mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-04 22:39:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

ghostscript: CVE-2017-9727, -9835, -11714

Browse Source 
CVE-2017-9727: make bounds check in gx_ttfReader__Read more robust
CVE-2017-9835: bounds check the array allocations methods
CVE-2017-11714: prevent trying to reloc a freed object

(From OE-Core rev: 2eae91f9fa1cfdd3f0e6111956c8f193fd0db69f)

(From OE-Core rev: 1c9e3318791e36d6bc851192a7640ee639f61f23)

Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Joe Slater
2017-08-22 14:14:46 -07:00
committed by Richard Purdie
parent bbb081544c
commit e6533d1d9e
4 changed files with 224 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
meta/recipes-extended/ghostscript/ghostscript_9.20.bb
View File

@@ -45,6 +45,9 @@ SRC_URI = "${SRC_URI_BASE} \
file://CVE-2017-9612.patch \
file://CVE-2017-9739.patch \
file://CVE-2017-9726.patch \
file://CVE-2017-9727.patch \
file://CVE-2017-9835.patch \
file://CVE-2017-11714.patch \
"
SRC_URI_class-native = "${SRC_URI_BASE} \