openembedded-core.git/meta/recipes-extended/ghostscript/files, branch thud Mirror of openembedded-core ghostscript: 9.25 -> 9.26 2019-01-08T20:12:07+00:00 Hongxu Jia hongxu.jia@windriver.com 2018-11-28T07:02:54+00:00 c62b64e771eb27089738a153ee61d34cdf6441ab - Drop backported CVE fixes 000[1-8]*.patch (From OE-Core rev: f30bd6bf01dbf81f0872382be44d507fb981f953) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> 
- Drop backported CVE fixes
  000[1-8]*.patch

(From OE-Core rev: f30bd6bf01dbf81f0872382be44d507fb981f953)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
ghostscript: fix CVE-2018-18284 2018-11-06T11:54:30+00:00 Hongxu Jia hongxu.jia@windriver.com 2018-11-05T08:03:37+00:00 98ab5c5770d20b39bf3c58083f31f31838f2e940 Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a
sandbox protection mechanism via vectors involving the 1Policy
operator.

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ghostscript: fix CVE-2018-18073 2018-11-06T11:54:30+00:00 Hongxu Jia hongxu.jia@windriver.com 2018-11-05T08:03:36+00:00 6098c19e1f179896af7013c4b5db3081549c97bc Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Artifex Ghostscript allows attackers to bypass a sandbox protection
mechanism by leveraging exposure of system operators in the saved
execution stack in an error object.

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ghostscript: fix CVE-2018-17961 2018-11-06T11:54:30+00:00 Hongxu Jia hongxu.jia@windriver.com 2018-11-05T08:03:35+00:00 6c32ea184941d292cd8f0eb898e6cc90120ada40 Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a
sandbox protection mechanism via vectors involving errorhandler
setup. NOTE: this issue exists because of an incomplete fix for
CVE-2018-17183.

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ghostscript: 9.21 -> 9.23 2018-05-04T08:54:49+00:00 Hongxu Jia hongxu.jia@windriver.com 2018-03-30T08:50:33+00:00 f8b4636472c6784fb78ca09a7dd7ebe53011f631 1. Drop backported patches - CVE-2017-7207.patch - CVE-2017-5951.patch - CVE-2017-7975.patch - CVE-2017-9216.patch - CVE-2017-9611.patch - CVE-2017-9612.patch - CVE-2017-9739.patch - CVE-2017-9726.patch - CVE-2017-9727.patch - CVE-2017-9835.patch - CVE-2017-11714.patch 2. Rebase to 9.23 - ghostscript-9.15-parallel-make.patch - ghostscript-9.16-Werror-return-type.patch - do-not-check-local-libpng-source.patch - avoid-host-contamination.patch - mkdir-p.patch - ghostscript-9.21-prevent_recompiling.patch - ghostscript-9.02-genarch.patch - cups-no-gcrypt.patch - ghostscript-9.21-native-fix-disable-system-libtiff.patch - base-genht.c-add-a-preprocessor-define-to-allow-fope.patch 3. Add packps from (native to target) to support cross compiling. 4. Add remove-direct-symlink.patch to fix do_populate_sysroot failure Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
1. Drop backported patches
- CVE-2017-7207.patch
- CVE-2017-5951.patch
- CVE-2017-7975.patch
- CVE-2017-9216.patch
- CVE-2017-9611.patch
- CVE-2017-9612.patch
- CVE-2017-9739.patch
- CVE-2017-9726.patch
- CVE-2017-9727.patch
- CVE-2017-9835.patch
- CVE-2017-11714.patch

2. Rebase to 9.23
- ghostscript-9.15-parallel-make.patch
- ghostscript-9.16-Werror-return-type.patch
- do-not-check-local-libpng-source.patch
- avoid-host-contamination.patch
- mkdir-p.patch
- ghostscript-9.21-prevent_recompiling.patch
- ghostscript-9.02-genarch.patch
- cups-no-gcrypt.patch
- ghostscript-9.21-native-fix-disable-system-libtiff.patch
- base-genht.c-add-a-preprocessor-define-to-allow-fope.patch

3. Add packps from (native to target) to support cross compiling.

4. Add remove-direct-symlink.patch to fix
   do_populate_sysroot failure

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ghostscript: upgrade to 9.19 2016-06-14T11:56:33+00:00 Hongxu Jia hongxu.jia@windriver.com 2016-06-13T09:16:27+00:00 227ca0a373b5a93602a419296ff1da1a96615ba2 - Ghostscript and GhostPDL releases from version 9.19 have been moved to GitHub hosting, tweak download site - Drop 0001-Bug-696497-Fix-support-for-building-with-no-jbig2-de.patch, and 0002-Bug-696497-part-2-fix-support-for-building-with-a-JP.patch, ghostscript 9.19 has fixed them. - Fix QA Warning unrecognised options: --enable-little-endian. It use AC_C_BIGENDIAN to detect big/little endian. http://www.delorie.com/gnu/docs/autoconf/autoconf_64.html Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
- Ghostscript and GhostPDL releases from version 9.19 have been moved to GitHub
  hosting, tweak download site

- Drop 0001-Bug-696497-Fix-support-for-building-with-no-jbig2-de.patch, and
  0002-Bug-696497-part-2-fix-support-for-building-with-a-JP.patch, ghostscript
  9.19 has fixed them.

- Fix QA Warning unrecognised options: --enable-little-endian. It use AC_C_BIGENDIAN
  to detect big/little endian.
  http://www.delorie.com/gnu/docs/autoconf/autoconf_64.html

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ghostscript: 9.16 -> 9.18 2016-03-09T16:54:37+00:00 Hongxu Jia hongxu.jia@windriver.com 2016-02-29T19:41:42+00:00 c7da39c43fc20e634c45212151400c663b39399a - Backport patches to fix build failure caused by '--without-jbig2dec' and '--without-jbig2dec'. ... |make[1]: *** No rule to make target `obj/sjbig2_.dev', needed by `obj/sjbig2.dev'. Stop. ... http://bugs.ghostscript.com/show_bug.cgi?id=696497 - Previously, it did not build the whole local libpng source in ghostscript, only picked up specific files and compile them. But on ghostscript 9.18, when the arm's FPU has been set to NEON (-mfpu=neon * with GCC), the selected file "libpng/pngrutil.c" needs to link 'png_init_filter_functions_neon' which should be compiled by a non-selected file "libpng/arm/arm_init.c". ... |./obj/pngrutil.o: In function `png_init_filter_functions': |armv7a-neon-poky-linux-gnueabi/ghostscript/9.18-r0/build/../ ghostscript-9.18/libpng/pngrutil.c:3921: undefined reference to `png_init_filter_functions_neon' ... So do not compile local libpng source in ghostscript, use shared libpng to instead. Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
- Backport patches to fix build failure caused by
  '--without-jbig2dec' and '--without-jbig2dec'.
  ...
  |make[1]: *** No rule to make target `obj/sjbig2_.dev',
  needed by `obj/sjbig2.dev'.  Stop.
  ...
  http://bugs.ghostscript.com/show_bug.cgi?id=696497

- Previously, it did not build the whole local libpng
  source in ghostscript, only picked up specific files
  and compile them. But on ghostscript 9.18, when the
  arm's FPU has been set to NEON (-mfpu=neon * with GCC),
  the selected file "libpng/pngrutil.c" needs to link
  'png_init_filter_functions_neon' which should be
  compiled by a non-selected file "libpng/arm/arm_init.c".
  ...
  |./obj/pngrutil.o: In function `png_init_filter_functions':
  |armv7a-neon-poky-linux-gnueabi/ghostscript/9.18-r0/build/../
  ghostscript-9.18/libpng/pngrutil.c:3921: undefined reference to
  `png_init_filter_functions_neon'
  ...
  So do not compile local libpng source in ghostscript,
  use shared libpng to instead.

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>