Bug 237390 - [exp-run] print/ghostscript9-agpl-base: update to 9.27
Summary: [exp-run] print/ghostscript9-agpl-base: update to 9.27
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Tijl Coosemans
URL:
Keywords:
Depends on: 237765
Blocks:
  Show dependency treegraph
 
Reported: 2019-04-19 15:48 UTC by Tijl Coosemans
Modified: 2019-05-09 08:11 UTC (History)
4 users (show)

See Also:
bugzilla: maintainer-feedback? (doceng)

Attachments
patch (3.30 KB, patch)
2019-04-19 15:48 UTC, Tijl Coosemans 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tijl Coosemans freebsd_committer freebsd_triage 2019-04-19 15:48:14 UTC 
Created attachment 203802 [details]
patch

Update print/ghostscript9-agpl-{base,x11} to 9.27.

This version removes some undocumented features.  An exp-run is needed to make sure no port depends on them.
Comment 1 Tijl Coosemans freebsd_committer freebsd_triage 2019-04-19 15:48:52 UTC 
Assign to portmgr for exp-run.
Comment 2 Greg Veldman 2019-04-20 12:31:59 UTC 
If I'm not mistaken, I believe this is also CVE-2019-3835 and CVE-2019-3838, which should be documented in vuxml.  Tagging ports-secteam on this as well.
Comment 3 Greg Veldman 2019-04-20 12:32:10 UTC 
If I'm not mistaken, I believe this is also CVE-2019-3835 and CVE-2019-3838, which should be documented in vuxml.  Tagging ports-secteam on this as well.
Comment 4 Antoine Brodin freebsd_committer freebsd_triage 2019-04-21 15:58:41 UTC 
Exp-run looks fine
Comment 5 commit-hook freebsd_committer freebsd_triage 2019-04-21 16:42:22 UTC 
A commit references this bug:

Author: tijl
Date: Sun Apr 21 16:41:38 UTC 2019
New revision: 499546
URL: https://svnweb.freebsd.org/changeset/ports/499546

Log:
  Update to 9.27.

  PR:		237390
  Exp-run by:	antoine
  Approved by:	portmgr (antoine)
  MFH:		2019Q2
  Security:	CVE-2019-3835, CVE-2019-3838

Changes:
  head/print/ghostscript9-agpl-base/Makefile
  head/print/ghostscript9-agpl-base/distinfo
  head/print/ghostscript9-agpl-base/pkg-plist
  head/print/ghostscript9-agpl-x11/Makefile
Comment 6 commit-hook freebsd_committer freebsd_triage 2019-04-21 17:36:09 UTC 
A commit references this bug:

Author: tijl
Date: Sun Apr 21 17:36:00 UTC 2019
New revision: 499548
URL: https://svnweb.freebsd.org/changeset/ports/499548

Log:
  Document Ghostscript CVE-2019-3835 and CVE-2019-3838.

  PR:		237390
  Security:	CVE-2019-3835, CVE-2019-3838

Changes:
  head/security/vuxml/vuln.xml
Comment 7 commit-hook freebsd_committer freebsd_triage 2019-04-22 08:53:21 UTC 
A commit references this bug:

Author: tijl
Date: Mon Apr 22 08:53:17 UTC 2019
New revision: 499618
URL: https://svnweb.freebsd.org/changeset/ports/499618

Log:
  MFH: r499546

  Update to 9.27.

  PR:		237390
  Security:	CVE-2019-3835, CVE-2019-3838
  Approved by:	ports-secteam (miwi)

Changes:
_U  branches/2019Q2/
  branches/2019Q2/print/ghostscript9-agpl-base/Makefile
  branches/2019Q2/print/ghostscript9-agpl-base/distinfo
  branches/2019Q2/print/ghostscript9-agpl-base/pkg-plist
  branches/2019Q2/print/ghostscript9-agpl-x11/Makefile
Comment 8 admin-freebsd-bugzilla 2019-05-06 15:13:04 UTC 
this broke cups-filters

see here https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237765