From a5dfd095bf5dea37665e4901e43417f6f1c5bfb9 Mon Sep 17 00:00:00 2001 From: Zhao Hang Date: Mon, 24 Jun 2024 14:03:48 +0800 Subject: [PATCH] update to ghostscript-9.54.0-16.src.rpm Signed-off-by: Zhao Hang --- dist | 2 +- ghostscript.spec | 136 +++++++++++++++++++++------------------- gs-cve-2024-33871.patch | 62 ++++++++++++++++++ 3 files changed, 135 insertions(+), 65 deletions(-) create mode 100644 gs-cve-2024-33871.patch diff --git a/dist b/dist index 0b1f29d..9b27344 100644 --- a/dist +++ b/dist @@ -1 +1 @@ -an9_3 +an9_4 diff --git a/ghostscript.spec b/ghostscript.spec index beb0dc6..07c536d 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -39,56 +39,56 @@ # ============================================================================= -Name: ghostscript -Summary: Interpreter for PostScript language & PDF -Version: 9.54.0 -Release: 14%{?dist} +Name: ghostscript +Summary: Interpreter for PostScript language & PDF +Version: 9.54.0 +Release: 16%{?dist} -License: AGPLv3+ +License: AGPLv3+ -URL: https://ghostscript.com/ -Source: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs%{version_short}/ghostscript-%{version}.tar.xz +URL: https://ghostscript.com/ +Source: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs%{version_short}/ghostscript-%{version}.tar.xz -Requires: libgs%{?_isa} = %{version}-%{release} -Requires: jbig2dec-libs = %{jbig2dec_version} -Requires: %{name}-tools-fonts%{?_isa} = %{version}-%{release} -Requires: %{name}-tools-printing%{?_isa} = %{version}-%{release} +Requires: libgs%{?_isa} = %{version}-%{release} +Requires: jbig2dec-libs = %{jbig2dec_version} +Requires: %{name}-tools-fonts%{?_isa} = %{version}-%{release} +Requires: %{name}-tools-printing%{?_isa} = %{version}-%{release} -Provides: ghostscript-core = %{version}-%{release} -Obsoletes: ghostscript-core < 9.53.3-6 +Provides: ghostscript-core = %{version}-%{release} +Obsoletes: ghostscript-core < 9.53.3-6 # Auxiliary build requirements: -BuildRequires: automake -BuildRequires: gcc -BuildRequires: git +BuildRequires: automake +BuildRequires: gcc +BuildRequires: git # Already packaged Resources -- needed to build package correctly: -BuildRequires: adobe-mappings-cmap-devel -BuildRequires: adobe-mappings-pdf-devel -BuildRequires: google-droid-sans-fonts -BuildRequires: urw-base35-fonts-devel +BuildRequires: adobe-mappings-cmap-devel +BuildRequires: adobe-mappings-pdf-devel +BuildRequires: google-droid-sans-fonts +BuildRequires: urw-base35-fonts-devel # Already packaged software -- needed for debundling of Ghostscript: -BuildRequires: cups-devel -BuildRequires: dbus-devel -BuildRequires: fontconfig-devel -BuildRequires: freetype-devel -BuildRequires: jbig2dec-devel = %{jbig2dec_version} -BuildRequires: jbig2dec-libs = %{jbig2dec_version} -BuildRequires: lcms2-devel -BuildRequires: libidn2-devel -BuildRequires: libijs-devel -BuildRequires: libjpeg-turbo-devel -BuildRequires: libpng-devel -BuildRequires: libpaper-devel -BuildRequires: libtiff-devel -BuildRequires: openjpeg2-devel -BuildRequires: zlib-devel +BuildRequires: cups-devel +BuildRequires: dbus-devel +BuildRequires: fontconfig-devel +BuildRequires: freetype-devel +BuildRequires: jbig2dec-devel = %{jbig2dec_version} +BuildRequires: jbig2dec-libs = %{jbig2dec_version} +BuildRequires: lcms2-devel +BuildRequires: libidn2-devel +BuildRequires: libijs-devel +BuildRequires: libjpeg-turbo-devel +BuildRequires: libpng-devel +BuildRequires: libpaper-devel +BuildRequires: libtiff-devel +BuildRequires: openjpeg2-devel +BuildRequires: zlib-devel # Enabling the GUI possibilities of Ghostscript: -BuildRequires: gtk3-devel -BuildRequires: libXt-devel -BuildRequires: make +BuildRequires: gtk3-devel +BuildRequires: libXt-devel +BuildRequires: make # ============================================================================= @@ -113,6 +113,8 @@ Patch008: ghostscript-9.54.0-CVE-2023-28879.patch Patch009: ghostscript-9.54.0-CVE-2023-36664.patch Patch010: ghostscript-9.54.0-CVE-2023-38559.patch Patch011: ghostscript-9.54.0-CVE-2023-43115.patch +# RHEL-39110 CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver library +Patch012: gs-cve-2024-33871.patch # Downstream patches -- these should be always included when doing rebase: # ------------------ @@ -140,12 +142,12 @@ of document pages, as well as conversions between different document formats. # Below requirements are resources, which are not detected by RPM automatically: %package -n libgs -Summary: Library providing Ghostcript's core functionality -Requires: adobe-mappings-cmap -Requires: adobe-mappings-cmap-deprecated -Requires: adobe-mappings-pdf -Requires: google-droid-sans-fonts -Requires: urw-base35-fonts +Summary: Library providing Ghostcript's core functionality +Requires: adobe-mappings-cmap +Requires: adobe-mappings-cmap-deprecated +Requires: adobe-mappings-pdf +Requires: google-droid-sans-fonts +Requires: urw-base35-fonts %description -n libgs This library provides Ghostscript's core functionality, based on Ghostscript's @@ -154,14 +156,14 @@ API, which is useful for many packages that are build on top of Ghostscript. # --------------- %package -n libgs-devel -Summary: Development files for Ghostscript's library -Requires: libgs%{?_isa} = %{version}-%{release} +Summary: Development files for Ghostscript's library +Requires: libgs%{?_isa} = %{version}-%{release} # This virtual provides is useful in case people get confused what *-devel # subpackage they should actually use (i.e. ghostscript-devel vss libgs-devel?). # By having this virtual provide both of the options above will work... -Provides: %{name}-devel = %{version}-%{release} -Provides: %{name}-devel%{?_isa} = %{version}-%{release} +Provides: %{name}-devel = %{version}-%{release} +Provides: %{name}-devel%{?_isa} = %{version}-%{release} %description -n libgs-devel This package contains development files that are useful for building packages @@ -178,9 +180,9 @@ against Ghostscript's library, which provides Ghostscript's core functionality. # more convenient (even for users) to have a direct requiremnt for the # executable instead of package. %package tools-dvipdf -Summary: Ghostscript's 'dvipdf' utility -Requires: %{name}%{?_isa} = %{version}-%{release} -Requires: /usr/bin/dvips +Summary: Ghostscript's 'dvipdf' utility +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: /usr/bin/dvips %description tools-dvipdf This package provides the utility 'dvipdf' for converting of TeX DVI files into @@ -189,8 +191,8 @@ PDF files using Ghostscript and dvips. # --------------- %package tools-fonts -Summary: Ghostscript's font utilities -Requires: %{name}%{?_isa} = %{version}-%{release} +Summary: Ghostscript's font utilities +Requires: %{name}%{?_isa} = %{version}-%{release} %description tools-fonts This package provides utilities which are useful when you are working with AFM, @@ -199,8 +201,8 @@ PFB or PFA files, mostly for conversion purposes. # --------------- %package tools-printing -Summary: Ghostscript's printing utilities -Requires: %{name}%{?_isa} = %{version}-%{release} +Summary: Ghostscript's printing utilities +Requires: %{name}%{?_isa} = %{version}-%{release} %description tools-printing This package provides utilities for formatting and printing text files using @@ -212,8 +214,8 @@ Hint Stream of a linearized PDF file. # --------------- %package gtk -Summary: Ghostscript's GTK-based document renderer -Requires: libgs%{?_isa} = %{version}-%{release} +Summary: Ghostscript's GTK-based document renderer +Requires: libgs%{?_isa} = %{version}-%{release} %description gtk This package provides GTK-based utility 'gsx', which can be used for displaying @@ -222,8 +224,8 @@ of various document files (including PS and PDF). # --------------- %package x11 -Summary: Ghostscript's X11-based driver for document rendering -Requires: %{name}%{?_isa} = %{version}-%{release} +Summary: Ghostscript's X11-based driver for document rendering +Requires: %{name}%{?_isa} = %{version}-%{release} %description x11 This package provides X11-based driver for Ghostscript, which enables displaying @@ -232,9 +234,9 @@ of various document files (including PS and PDF). # --------------- %package doc -Summary: Documentation files for Ghostscript -Requires: %{name} = %{version}-%{release} -BuildArch: noarch +Summary: Documentation files for Ghostscript +Requires: %{name} = %{version}-%{release} +BuildArch: noarch %description doc This package provides detailed documentation files for Ghostscript software. @@ -446,9 +448,15 @@ done # ============================================================================= %changelog -* Thu Oct 12 2023 Richard Lescak - 9.54.0-14 +* Thu Jun 13 2024 Zdenek Dohnal - 9.54.0-16 +- RHEL-39110 fix regression discovered in OPVP device + +* Fri Jun 07 2024 Zdenek Dohnal - 9.54.0-15 +- RHEL-39110 CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver library + +* Fri Oct 27 2023 Richard Lescak - 9.54.0-14 - fix for CVE-2023-43115 -- Resolves: RHEL-10184 +- Resolves: RHEL-10185 * Fri Aug 04 2023 Richard Lescak - 9.54.0-13 - fix for CVE-2023-38559 diff --git a/gs-cve-2024-33871.patch b/gs-cve-2024-33871.patch new file mode 100644 index 0000000..1118715 --- /dev/null +++ b/gs-cve-2024-33871.patch @@ -0,0 +1,62 @@ +diff --git a/contrib/opvp/gdevopvp.c b/contrib/opvp/gdevopvp.c +index 70475ad..013a497 100644 +--- a/contrib/opvp/gdevopvp.c ++++ b/contrib/opvp/gdevopvp.c +@@ -185,7 +185,7 @@ static int opvp_copy_color(gx_device *, const byte *, int, int, + static int _get_params(gs_param_list *); + static int opvp_get_params(gx_device *, gs_param_list *); + static int oprp_get_params(gx_device *, gs_param_list *); +-static int _put_params(gs_param_list *); ++static int _put_params(gx_device *, gs_param_list *); + static int opvp_put_params(gx_device *, gs_param_list *); + static int oprp_put_params(gx_device *, gs_param_list *); + static int opvp_fill_path(gx_device *, const gs_gstate *, gx_path *, +@@ -3043,7 +3043,7 @@ _get_params(gs_param_list *plist) + /* vector driver name */ + pname = "Driver"; + vdps.data = (byte *)vectorDriver; +- vdps.size = (vectorDriver ? strlen(vectorDriver) + 1 : 0); ++ vdps.size = (vectorDriver ? strlen(vectorDriver) : 0); + vdps.persistent = false; + code = param_write_string(plist, pname, &vdps); + if (code) ecode = code; +@@ -3180,7 +3180,7 @@ oprp_get_params(gx_device *dev, gs_param_list *plist) + * put params + */ + static int +-_put_params(gs_param_list *plist) ++_put_params(gx_device *dev, gs_param_list *plist) + { + int code; + int ecode = 0; +@@ -3202,6 +3202,12 @@ _put_params(gs_param_list *plist) + code = param_read_string(plist, pname, &vdps); + switch (code) { + case 0: ++ if (gs_is_path_control_active(dev->memory) ++ && (!vectorDriver || strlen(vectorDriver) != vdps.size ++ || memcmp(vectorDriver, vdps.data, vdps.size) != 0)) { ++ param_signal_error(plist, pname, gs_error_invalidaccess); ++ return_error(gs_error_invalidaccess); ++ } + buff = realloc(buff, vdps.size + 1); + memcpy(buff, vdps.data, vdps.size); + buff[vdps.size] = 0; +@@ -3403,7 +3409,7 @@ opvp_put_params(gx_device *dev, gs_param_list *plist) + int code; + + /* put params */ +- code = _put_params(plist); ++ code = _put_params(dev, plist); + if (code) return code; + + /* put default params */ +@@ -3419,7 +3425,7 @@ oprp_put_params(gx_device *dev, gs_param_list *plist) + int code; + + /* put params */ +- code = _put_params(plist); ++ code = _put_params(dev, plist); + if (code) return code; + + /* put default params */ -- Gitee