From 977894cd093f77704886a0c88528369e47543f57 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Mar 02 2017 15:23:45 +0000 Subject: import ghostscript-9.07-20.el7_3.3 --- diff --git a/SOURCES/ghostscript-handle-glyphdirectory-array.patch b/SOURCES/ghostscript-handle-glyphdirectory-array.patch new file mode 100644 index 0000000..24266b0 --- /dev/null +++ b/SOURCES/ghostscript-handle-glyphdirectory-array.patch @@ -0,0 +1,52 @@ +From a59a4a809dc1b68cc590f9017f466f6dcfc20b3b Mon Sep 17 00:00:00 2001 +From: Chris Liddell +Date: Thu, 3 Nov 2016 13:09:27 +0000 +Subject: [PATCH] Bug 697286: handle GlyphDirectory as an array + +For high level devices that need to copy CIDFonts, we need to establish the +highest CID in a given CIDFont. If the font has a GlyphDirectory dictionary +the only way to do so is to iterate through the keys to find the highest. + +The code handling this ignored that the GlyphDirectory could be an array, +which confused the dictionary content iterator, and caused a segfault. + +In the case of an array, set the high CID to the highest index available in the +array. +--- + psi/zfcid.c | 18 +++++++++++------- + 1 file changed, 11 insertions(+), 7 deletions(-) + +diff --git a/psi/zfcid.c b/psi/zfcid.c +index d3ff274..fb8792d 100644 +--- a/psi/zfcid.c ++++ b/psi/zfcid.c +@@ -76,15 +76,19 @@ cid_font_data_param(os_ptr op, gs_font_cid_data *pdata, ref *pGlyphDirectory) + * the number of CIDs in the font. We need to know the maximum CID + * when copying fonts, so calculate and store it now. + */ +- index = dict_first(pgdir); +- while (index >= 0) { +- index = dict_next(pgdir, index, (ref *)&element); +- if (index >= 0) { +- if (element[0].value.intval > pdata->MaxCID) +- pdata->MaxCID = element[0].value.intval; ++ if (r_has_type(pgdir, t_dictionary)) { ++ index = dict_first(pgdir); ++ while (index >= 0) { ++ index = dict_next(pgdir, index, (ref *)&element); ++ if (index >= 0) { ++ if (element[0].value.intval > pdata->MaxCID) ++ pdata->MaxCID = element[0].value.intval; ++ } + } + } +- ++ else { ++ pdata->MaxCID = r_size(pgdir) - 1; ++ } + return code; + } else { + return_error(e_typecheck); +-- +2.9.3 + diff --git a/SPECS/ghostscript.spec b/SPECS/ghostscript.spec index 7327831..441ff3b 100644 --- a/SPECS/ghostscript.spec +++ b/SPECS/ghostscript.spec @@ -5,7 +5,7 @@ Summary: A PostScript interpreter and renderer Name: ghostscript Version: %{gs_ver} -Release: 20%{?dist}.1 +Release: 20%{?dist}.3 # Included CMap data is Redistributable, no modification permitted, # see http://bugzilla.redhat.com/487510 @@ -43,6 +43,7 @@ Patch19: ghostscript-import-lcms2-2.6-changes.patch Patch20: ghostscript-hanging-in-convert.patch Patch21: ghostscript-check-icc-profile-errors.patch Patch22: ghostscript-cups-icc-profile.patch +Patch28: ghostscript-handle-glyphdirectory-array.patch # Security patches: # ----------------- @@ -214,6 +215,9 @@ rm -rf expat freetype icclib jasper jpeg lcms lcms2 libpng openjpeg zlib cups/li # check for sufficient params in .sethalftone5 (bug #1383940) %patch27 -p1 +# Fix of SIGSEGV when processing GlyphDirectory (bug #1390847) +%patch28 -p1 + # Remove pdfopt man pages which were mistakenly left in (bug #963882). rm man/{de/,}pdfopt.1 @@ -413,7 +417,13 @@ rm -rf $RPM_BUILD_ROOT %{_libdir}/libgs.so %changelog -* Thu Nov 3 2016 David Kaspar [Dee'Kej] - 9.07-20_1 +* Fri Jan 20 2017 David Kaspar [Dee'Kej] - 9.07-20.el7_3.3 +- bogus date in previous changelog entry fixed + +* Mon Jan 16 2017 David Kaspar [Dee'Kej] - 9.07-20.el7_3.2 +- Fix of SIGSEGV in cid_font_data_param when using ps2pdf (bug #1412606) + +* Thu Nov 3 2016 David Kaspar [Dee'Kej] - 9.07-20.el7_3.1 - Added security fixes for: - CVE-2013-5653 (bug #1380327) - CVE-2016-7977 (bug #1380415)