Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ghostscript: 9.52 -> 9.53.3 and jbig2dec: 0.18 -> 0.19 #101215

Merged
merged 2 commits into from Oct 22, 2020
Merged

ghostscript: 9.52 -> 9.53.3 and jbig2dec: 0.18 -> 0.19 #101215

merged 2 commits into from Oct 22, 2020

Conversation

TredwellGit
Copy link
Member

Motivation for this change

https://github.com/ArtifexSoftware/jbig2dec/blob/0.19/CHANGES

https://www.ghostscript.com/doc/9.53.3/News.htm

#101207 (comment)

Things done

@ofborg ofborg bot requested a review from viric October 20, 2020 21:32
@TredwellGit TredwellGit mentioned this pull request Oct 22, 2020
Merged
3 tasks
@jtojnar
Copy link
Contributor

jtojnar commented Oct 22, 2020

Perhaps lcms2 is no longer needed for ghostscript:

We have forked LittleCMS2 into LittleCMS2mt (the "mt" indicating "multi-thread"). LCMS2 is not thread safe and cannot be made thread safe without breaking the ABI. Our fork will be thread safe and include performance enhancements (these changes have all be been offered and rejected upstream). We will maintain compatibility between Ghostscript and LCMS2 for a time, but not in perpetuity. If there is sufficient interest, our fork will be available as its own package separately from Ghostscript (and MuPDF).

@TredwellGit
Copy link
Member Author

I read that, but did not investigate since this blocks #101199 from getting released. Multiple sources report CVE-2020-15999 as actively exploited, so I think it would be better to handle that in a different pull request later.

@ivan ivan mentioned this pull request Oct 22, 2020
Closed
jtojnar
jtojnar approved these changes Oct 22, 2020
View reviewed changes
Copy link
Contributor

@jtojnar jtojnar left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like the lcms2mt might not actually be new and it would not work according to 128bb7b

@jtojnar jtojnar merged commit 19e31fa into NixOS:staging Oct 22, 2020
@jtojnar
Copy link
Contributor

jtojnar commented Oct 22, 2020

Thanks.

@TredwellGit TredwellGit deleted the ghostscript branch October 23, 2020 08:17
@FRidh
Copy link
Member

FRidh commented Nov 1, 2020

Cherry-picked to staging-next.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jtojnar jtojnar jtojnar approved these changes

@viric viric Awaiting requested review from viric

Assignees
No one assigned
Labels
10.rebuild-darwin: 101-500 10.rebuild-linux: 501-1000 10.rebuild-linux: 501+
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@TredwellGit @jtojnar @FRidh