FreeBSD Bugzilla – Attachment 241660 Details for
Bug 270823
print/ghostscript9-agpl-base: please check for CVE-2023-28879
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Upstream's patch and a portrevision bump
0001-print-ghostscript9-agpl-base-Backport-fix-for-CVE-20.patch (text/plain), 2.02 KB, created by
Nicholas Taylor
on 2023-04-22 18:08:17 UTC
(
hide
)
Description:
Upstream's patch and a portrevision bump
Filename:
MIME Type:
Creator:
Nicholas Taylor
Created:
2023-04-22 18:08:17 UTC
Size:
2.02 KB
patch
obsolete
>From 96df7320ce4bd96029a4302adc70c98f89c05db4 Mon Sep 17 00:00:00 2001 >From: Nicholas Taylor <nicholas.e.taylor@gmail.com> >Date: Sat, 22 Apr 2023 18:54:35 +0100 >Subject: [PATCH] print/ghostscript9-agpl-base: Backport fix for CVE-2023-28879 > >--- > print/ghostscript9-agpl-base/Makefile | 2 +- > .../files/patch-base_cbcp.c | 23 +++++++++++++++++++ > 2 files changed, 24 insertions(+), 1 deletion(-) > create mode 100644 print/ghostscript9-agpl-base/files/patch-base_cbcp.c > >diff --git a/print/ghostscript9-agpl-base/Makefile b/print/ghostscript9-agpl-base/Makefile >index a63f0724fb..305e443977 100644 >--- a/print/ghostscript9-agpl-base/Makefile >+++ b/print/ghostscript9-agpl-base/Makefile >@@ -1,6 +1,6 @@ > PORTNAME= ghostscript > PORTVERSION= 9.56.1 >-PORTREVISION= 9 >+PORTREVISION= 10 > CATEGORIES= print > MASTER_SITES= https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${PORTVERSION:S/.//g}/ > PKGNAMESUFFIX= 9-agpl-base >diff --git a/print/ghostscript9-agpl-base/files/patch-base_cbcp.c b/print/ghostscript9-agpl-base/files/patch-base_cbcp.c >new file mode 100644 >index 0000000000..f1048393c1 >--- /dev/null >+++ b/print/ghostscript9-agpl-base/files/patch-base_cbcp.c >@@ -0,0 +1,23 @@ >+--- base/sbcp.c >++++ base/sbcp.c >+@@ -1,4 +1,4 @@ >+-/* Copyright (C) 2001-2021 Artifex Software, Inc. >++/* Copyright (C) 2001-2023 Artifex Software, Inc. >+ All Rights Reserved. >+ >+ This software is provided AS-IS with no warranty, either express or >+@@ -50,6 +50,14 @@ s_xBCPE_process(stream_state * st, stream_cursor_read * pr, >+ byte ch = *++p; >+ >+ if (ch <= 31 && escaped[ch]) { >++ /* Make sure we have space to store two characters in the write buffer, >++ * if we don't then exit without consuming the input character, we'll process >++ * that on the next time round. >++ */ >++ if (pw->limit - q < 2) { >++ p--; >++ break; >++ } >+ if (p == rlimit) { >+ p--; >+ break; >-- >2.40.0 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=241660">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 270823
: 241660 |
241671
|
241690
|
241800