diff --git a/CVE-2023-38559.patch b/CVE-2023-38559.patch new file mode 100644 index 0000000000000000000000000000000000000000..fde0e2cfcab78d48d606b7471c952558ee3185c6 --- /dev/null +++ b/CVE-2023-38559.patch @@ -0,0 +1,27 @@ +From d81b82c70bc1fb9991bb95f1201abb5dea55f57f Mon Sep 17 00:00:00 2001 +From: Chris Liddell +Date: Mon, 17 Jul 2023 14:06:37 +0100 +Subject: [PATCH] Bug 706897: Copy pcx buffer overrun fix from + devices/gdevpcx.c + +Bounds check the buffer, before dereferencing the pointer. +--- + base/gdevdevn.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/base/gdevdevn.c b/base/gdevdevn.c +index 7b14d9c71..6351fb77a 100644 +--- a/base/gdevdevn.c ++++ b/base/gdevdevn.c +@@ -1983,7 +1983,7 @@ devn_pcx_write_rle(const byte * from, const byte * end, int step, gp_file * file + byte data = *from; + + from += step; +- if (data != *from || from == end) { ++ if (from >= end || data != *from) { + if (data >= 0xc0) + gp_fputc(0xc1, file); + } else { +-- +2.41.0.windows.3 + diff --git a/ghostscript.spec b/ghostscript.spec index bcbf08c19544be17ee1d7deffc3681af5361548f..05678012b25e0c86998a58da090a15bae09e4290 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -9,7 +9,7 @@ Name: ghostscript Version: 9.55.0 -Release: 2 +Release: 3 Summary: An interpreter for PostScript and PDF files License: AGPLv3+ URL: https://ghostscript.com/ @@ -18,6 +18,7 @@ Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases Patch0: ghostscript-9.23-100-run-dvipdf-securely.patch Patch1: backport-Bug-704405-Fix-typo-in-non-forked-lcms2-code.patch Patch2: backport-CVE-2022-2085.patch +Patch3: CVE-2023-38559.patch BuildRequires: automake gcc BuildRequires: adobe-mappings-cmap-devel adobe-mappings-pdf-devel @@ -178,6 +179,9 @@ install -m 0755 -d %{buildroot}%{_datadir}/%{name}/conf.d/ %{_bindir}/dvipdf %changelog +* Tue Aug 15 2023 liningjie - 9.55.0-3 +- fix CVE-2023-38559 + * Tue Jul 5 2022 panxiaohe - 9.55.0-2 - fix CVE-2022-2085