From 2520b90f18ab408818b967f77ef38c1be85de634 Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Tue, 13 Nov 2018 05:15:29 +0000
Subject: Tue Nov 13 05:15:29 UTC 2018

d/python-setuptools-40.6.1-x86_64-1.txz:  Upgraded.
l/M2Crypto-0.31.0-x86_64-1.txz:  Upgraded.
l/SDL2-2.0.9-x86_64-2.txz:  Rebuilt.
  Fixed use of SDL_syswm.h with SDL_PROTOTYPES_ONLY in C++ mode.
  Thanks to orbea.
l/libtiff-4.0.10-x86_64-1.txz:  Upgraded.
  This update fixes some denial of service security issues.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10779
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18661
  (* Security fix *)
l/netpbm-10.84.02-x86_64-1.txz:  Upgraded.
n/net-snmp-5.8-x86_64-2.txz:  Rebuilt.
  Recompiled to link the perl modules to the new libraries. Thanks to th_r.
---
 source/l/netpbm/netpbm-CAN-2005-2471.patch | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 source/l/netpbm/netpbm-CAN-2005-2471.patch

(limited to 'source/l/netpbm/netpbm-CAN-2005-2471.patch')

diff --git a/source/l/netpbm/netpbm-CAN-2005-2471.patch b/source/l/netpbm/netpbm-CAN-2005-2471.patch
new file mode 100644
index 000000000..24495de17
--- /dev/null
+++ b/source/l/netpbm/netpbm-CAN-2005-2471.patch
@@ -0,0 +1,17 @@
+diff -urNp a/converter/other/pstopnm.c b/converter/other/pstopnm.c
+--- a/converter/other/pstopnm.c	2018-07-23 15:14:51.200658026 +0200
++++ b/converter/other/pstopnm.c	2018-07-23 15:18:12.579910612 +0200
+@@ -896,11 +896,11 @@ execGhostscript(int               const
+                    ghostscriptProg, arg0,
+                    deviceopt, outfileopt, gopt, ropt, textalphabitsopt,
+                    "-q", "-dNOPAUSE",
+-                   "-dSAFER", "-");
++                   "-dPARANOIDSAFER", "-");
+     }
+ 
+     execl(ghostscriptProg, arg0, deviceopt, outfileopt, gopt, ropt, "-q",
+-          "-dNOPAUSE", "-dSAFER", "-", NULL);
++          "-dNOPAUSE", "-dPARANOIDSAFER", "-", NULL);
+ 
+     pm_error("execl() of Ghostscript ('%s') failed, errno=%d (%s)",
+              ghostscriptProg, errno, strerror(errno));
-- 
cgit v1.2.3