From 99406d9b684ec60384dc29d850905dd517fb9790 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Mon, 20 Jan 2020 18:11:38 +0100 Subject: [PATCH] gnu: ghostscript: Fix CVE-2019-14869. * gnu/packages/patches/ghostscript-CVE-2019-14869.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/ghostscript.scm (ghostscript)[source](patches): Add it. --- gnu/local.mk | 1 + gnu/packages/ghostscript.scm | 3 +- .../patches/ghostscript-CVE-2019-14869.patch | 48 +++++++++++++++++++ 3 files changed, 51 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/ghostscript-CVE-2019-14869.patch diff --git a/gnu/local.mk b/gnu/local.mk index b6a717820b..6958cc6af0 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -910,6 +910,7 @@ dist_patch_DATA = \ %D%/packages/patches/ghc-monad-par-fix-tests.patch \ %D%/packages/patches/ghc-pandoc-fix-html-tests.patch \ %D%/packages/patches/ghc-pandoc-fix-latex-test.patch \ + %D%/packages/patches/ghostscript-CVE-2019-14869.patch \ %D%/packages/patches/ghostscript-no-header-id.patch \ %D%/packages/patches/ghostscript-no-header-uuid.patch \ %D%/packages/patches/ghostscript-no-header-creationdate.patch \ diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm index c63fc2f9f9..84c6985bde 100644 --- a/gnu/packages/ghostscript.scm +++ b/gnu/packages/ghostscript.scm @@ -170,7 +170,8 @@ printing, and psresize, for adjusting page sizes.") (sha256 (base32 "1m770dwc82afdgzgq2kar3120r1lbybm3mssdm79f8kggf0v16yv")) - (patches (search-patches "ghostscript-no-header-creationdate.patch" + (patches (search-patches "ghostscript-CVE-2019-14869.patch" + "ghostscript-no-header-creationdate.patch" "ghostscript-no-header-id.patch" "ghostscript-no-header-uuid.patch")) (modules '((guix build utils))) diff --git a/gnu/packages/patches/ghostscript-CVE-2019-14869.patch b/gnu/packages/patches/ghostscript-CVE-2019-14869.patch new file mode 100644 index 0000000000..d80fba0594 --- /dev/null +++ b/gnu/packages/patches/ghostscript-CVE-2019-14869.patch @@ -0,0 +1,48 @@ +Fix CVE-2019-14869: + +https://nvd.nist.gov/vuln/detail/CVE-2019-14869 + +Patch taken from upstream: + +https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=485904772c5f0aa1140032746e5a0abfc40f4cef + +diff --git a/Resource/Init/gs_ttf.ps b/Resource/Init/gs_ttf.ps +index 74043d1..6be8fe9 100644 +--- a/Resource/Init/gs_ttf.ps ++++ b/Resource/Init/gs_ttf.ps +@@ -1304,7 +1304,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef + TTFDEBUG { (\n1 setting alias: ) print dup ==only + ( to be the same as ) print 2 index //== exec } if + +- 7 index 2 index 3 -1 roll exch .forceput ++ 7 index 2 index 3 -1 roll exch put + } forall + pop pop pop + } +@@ -1322,7 +1322,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef + exch pop + TTFDEBUG { (\n2 setting alias: ) print 1 index ==only + ( to use glyph index: ) print dup //== exec } if +- 5 index 3 1 roll .forceput ++ 5 index 3 1 roll put + //false + } + { +@@ -1339,7 +1339,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef + { % CharStrings(dict) isunicode(boolean) cmap(dict) RAGL(dict) gname(name) codep(integer) gindex(integer) + TTFDEBUG { (\3 nsetting alias: ) print 1 index ==only + ( to be index: ) print dup //== exec } if +- exch pop 5 index 3 1 roll .forceput ++ exch pop 5 index 3 1 roll put + } + { + pop pop +@@ -1369,7 +1369,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef + } ifelse + ] + TTFDEBUG { (Encoding: ) print dup === flush } if +-} .bind executeonly odef % hides .forceput ++} .bind odef + + % ---------------- CIDFontType 2 font loading ---------------- % + -- 2.20.1