Patch release to address security bugs: CVE-2024-33869 CVE-2023-52722 CVE-2024-33870 CVE-2024-33871 CVE-2024-29510
- add a patch to fix: | ./pdf/pdf_sec.c:186:25: error: assignment to 'char **' from incompatible pointer type 'char *' [-Wincompatible-pointer-types] | 186 | NewPassword = Password; | | ^ | ./pdf/pdf_sec.c:187:20: error: assignment to 'int *' from 'int' makes pointer from integer without a cast [-Wint-conversion] | 187 | NewLen = Len; | | ^ | make: *** [pdf/pdf.mak:169: obj/pdf_sec.o] Error 1 Patchstatus still pending. Is this the right thing to do? Signed-off-by: Markus Volk <[email protected]> --- .../ghostscript/fix-int-conversion.patch | 16 ++++++++++++++++ ...tscript_10.03.0.bb => ghostscript_10.03.1.bb} | 3 ++- 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-extended/ghostscript/ghostscript/fix-int-conversion.patch rename meta/recipes-extended/ghostscript/{ghostscript_10.03.0.bb => ghostscript_10.03.1.bb} (95%) diff --git a/meta/recipes-extended/ghostscript/ghostscript/fix-int-conversion.patch b/meta/recipes-extended/ghostscript/ghostscript/fix-int-conversion.patch new file mode 100644 index 0000000000..58403a5260 --- /dev/null +++ b/meta/recipes-extended/ghostscript/ghostscript/fix-int-conversion.patch @@ -0,0 +1,16 @@ +Upstream-Status: Pending +Signed-off-by: Markus Volk <[email protected]> + +--- a/pdf/pdf_sec.c 2024-05-02 11:45:25.000000000 +0200 ++++ b/pdf/pdf_sec.c 2024-05-27 17:42:26.695957128 +0200 +@@ -183,8 +183,8 @@ + * this easy: the errors we want to ignore are the ones with + * codes less than 100. */ + if ((int)err < 100) { +- NewPassword = Password; +- NewLen = Len; ++ NewPassword = (char **)Password; ++ NewLen = (int *)Len; + return 0; + } + diff --git a/meta/recipes-extended/ghostscript/ghostscript_10.03.0.bb b/meta/recipes-extended/ghostscript/ghostscript_10.03.1.bb similarity index 95% rename from meta/recipes-extended/ghostscript/ghostscript_10.03.0.bb rename to meta/recipes-extended/ghostscript/ghostscript_10.03.1.bb index ff7d38676e..3df0caff72 100644 --- a/meta/recipes-extended/ghostscript/ghostscript_10.03.0.bb +++ b/meta/recipes-extended/ghostscript/ghostscript_10.03.1.bb @@ -25,9 +25,10 @@ def gs_verdir(v): SRC_URI = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${@gs_verdir("${PV}")}/${BPN}-${PV}.tar.gz \ file://ghostscript-9.16-Werror-return-type.patch \ file://avoid-host-contamination.patch \ + file://fix-int-conversion.patch \ " -SRC_URI[sha256sum] = "6f2bc61023469fcf7c7c2d7f1bdd75b75f2b41836aa1d5e641396246d4abbb59" +SRC_URI[sha256sum] = "31cd01682ad23a801cc3bbc222a55f07c4ea3e068bdfb447792d54db21a2e8ad" PACKAGECONFIG ??= "" PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+3" -- 2.44.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199906): https://lists.openembedded.org/g/openembedded-core/message/199906 Mute This Topic: https://lists.openembedded.org/mt/106332808/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
