diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2019-04-02 20:30:22 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2019-04-03 08:59:45 +0200 |
| commit | caa5f28b83340fe23012ab27244a288449b26b26 (patch) | |
| tree | 70102860b8f3df20347f25125b7ea065340cd1d5 /source/ap/ghostscript/ghostscript.SlackBuild | |
| parent | df86158dc598141c63689a86c2f247053e616719 (diff) | |
| download | current-20190402203022.tar.gz current-20190402203022.tar.xz | |
Tue Apr 2 20:30:22 UTC 201920190402203022
a/hwdata-0.322-noarch-1.txz: Upgraded.
a/kernel-firmware-20190402_67b7579-noarch-1.txz: Upgraded.
a/shadow-4.6-x86_64-2.txz: Rebuilt.
adduser: reprompt on invalid user input. Thanks to ttk.
ap/ghostscript-9.26-x86_64-2.txz: Rebuilt.
Fixes security issues:
A specially crafted PostScript file could have access to the file system
outside of the constrains imposed by -dSAFER.
Transient procedures can allow access to system operators, leading to
remote code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6116
(* Security fix *)
d/vala-0.44.2-x86_64-1.txz: Upgraded.
l/glib-networking-2.60.1-x86_64-1.txz: Upgraded.
l/imagemagick-6.9.10_36-x86_64-1.txz: Upgraded.
l/python-pillow-6.0.0-x86_64-1.txz: Upgraded.
n/wget-1.20.2-x86_64-1.txz: Upgraded.
Fixed an unspecified buffer overflow vulnerability.
(* Security fix *)
Diffstat (limited to 'source/ap/ghostscript/ghostscript.SlackBuild')
| -rwxr-xr-x | source/ap/ghostscript/ghostscript.SlackBuild | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/source/ap/ghostscript/ghostscript.SlackBuild b/source/ap/ghostscript/ghostscript.SlackBuild index cad33b149..2d15f220d 100755 --- a/source/ap/ghostscript/ghostscript.SlackBuild +++ b/source/ap/ghostscript/ghostscript.SlackBuild @@ -27,7 +27,7 @@ if [ -r gnu-ghostscript-*.tar.?z ]; then SRCPREFIX="gnu-" fi VERSION=${VERSION:-$(echo $SRCPREFIX$PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -76,6 +76,12 @@ cd ${SRCPREFIX}${PKGNAM}-$VERSION || exit 1 # Remove unmaintained garbage: rm -rf freetype jpeg lcms2 libpng libtiff png tiff zlib +# Security and bugfix patches: +zcat $CWD/ghostscript-cve-2019-6116.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/ghostscript-subclassing-devices-fix-put_image-method.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/ghostscript-cve-2019-3835.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/ghostscript-cve-2019-3838.patch.gz | patch -p1 --verbose || exit 1 + # Regenerate ./configure. Needed if patched, or to prevent libtool mismatch. autoreconf --force --install ( cd jbig2dec ; autoreconf --force --install ) |