mode 100644 gnu/packages/patches/ghostscript-CVE-2018-16509.patch

-- 
2.18.0