FreeBSD Bugzilla – Attachment 160537 Details for
Bug 202781
print/ghostscript7 *: security/vuxml: denial of service (crash) via crafted Postscript files (CVE-2015-3228)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
print/ghostscript* backport CVE-2015-2015-3228 fixes from HEAD to 2015Q3
ghostscript_2015Q3.patch (text/plain), 6.00 KB, created by
Jason Unovitch
on 2015-08-30 21:26:19 UTC
(
hide
)
Description:
print/ghostscript* backport CVE-2015-2015-3228 fixes from HEAD to 2015Q3
Filename:
MIME Type:
Creator:
Jason Unovitch
Created:
2015-08-30 21:26:19 UTC
Size:
6.00 KB
patch
obsolete
>Index: print/ghostscript7/Makefile >=================================================================== >--- print/ghostscript7/Makefile (revision 395632) >+++ print/ghostscript7/Makefile (working copy) >@@ -3,7 +3,7 @@ > > PORTNAME= ghostscript > PORTVERSION= 7.07 >-PORTREVISION= 31 >+PORTREVISION= 32 > CATEGORIES= print > MASTER_SITES= SF/ghostscript/gnu-gs/${PORTVERSION}:gs_srcs \ > ftp://mirror.cs.wisc.edu/pub/mirrors/ghost/gnu/gs${PORTVERSION:S/.//}/:gs_srcs \ >Index: print/ghostscript7/files/patch-src-gsmalloc.c >=================================================================== >--- print/ghostscript7/files/patch-src-gsmalloc.c (revision 0) >+++ print/ghostscript7/files/patch-src-gsmalloc.c (working copy) >@@ -0,0 +1,11 @@ >+--- src/gsmalloc.c.orig 2015-07-24 09:55:54.032137000 +0900 >++++ src/gsmalloc.c 2015-07-24 09:57:15.070246000 +0900 >+@@ -170,7 +170,7 @@ >+ } else { >+ uint added = size + sizeof(gs_malloc_block_t); >+ >+- if (mmem->limit - added < mmem->used) >++ if (added <= size || mmem->limit - added < mmem->used) >+ set_msg("exceeded limit"); >+ else if ((ptr = (byte *) malloc(added)) == 0) >+ set_msg("failed"); > >Property changes on: print/ghostscript7/files/patch-src-gsmalloc.c >___________________________________________________________________ >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Index: print/ghostscript8/Makefile >=================================================================== >--- print/ghostscript8/Makefile (revision 395632) >+++ print/ghostscript8/Makefile (working copy) >@@ -3,7 +3,7 @@ > > PORTNAME= ghostscript > PORTVERSION= 8.71 >-PORTREVISION= 18 >+PORTREVISION= 19 > CATEGORIES= print > MASTER_SITES= http://downloads.ghostscript.com/public/:gs_srcs \ > SF/ghostscript/GPL%20Ghostscript/${PORTVERSION}:gs_srcs \ >Index: print/ghostscript8/files/patch-base-gsmalloc.c >=================================================================== >--- print/ghostscript8/files/patch-base-gsmalloc.c (revision 0) >+++ print/ghostscript8/files/patch-base-gsmalloc.c (working copy) >@@ -0,0 +1,11 @@ >+--- base/gsmalloc.c.orig 2015-07-24 09:52:39.718916000 +0900 >++++ base/gsmalloc.c 2015-07-24 09:54:31.761202000 +0900 >+@@ -174,7 +174,7 @@ >+ } else { >+ uint added = size + sizeof(gs_malloc_block_t); >+ >+- if (mmem->limit - added < mmem->used) >++ if (added <= size || mmem->limit - added < mmem->used) >+ set_msg("exceeded limit"); >+ else if ((ptr = (byte *) malloc(added)) == 0) >+ set_msg("failed"); > >Property changes on: print/ghostscript8/files/patch-base-gsmalloc.c >___________________________________________________________________ >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Index: print/ghostscript9/Makefile >=================================================================== >--- print/ghostscript9/Makefile (revision 395632) >+++ print/ghostscript9/Makefile (working copy) >@@ -2,7 +2,7 @@ > > PORTNAME= ghostscript > PORTVERSION= 9.06 >-PORTREVISION= 10 >+PORTREVISION= 11 > CATEGORIES= print > MASTER_SITES= http://downloads.ghostscript.com/public/:gs_srcs \ > SF/ghostscript/GPL%20Ghostscript/${PORTVERSION}:gs_srcs \ >Index: print/ghostscript9/files/patch-base-gsmalloc.c >=================================================================== >--- print/ghostscript9/files/patch-base-gsmalloc.c (revision 0) >+++ print/ghostscript9/files/patch-base-gsmalloc.c (working copy) >@@ -0,0 +1,11 @@ >+--- base/gsmalloc.c.orig 2015-07-24 09:41:05.295969000 +0900 >++++ base/gsmalloc.c 2015-07-24 09:41:15.146305000 +0900 >+@@ -178,7 +178,7 @@ >+ } else { >+ uint added = size + sizeof(gs_malloc_block_t); >+ >+- if (mmem->limit - added < mmem->used) >++ if (added <= size || mmem->limit - added < mmem->used) >+ set_msg("exceeded limit"); >+ else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0) >+ set_msg("failed"); > >Property changes on: print/ghostscript9/files/patch-base-gsmalloc.c >___________________________________________________________________ >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Index: print/ghostscript9-agpl/Makefile >=================================================================== >--- print/ghostscript9-agpl/Makefile (revision 395632) >+++ print/ghostscript9-agpl/Makefile (working copy) >@@ -2,7 +2,7 @@ > > PORTNAME= ghostscript > PORTVERSION= 9.15 >-PORTREVISION= 1 >+PORTREVISION= 2 > CATEGORIES= print > MASTER_SITES= http://downloads.ghostscript.com/public/:gs_srcs \ > SF/ghostscript/GPL%20Ghostscript/${PORTVERSION}:gs_srcs \ >Index: print/ghostscript9-agpl/files/patch-base-gsmalloc.c >=================================================================== >--- print/ghostscript9-agpl/files/patch-base-gsmalloc.c (revision 0) >+++ print/ghostscript9-agpl/files/patch-base-gsmalloc.c (working copy) >@@ -0,0 +1,11 @@ >+--- base/gsmalloc.c.orig 2015-08-22 03:09:16.838614000 +0900 >++++ base/gsmalloc.c 2015-08-22 03:09:34.776354000 +0900 >+@@ -178,7 +178,7 @@ >+ } else { >+ uint added = size + sizeof(gs_malloc_block_t); >+ >+- if (mmem->limit - added < mmem->used) >++ if (added <= size || mmem->limit - added < mmem->used) >+ set_msg("exceeded limit"); >+ else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0) >+ set_msg("failed"); > >Property changes on: print/ghostscript9-agpl/files/patch-base-gsmalloc.c >___________________________________________________________________ >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=160537">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 202781
: 160537 |
160538