Date: Thursday, October 5, 2017 @ 18:14:54 Author: andyrtr Revision: 306856
upgpkg: ghostscript 9.22-1 upstream update 9.22 Modified: ghostscript/trunk/PKGBUILD Deleted: ghostscript/trunk/CVE-2017-8291.patch ---------------------+ CVE-2017-8291.patch | 132 -------------------------------------------------- PKGBUILD | 14 +---- 2 files changed, 5 insertions(+), 141 deletions(-) Deleted: CVE-2017-8291.patch =================================================================== --- CVE-2017-8291.patch 2017-10-05 18:14:49 UTC (rev 306855) +++ CVE-2017-8291.patch 2017-10-05 18:14:54 UTC (rev 306856) @@ -1,132 +0,0 @@ -From: Chris Liddell <[email protected]> -Date: Thu, 27 Apr 2017 12:03:33 +0000 (+0100) -Subject: Bug 697799: have .eqproc check its parameters -X-Git-Url: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff_plain;h=4f83478c88 - -Bug 697799: have .eqproc check its parameters - -The Ghostscript custom operator .eqproc was not check the number or type of -the parameters it was given. ---- - -diff --git a/psi/zmisc3.c b/psi/zmisc3.c -index 54b3042..37293ff 100644 ---- a/psi/zmisc3.c -+++ b/psi/zmisc3.c -@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p) - ref2_t stack[MAX_DEPTH + 1]; - ref2_t *top = stack; - -+ if (ref_stack_count(&o_stack) < 2) -+ return_error(gs_error_stackunderflow); -+ if (!r_is_array(op - 1) || !r_is_array(op)) { -+ return_error(gs_error_typecheck); -+ } -+ - make_array(&stack[0].proc1, 0, 1, op - 1); - make_array(&stack[0].proc2, 0, 1, op); - for (;;) { -From: Chris Liddell <[email protected]> -Date: Thu, 27 Apr 2017 12:21:31 +0000 (+0100) -Subject: Bug 697799: have .rsdparams check its parameters -X-Git-Url: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff_plain;h=04b37bbce1 - -Bug 697799: have .rsdparams check its parameters - -The Ghostscript internal operator .rsdparams wasn't checking the number or -type of the operands it was being passed. Do so. ---- - -diff --git a/psi/zfrsd.c b/psi/zfrsd.c -index 191107d..950588d 100644 ---- a/psi/zfrsd.c -+++ b/psi/zfrsd.c -@@ -49,13 +49,20 @@ zrsdparams(i_ctx_t *i_ctx_p) - ref *pFilter; - ref *pDecodeParms; - int Intent = 0; -- bool AsyncRead; -+ bool AsyncRead = false; - ref empty_array, filter1_array, parms1_array; - uint i; -- int code; -+ int code = 0; -+ -+ if (ref_stack_count(&o_stack) < 1) -+ return_error(gs_error_stackunderflow); -+ if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) { -+ return_error(gs_error_typecheck); -+ } - - make_empty_array(&empty_array, a_readonly); -- if (dict_find_string(op, "Filter", &pFilter) > 0) { -+ if (r_has_type(op, t_dictionary) -+ && dict_find_string(op, "Filter", &pFilter) > 0) { - if (!r_is_array(pFilter)) { - if (!r_has_type(pFilter, t_name)) - return_error(gs_error_typecheck); -@@ -94,12 +101,13 @@ zrsdparams(i_ctx_t *i_ctx_p) - return_error(gs_error_typecheck); - } - } -- code = dict_int_param(op, "Intent", 0, 3, 0, &Intent); -+ if (r_has_type(op, t_dictionary)) -+ code = dict_int_param(op, "Intent", 0, 3, 0, &Intent); - if (code < 0 && code != gs_error_rangecheck) /* out-of-range int is ok, use 0 */ - return code; -- if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0 -- ) -- return code; -+ if (r_has_type(op, t_dictionary)) -+ if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0) -+ return code; - push(1); - op[-1] = *pFilter; - if (pDecodeParms) - -From: Chris Liddell <[email protected]> -Date: Wed, 3 May 2017 11:05:45 +0000 (+0100) -Subject: Bug 697846: revision to commit 4f83478c88 (.eqproc) -X-Git-Url: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff_plain;h=57f20719 - -Bug 697846: revision to commit 4f83478c88 (.eqproc) - -When using the "DELAYBIND" feature, it turns out that .eqproc can be called with -parameters that are not both procedures. In this case, it turns out, the -expectation is for the operator to return 'false', rather than throw an error. ---- - -diff --git a/psi/zmisc3.c b/psi/zmisc3.c -index 37293ff..3f01d39 100644 ---- a/psi/zmisc3.c -+++ b/psi/zmisc3.c -@@ -38,6 +38,15 @@ zcliprestore(i_ctx_t *i_ctx_p) - return gs_cliprestore(igs); - } - -+static inline bool -+eqproc_check_type(ref *r) -+{ -+ return r_has_type(r, t_array) -+ || r_has_type(r, t_mixedarray) -+ || r_has_type(r, t_shortarray) -+ || r_has_type(r, t_oparray); -+} -+ - /* <proc1> <proc2> .eqproc <bool> */ - /* - * Test whether two procedures are equal to depth 10. -@@ -58,8 +67,10 @@ zeqproc(i_ctx_t *i_ctx_p) - - if (ref_stack_count(&o_stack) < 2) - return_error(gs_error_stackunderflow); -- if (!r_is_array(op - 1) || !r_is_array(op)) { -- return_error(gs_error_typecheck); -+ if (!eqproc_check_type(op -1) || !eqproc_check_type(op)) { -+ make_false(op - 1); -+ pop(1); -+ return 0; - } - - make_array(&stack[0].proc1, 0, 1, op - 1); - Modified: PKGBUILD =================================================================== --- PKGBUILD 2017-10-05 18:14:49 UTC (rev 306855) +++ PKGBUILD 2017-10-05 18:14:54 UTC (rev 306856) @@ -2,8 +2,8 @@ # Maintainer: AndyRTR <[email protected]> pkgname=ghostscript -pkgver=9.21 -pkgrel=3 +pkgver=9.22 +pkgrel=1 pkgdesc="An interpreter for the PostScript language" arch=('i686' 'x86_64') license=('AGPL' 'custom') @@ -14,20 +14,16 @@ 'gtk3: needed for gsx') url="http://www.ghostscript.com/"; source=(https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${pkgver/./}/ghostscript-${pkgver}.tar.xz - ghostscript-sys-zlib.patch - CVE-2017-8291.patch) + ghostscript-sys-zlib.patch) options=('!makeflags') # https://github.com/ArtifexSoftware/ghostpdl-downloads/releases -sha256sums=('2be1d014888a34187ad4bbec19ab5692cc943bd1cb14886065aeb43a3393d053' - 'c08c7e1354aaa243e753517c61ff86a799a49e0177c7bf6fe0029abc693386f6' - '9cf9b04c274eba318907807b24d813fdfd5e7e2f88352a4b88dfc728a5b1e6c3') +sha256sums=('c1f862e6f40f997dbe3feba89355e8cb05d55818994e10f4932b0dd9b627d1bb' + 'c08c7e1354aaa243e753517c61ff86a799a49e0177c7bf6fe0029abc693386f6') prepare() { cd ghostscript-${pkgver} # fix build with system zlib patch -Np1 -i ${srcdir}/ghostscript-sys-zlib.patch - # CVE-2017-8291; https://bugs.ghostscript.com/show_bug.cgi?id=697808 - patch -Np1 -i ${srcdir}/CVE-2017-8291.patch } build() {
