diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2019-04-02 20:30:22 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2019-04-03 08:59:45 +0200 |
commit | caa5f28b83340fe23012ab27244a288449b26b26 (patch) | |
tree | 70102860b8f3df20347f25125b7ea065340cd1d5 /source/ap/ghostscript/ghostscript-subclassing-devices-fix-put_image-method.patch | |
parent | df86158dc598141c63689a86c2f247053e616719 (diff) | |
download | current-caa5f28b83340fe23012ab27244a288449b26b26.tar.gz current-caa5f28b83340fe23012ab27244a288449b26b26.tar.xz |
Tue Apr 2 20:30:22 UTC 201920190402203022
a/hwdata-0.322-noarch-1.txz: Upgraded.
a/kernel-firmware-20190402_67b7579-noarch-1.txz: Upgraded.
a/shadow-4.6-x86_64-2.txz: Rebuilt.
adduser: reprompt on invalid user input. Thanks to ttk.
ap/ghostscript-9.26-x86_64-2.txz: Rebuilt.
Fixes security issues:
A specially crafted PostScript file could have access to the file system
outside of the constrains imposed by -dSAFER.
Transient procedures can allow access to system operators, leading to
remote code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6116
(* Security fix *)
d/vala-0.44.2-x86_64-1.txz: Upgraded.
l/glib-networking-2.60.1-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_36-x86_64-1.txz: Upgraded.
l/python-pillow-6.0.0-x86_64-1.txz: Upgraded.
n/wget-1.20.2-x86_64-1.txz: Upgraded.
Fixed an unspecified buffer overflow vulnerability.
(* Security fix *)
Diffstat (limited to 'source/ap/ghostscript/ghostscript-subclassing-devices-fix-put_image-method.patch')
-rw-r--r-- | source/ap/ghostscript/ghostscript-subclassing-devices-fix-put_image-method.patch | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/source/ap/ghostscript/ghostscript-subclassing-devices-fix-put_image-method.patch b/source/ap/ghostscript/ghostscript-subclassing-devices-fix-put_image-method.patch new file mode 100644 index 000000000..fadb948d5 --- /dev/null +++ b/source/ap/ghostscript/ghostscript-subclassing-devices-fix-put_image-method.patch @@ -0,0 +1,28 @@ +From fae21f1668d2b44b18b84cf0923a1d5f3008a696 Mon Sep 17 00:00:00 2001 +From: Ken Sharp <ken.sharp@artifex.com> +Date: Tue, 4 Dec 2018 21:31:31 +0000 +Subject: subclassing devices - fix put_image method + +The subclassing devices need to change the 'memory device' parameter to +be the child device, when its the same as the subclassing device. + +Otherwise we end up trying to access the child device's memory pointers +in the subclassing device, which may not contain valid copies of +those pointers. + +diff --git a/base/gdevsclass.c b/base/gdevsclass.c +index d9c85d2e4..51092585a 100644 +--- a/base/gdevsclass.c ++++ b/base/gdevsclass.c +@@ -797,7 +797,10 @@ int default_subclass_put_image(gx_device *dev, gx_device *mdev, const byte **buf + int alpha_plane_index, int tag_plane_index) + { + if (dev->child) +- return dev_proc(dev->child, put_image)(dev->child, mdev, buffers, num_chan, x, y, width, height, row_stride, alpha_plane_index, tag_plane_index); ++ if (dev == mdev) ++ return dev_proc(dev->child, put_image)(dev->child, dev->child, buffers, num_chan, x, y, width, height, row_stride, alpha_plane_index, tag_plane_index); ++ else ++ return dev_proc(dev->child, put_image)(dev->child, mdev, buffers, num_chan, x, y, width, height, row_stride, alpha_plane_index, tag_plane_index); + + return 0; + } |