From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43966) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e1d4z-0000GV-B2 for guix-patches@gnu.org; Mon, 09 Oct 2017 14:47:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e1d4w-0003Xy-Mw for guix-patches@gnu.org; Mon, 09 Oct 2017 14:47:05 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:49872) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1e1d4w-0003Xh-IU for guix-patches@gnu.org; Mon, 09 Oct 2017 14:47:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1e1d4v-0004cC-St for guix-patches@gnu.org; Mon, 09 Oct 2017 14:47:02 -0400 Subject: [bug#28762] [PATCH] gnu: ghostscript: Replace with 9.22 [security fixes]. Resent-Message-ID: Received: from eggs.gnu.org ([2001:4830:134:3::10]:43659) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e1d3x-0008Oh-Kc for guix-patches@gnu.org; Mon, 09 Oct 2017 14:46:02 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e1d3u-0002vJ-Sd for guix-patches@gnu.org; Mon, 09 Oct 2017 14:46:01 -0400 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:50413) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1e1d3u-0002uS-P2 for guix-patches@gnu.org; Mon, 09 Oct 2017 14:45:58 -0400 Received: from jasmine.lan (c-73-165-108-70.hsd1.pa.comcast.net [73.165.108.70]) by mail.messagingengine.com (Postfix) with ESMTPA id 6A34E7FA74 for ; Mon, 9 Oct 2017 14:45:56 -0400 (EDT) From: Leo Famulari Date: Mon, 9 Oct 2017 14:45:51 -0400 Message-Id: List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 28762@debbugs.gnu.org Fixes CVE-2017-{7948,7975,8908,9216,9610,9611,9612,9618,9619,9620,9726,9727, 9739,9740,9835}. * gnu/packages/ghostscript.scm (ghostscript)[replacement]: New field. (ghostscript-9.22): New variables. --- gnu/packages/ghostscript.scm | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm index d5d5aa2df..1e036a5e4 100644 --- a/gnu/packages/ghostscript.scm +++ b/gnu/packages/ghostscript.scm @@ -131,6 +131,7 @@ printing, and psresize, for adjusting page sizes.") (define-public ghostscript (package (name "ghostscript") + (replacement ghostscript-9.22) (version "9.21") (source (origin @@ -254,6 +255,34 @@ output file formats and printers.") (home-page "https://www.ghostscript.com/") (license license:agpl3+))) +(define ghostscript-9.22 + (package + (inherit ghostscript) + (version "9.22") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/ArtifexSoftware/" + "ghostpdl-downloads/releases/download/gs" + (string-delete #\. version) + "/ghostscript-" version ".tar.xz")) + (sha256 + (base32 + "1fyi4yvdj39bjgs10klr31cda1fbx1ar7a7b7yz7v68gykk65y61")) + (patches (search-patches "ghostscript-runpath.patch" + "ghostscript-no-header-creationdate.patch" + "ghostscript-no-header-id.patch" + "ghostscript-no-header-uuid.patch")) + (modules '((guix build utils))) + (snippet + ;; Remove bundled libraries. The bundled OpenJPEG is a patched fork so + ;; we leave it, at least for now. + ;; TODO Try unbundling ijs, which is developed alongside Ghostscript. + '(begin + (for-each delete-file-recursively '("freetype" "jbig2dec" "jpeg" + "lcms2" "libpng" + "tiff" "zlib")))))))) + (define-public ghostscript/x (package/inherit ghostscript (name (string-append (package-name ghostscript) "-with-x")) -- 2.14.2