diff --git a/backport-CVE-2023-46751.patch b/backport-CVE-2023-46751.patch new file mode 100644 index 0000000000000000000000000000000000000000..1e0c31f176192715c0d53289555d53e70f38445b --- /dev/null +++ b/backport-CVE-2023-46751.patch @@ -0,0 +1,43 @@ +From 5d2da96e81c7455338302c71a291088a8396245a Mon Sep 17 00:00:00 2001 +From: Chris Liddell +Date: Mon, 16 Oct 2023 16:49:40 +0100 +Subject: [PATCH] Bug 707264: Fix tiffsep(1) requirement for seekable output + files + +In the device initialization redesign, tiffsep and tiffsep1 lost the requirement +for the output files to be seekable. + +Fixing that highlighted a problem with the error handling in +gdev_prn_open_printer_seekable() where closing the erroring file would leave a +dangling pointer, and lead to a crash. +--- + base/gdevprn.c | 1 + + devices/gdevtsep.c | 1 + + 2 files changed, 2 insertions(+) + +diff --git a/base/gdevprn.c b/base/gdevprn.c +index 0491a3c6c..033632387 100644 +--- a/base/gdevprn.c ++++ b/base/gdevprn.c +@@ -1271,6 +1271,7 @@ gdev_prn_open_printer_seekable(gx_device *pdev, bool binary_mode, + && !IS_LIBCTX_STDERR(pdev->memory, gp_get_file(ppdev->file))) { + + code = gx_device_close_output_file(pdev, ppdev->fname, ppdev->file); ++ ppdev->file = NULL; + if (code < 0) + return code; + } +diff --git a/devices/gdevtsep.c b/devices/gdevtsep.c +index 7fd3c5518..f7a1b174b 100644 +--- a/devices/gdevtsep.c ++++ b/devices/gdevtsep.c +@@ -737,6 +737,7 @@ tiffsep_initialize_device_procs(gx_device *dev) + { + gdev_prn_initialize_device_procs(dev); + ++ set_dev_proc(dev, output_page, gdev_prn_output_page_seekable); + set_dev_proc(dev, open_device, tiffsep_prn_open); + set_dev_proc(dev, close_device, tiffsep_prn_close); + set_dev_proc(dev, map_color_rgb, tiffsep_decode_color); +-- +2.34.1 diff --git a/ghostscript.spec b/ghostscript.spec index 39bb85d96b340a9be2049b0021315fa8b44e5d3f..b40ee881d982a25af24e3a5b644d4da26e1ba98f 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -9,7 +9,7 @@ Name: ghostscript Version: 9.55.0 -Release: 6 +Release: 7 Summary: An interpreter for PostScript and PDF files License: AGPLv3+ URL: https://ghostscript.com/ @@ -22,6 +22,7 @@ Patch3: CVE-2023-38559.patch Patch4: CVE-2023-28879.patch Patch5: CVE-2023-36664.patch Patch6: backport-CVE-2023-43115-Bug707051-IJS-device-try-and-secure-the-IJS-server-startup.patch +Patch7: backport-CVE-2023-46751.patch BuildRequires: automake gcc BuildRequires: adobe-mappings-cmap-devel adobe-mappings-pdf-devel @@ -182,6 +183,12 @@ install -m 0755 -d %{buildroot}%{_datadir}/%{name}/conf.d/ %{_bindir}/dvipdf %changelog +* Mon Dec 25 2023 liningjie - 9.55.0-7 +- Type:CVE +- ID:CVE-2023-46751 +- SUG:NA +- DESC:fix CVE-2023-46751 + * Fri Sep 22 2023 dillon chen - 9.55.0-6 - Type:CVE - ID:CVE-2023-43115