From 850ccb1a4c1ff738ff40835b84e978015ca5c626 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9D=8E=E5=AE=81=E6=9D=B0?= Date: Fri, 1 Nov 2024 09:18:06 +0000 Subject: [PATCH] Fix CVE-2024-46951 --- backport-CVE-2024-46951.patch | 31 +++++++++++++++++++++++++++++++ ghostscript.spec | 10 +++++++++- 2 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 backport-CVE-2024-46951.patch diff --git a/backport-CVE-2024-46951.patch b/backport-CVE-2024-46951.patch new file mode 100644 index 0000000..926c0aa --- /dev/null +++ b/backport-CVE-2024-46951.patch @@ -0,0 +1,31 @@ +From ada21374f0c90cc3acf7ce0e96302394560c7aee Mon Sep 17 00:00:00 2001 +From: Zdenek Hutyra +Date: Fri, 30 Aug 2024 13:16:39 +0100 +Subject: [PATCH] PS interpreter - check the type of the Pattern Implementation + +Bug #707991 + +See bug report for details. + +CVE-2024-46951 +--- + psi/zcolor.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/psi/zcolor.c b/psi/zcolor.c +index d4e7a4438..d3384d75d 100644 +--- a/psi/zcolor.c ++++ b/psi/zcolor.c +@@ -5276,6 +5276,9 @@ static int patterncomponent(i_ctx_t * i_ctx_p, ref *space, int *n) + code = array_get(imemory, pImpl, 0, &pPatInst); + if (code < 0) + return code; ++ ++ if (!r_is_struct(&pPatInst) || (!r_has_stype(&pPatInst, imemory, st_pattern1_instance) && !r_has_stype(&pPatInst, imemory, st_pattern2_instance))) ++ return_error(gs_error_typecheck); + cc.pattern = r_ptr(&pPatInst, gs_pattern_instance_t); + if (pattern_instance_uses_base_space(cc.pattern)) + *n = n_comps; +-- +2.34.1 + diff --git a/ghostscript.spec b/ghostscript.spec index 8d0bd49..61e50a4 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -9,7 +9,7 @@ Name: ghostscript Version: 9.56.1 -Release: 10 +Release: 11 Summary: An interpreter for PostScript and PDF files License: AGPLv3+ URL: https://ghostscript.com/ @@ -66,6 +66,7 @@ Patch116: Bug-707510-fix-LIBIDN-usage.patch Patch117: fix-CVE-2024-33869-second.patch Patch118: backport-CVE-2024-46953.patch Patch119: backport-CVE-2024-46956.patch +Patch120: backport-CVE-2024-46951.patch BuildRequires: automake gcc BuildRequires: adobe-mappings-cmap-devel adobe-mappings-pdf-devel @@ -153,6 +154,7 @@ PDF files using Ghostscript and dvips %patch117 -p1 %patch118 -p1 %patch119 -p1 +%patch120 -p1 # Libraries that we already have packaged(see Build Requirements): rm -rf cups/libs freetype ijs jbig2dec jpeg lcms2* libpng openjpeg tiff zlib @@ -246,6 +248,12 @@ install -m 0755 -d %{buildroot}%{_datadir}/%{name}/conf.d/ %{_bindir}/dvipdf %changelog +* Fri Nov 01 2024 liningjie - 9.56.1-11 +- Type:CVE +- ID:NA +- SUG:NA +- DECS: Fix CVE-2024-46951 + * Fri Oct 25 2024 liningjie - 9.56.1-10 - Type:CVE - ID:NA -- Gitee