summaryrefslogtreecommitdiff
path: root/meta/recipes-extended/ghostscript/files
AgeCommit message (Collapse)AuthorFiles
2019-01-08ghostscript: 9.25 -> 9.26Hongxu Jia8
- Drop backported CVE fixes 000[1-8]*.patch (From OE-Core rev: f30bd6bf01dbf81f0872382be44d507fb981f953) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-11-06ghostscript: fix CVE-2018-18284Hongxu Jia1
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-11-06ghostscript: fix CVE-2018-18073Hongxu Jia2
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-11-06ghostscript: fix CVE-2018-17961Hongxu Jia5
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-05-04ghostscript: 9.21 -> 9.23Hongxu Jia1
1. Drop backported patches - CVE-2017-7207.patch - CVE-2017-5951.patch - CVE-2017-7975.patch - CVE-2017-9216.patch - CVE-2017-9611.patch - CVE-2017-9612.patch - CVE-2017-9739.patch - CVE-2017-9726.patch - CVE-2017-9727.patch - CVE-2017-9835.patch - CVE-2017-11714.patch 2. Rebase to 9.23 - ghostscript-9.15-parallel-make.patch - ghostscript-9.16-Werror-return-type.patch - do-not-check-local-libpng-source.patch - avoid-host-contamination.patch - mkdir-p.patch - ghostscript-9.21-prevent_recompiling.patch - ghostscript-9.02-genarch.patch - cups-no-gcrypt.patch - ghostscript-9.21-native-fix-disable-system-libtiff.patch - base-genht.c-add-a-preprocessor-define-to-allow-fope.patch 3. Add packps from (native to target) to support cross compiling. 4. Add remove-direct-symlink.patch to fix do_populate_sysroot failure Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-06-14ghostscript: upgrade to 9.19Hongxu Jia3
- Ghostscript and GhostPDL releases from version 9.19 have been moved to GitHub hosting, tweak download site - Drop 0001-Bug-696497-Fix-support-for-building-with-no-jbig2-de.patch, and 0002-Bug-696497-part-2-fix-support-for-building-with-a-JP.patch, ghostscript 9.19 has fixed them. - Fix QA Warning unrecognised options: --enable-little-endian. It use AC_C_BIGENDIAN to detect big/little endian. http://www.delorie.com/gnu/docs/autoconf/autoconf_64.html Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-03-09ghostscript: 9.16 -> 9.18Hongxu Jia3
- Backport patches to fix build failure caused by '--without-jbig2dec' and '--without-jbig2dec'. ... |make[1]: *** No rule to make target `obj/sjbig2_.dev', needed by `obj/sjbig2.dev'. Stop. ... http://bugs.ghostscript.com/show_bug.cgi?id=696497 - Previously, it did not build the whole local libpng source in ghostscript, only picked up specific files and compile them. But on ghostscript 9.18, when the arm's FPU has been set to NEON (-mfpu=neon * with GCC), the selected file "libpng/pngrutil.c" needs to link 'png_init_filter_functions_neon' which should be compiled by a non-selected file "libpng/arm/arm_init.c". ... |./obj/pngrutil.o: In function `png_init_filter_functions': |armv7a-neon-poky-linux-gnueabi/ghostscript/9.18-r0/build/../ ghostscript-9.18/libpng/pngrutil.c:3921: undefined reference to `png_init_filter_functions_neon' ... So do not compile local libpng source in ghostscript, use shared libpng to instead. Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-20 15:53:08 +0000