From: Vincent Legoll <vincent.legoll@gmail.com>
To: 46566@debbugs.gnu.org
Cc: Vincent Legoll <vincent.legoll@gmail.com>
Subject: [bug#46566] [PATCH 2/2] gnu: ghostscript: Update to 9.53.3.
Date: Sat, 20 Feb 2021 22:10:09 +0100 [thread overview]
Message-ID: <20210220211009.6014-2-vincent.legoll@gmail.com> (raw)
In-Reply-To: <20210220211009.6014-1-vincent.legoll@gmail.com>
* gnu/packages/ghostscript.scm (ghostscript): Update to 9.53.3.
[source]: Remove obsolete patch 'ghostscript-CVE-2020-15900.patch'.
* gnu/packages/patches/ghostscript-CVE-2020-15900.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
---
gnu/local.mk | 1 -
gnu/packages/ghostscript.scm | 5 ++-
.../patches/ghostscript-CVE-2020-15900.patch | 36 -------------------
3 files changed, 2 insertions(+), 40 deletions(-)
delete mode 100644 gnu/packages/patches/ghostscript-CVE-2020-15900.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index b9757fe69e..3caa6c6fc9 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1061,7 +1061,6 @@ dist_patch_DATA = \
%D%/packages/patches/ghc-monad-par-fix-tests.patch \
%D%/packages/patches/ghc-pandoc-fix-html-tests.patch \
%D%/packages/patches/ghc-pandoc-fix-latex-test.patch \
- %D%/packages/patches/ghostscript-CVE-2020-15900.patch \
%D%/packages/patches/ghostscript-freetype-compat.patch \
%D%/packages/patches/ghostscript-no-header-id.patch \
%D%/packages/patches/ghostscript-no-header-uuid.patch \
diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm
index 19430d315a..2a13cbd83f 100644
--- a/gnu/packages/ghostscript.scm
+++ b/gnu/packages/ghostscript.scm
@@ -160,7 +160,7 @@ printing, and psresize, for adjusting page sizes.")
(define-public ghostscript
(package
(name "ghostscript")
- (version "9.52")
+ (version "9.53.3")
(source
(origin
(method url-fetch)
@@ -170,9 +170,8 @@ printing, and psresize, for adjusting page sizes.")
"/ghostscript-" version ".tar.xz"))
(sha256
(base32
- "0z1w42y2jmcpl2m1l3z0sfii6zmvzcwcgzn6bydklia6ig7jli2p"))
+ "0d52w9ajv1rz533119ywgmkzkapp74riwny0d21v0zkcbg45p7ww"))
(patches (search-patches "ghostscript-freetype-compat.patch"
- "ghostscript-CVE-2020-15900.patch"
"ghostscript-no-header-creationdate.patch"
"ghostscript-no-header-id.patch"
"ghostscript-no-header-uuid.patch"))
diff --git a/gnu/packages/patches/ghostscript-CVE-2020-15900.patch b/gnu/packages/patches/ghostscript-CVE-2020-15900.patch
deleted file mode 100644
index b6658d7c7f..0000000000
--- a/gnu/packages/patches/ghostscript-CVE-2020-15900.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Fix CVE-2020-15900.
-
-https://cve.circl.lu/cve/CVE-2020-15900
-https://artifex.com/security-advisories/CVE-2020-15900
-
-Taken from upstream:
-https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5d499272b95a6b890a1397e11d20937de000d31b
-
-diff --git a/psi/zstring.c b/psi/zstring.c
---- a/psi/zstring.c
-+++ b/psi/zstring.c
-@@ -142,13 +142,18 @@ search_impl(i_ctx_t *i_ctx_p, bool forward)
- return 0;
- found:
- op->tas.type_attrs = op1->tas.type_attrs;
-- op->value.bytes = ptr;
-- r_set_size(op, size);
-+ op->value.bytes = ptr; /* match */
-+ op->tas.rsize = size; /* match */
- push(2);
-- op[-1] = *op1;
-- r_set_size(op - 1, ptr - op[-1].value.bytes);
-- op1->value.bytes = ptr + size;
-- r_set_size(op1, count + (!forward ? (size - 1) : 0));
-+ op[-1] = *op1; /* pre */
-+ op[-3].value.bytes = ptr + size; /* post */
-+ if (forward) {
-+ op[-1].tas.rsize = ptr - op[-1].value.bytes; /* pre */
-+ op[-3].tas.rsize = count; /* post */
-+ } else {
-+ op[-1].tas.rsize = count; /* pre */
-+ op[-3].tas.rsize -= count + size; /* post */
-+ }
- make_true(op);
- return 0;
- }
--
2.30.0
next prev parent reply other threads:[~2021-02-20 21:11 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-16 19:11 [bug#46566] [PATCH 0/2 core-updates] ghostscript update Vincent Legoll
2021-02-16 19:12 ` [bug#46566] [PATCH 1/2] gnu: jbig2dec: Update to 0.19 Vincent Legoll
2021-02-16 19:12 ` [bug#46566] [PATCH 2/2] gnu: ghostscript: Update to 9.53.3 Vincent Legoll
2021-02-20 18:25 ` Leo Famulari
2021-02-20 19:08 ` Vincent Legoll
2021-02-20 21:09 ` Vincent Legoll
[not found] ` <handler.46566.B.16135026945784.ack@debbugs.gnu.org>
2021-02-16 19:14 ` [bug#46566] Acknowledgement ([PATCH 0/2 core-updates] ghostscript update) Vincent Legoll
2021-02-20 21:10 ` [bug#46566] [PATCH 1/2] gnu: jbig2dec: Update to 0.19 Vincent Legoll
2021-02-20 21:10 ` Vincent Legoll [this message]
2021-02-20 22:39 ` bug#46566: [PATCH 2/2] gnu: ghostscript: Update to 9.53.3 Leo Famulari
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210220211009.6014-2-vincent.legoll@gmail.com \
--to=vincent.legoll@gmail.com \
--cc=46566@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).