Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: a81eee254c67
Choose a base ref
...
head repository: NixOS/nixpkgs
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 828d37d03434
Choose a head ref
  • 2 commits
  • 2 files changed
  • 2 contributors

Commits on Oct 23, 2019

  1. ghostscript: add patches for CVE-2019-10216, CVE-2019-14811, CVE-2019… 

    …-14812, CVE-2019-14813 and some of CVE-2019-14817

as with master, not all of the CVE-2019-14817 patch applies cleanly, but
the parts that do should provide some protection
    @risicle
    risicle committed Oct 23, 2019
    Copy the full SHA
    bd3f644 View commit details

Commits on Oct 28, 2019

  1. Merge pull request #71872 from risicle/ris-ghostscript-CVEs-r19.09 

    [19.09] ghostscript: add patches for CVE-2019-10216, CVE-2019-14811, CVE-2019-14812, CVE-2019-14813 and some of CVE-2019-14817
    Christian Kauhaus authored Oct 28, 2019

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    828d37d View commit details
Showing with 50 additions and 0 deletions.
  1. +36 −0 pkgs/misc/ghostscript/9.26-CVE-2019-10216.patch
  2. +14 −0 pkgs/misc/ghostscript/default.nix
36 changes: 36 additions & 0 deletions pkgs/misc/ghostscript/9.26-CVE-2019-10216.patch
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
Based on upstream commit 5b85ddd19a8420a1bd2d5529325be35d78e94234
--- a/Resource/Init/gs_type1.ps
+++ b/Resource/Init/gs_type1.ps
@@ -118,25 +118,25 @@
( to be the same as glyph: ) print 1 index //== exec } if
3 index exch 3 index //.growput systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse
% scratch(string) RAGL(dict) AGL(dict) CharStrings(dict) cstring gname
- }
+ }executeonly
{pop} ifelse
- } forall
+ } executeonly forall
pop pop
- }
+ } executeonly
{
pop pop pop
} ifelse
- }
+ } executeonly
{
% scratch(string) RAGL(dict) AGL(dict) CharStrings(dict) cstring gname
pop pop
} ifelse
- } forall
+ } executeonly forall
3 1 roll pop pop
- } if
+ } executeonly if
pop
dup /.AGLprocessed~GS //true //.growput systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse
- } if
+ } executeonly if

%% We need to excute the C .buildfont1 in a stopped context so that, if there
%% are errors we can put the stack back sanely and exit. Otherwise callers won't
14 changes: 14 additions & 0 deletions pkgs/misc/ghostscript/default.nix
View file
Original file line number Diff line number Diff line change
@@ -62,6 +62,20 @@ stdenv.mkDerivation rec {
url = "http://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=db24f253409d5d085c2760c814c3e1d3fa2dac59";
sha256 = "1h6kpwc6ryr6jlxjr6bfnvmmf8x0kqmyjlx3hggqjs23n0wsr9p9";
})
./9.26-CVE-2019-10216.patch
(fetchpatch {
name = "CVE-2019-14811.CVE-2019-14812.CVE-2019-14813.patch";
url = "https://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33";
sha256 = "19928sr7xpx7iibk9gn127g0r1yv2lcfpwgk2ipzz4wgrs3f5j70";
})
(fetchpatch {
name = "CVE-2019-14817-partial.patch";
url = "https://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=cd1b1cacadac2479e291efe611979bdc1b3bdb19";
# patch doesn't apply cleanly to all files, but at least partially applying it fixes
# *some* of the problematic sites.
excludes = ["Resource/Init/pdf_font.ps" "Resource/Init/pdf_draw.ps"];
sha256 = "04sy05svm3d2hyyzq41x5aqg3cgg2shaq08ivdqsys95nlihccpn";
})
];

outputs = [ "out" "man" "doc" ];