Artifex Ghostscript allows attackers to bypass a sandbox protection
mechanism by leveraging exposure of system operators in the saved
execution stack in an error object.
(From OE-Core rev: 6098c19e1f179896af7013c4b5db3081549c97bc)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a
sandbox protection mechanism via vectors involving errorhandler
setup. NOTE: this issue exists because of an incomplete fix for
CVE-2018-17183.
(From OE-Core rev: 6c32ea184941d292cd8f0eb898e6cc90120ada40)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Removed below patches, as v9.25 source already has those
changes/security fixes:
0001-Bug-699665-memory-corruption-in-aesdecode.patch
0001-pdfwrite-Guard-against-trying-to-output-an-infinite-.patch
0002-Bug-699656-Handle-LockDistillerParams-not-being-a-bo.patch
0003-Fix-Bug-699660-shading_param-incomplete-type-checkin.patch
0004-Hide-the-.shfill-operator.patch
0005-Bug-699657-properly-apply-file-permissions-to-.tempf.patch
remove-direct-symlink.patch
Re-worked ghostscript-9.21-native-fix-disable-system-libtiff.patch
and ghostscript-9.21-prevent_recompiling.patch
to fix warnings in do_patch task of ghostscript v9.25 recipe.
Highlights of ghostscript v9.25 release:
---------------------------------------
- This release fixes problems with argument handling, some unintended results
of the security fixes to the SAFER file access restrictions
(specifically accessing ICC profile files), and some additional security
issues over the recent 9.24 release.
- Note: The ps2epsi utility does not, and cannot call Ghostscript with
the -dSAFER command line option. It should never be called with input
from untrusted sources.
- Security issues have been the primary focus of this release, including
solving several (well publicised) real and potential exploits.
- As well as Ghostscript itself, jbig2dec has had a significant amount of work
improving its robustness in the face of out specification files.
- IMPORTANT: We are in the process of forking LittleCMS. LCMS2 is not thread
safe, and cannot be made thread safe without breaking the ABI.
Our fork will be thread safe, and include performance enhancements
(these changes have all be been offered and rejected upstream). We will
maintain compatibility between Ghostscript and LCMS2 for a time, but not in
perpetuity. Our fork will be available as its own package separately from
Ghostscript (and MuPDF).
- The usual round of bug fixes, compatibility changes, and incremental
improvements.
(From OE-Core rev: 4340928b8878b91b5a2750eb6bc87918740511ca)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The patch tool will apply patches by default with "fuzz", which is where if the
hunk context isn't present but what is there is close enough, it will force the
patch in.
Whilst this is useful when there's just whitespace changes, when applied to
source it is possible for a patch applied with fuzz to produce broken code which
still compiles (see #10450). This is obviously bad.
We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For
that to be realistic the existing patches with fuzz need to be rebased and
reviewed.
(From OE-Core rev: 49437de120ffdf26396fb295254f51ccc204560a)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2017-9727: make bounds check in gx_ttfReader__Read more robust
CVE-2017-9835: bounds check the array allocations methods
CVE-2017-11714: prevent trying to reloc a freed object
(From OE-Core rev: 2eae91f9fa1cfdd3f0e6111956c8f193fd0db69f)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
png_mak.patch was created for ghostscript 9.16 and causes make circular
dependency now. Check source code base/png.mak after apply png_mak.patch:
Line 77: $(MAKEDIRS) : $(pnglibconf_h)
Line 83: $(pnglibconf_h) : $(PNGSRC)scripts$(D)pnglibconf.h.prebuilt $(TOP_MAKEFILES) $(MAKEDIRS)
So remove png_mak.patch.
(From OE-Core rev: 8a5890cc0b0a6c110edb36aec3614c3ebeb54e24)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This adds or fixes the Upstream-Status for all remaining patches missing it
in OE-Core.
(From OE-Core rev: 563cab8e823c3fde8ae4785ceaf4d68a5d3e25df)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add information necessary to build for x11, but
do not enable that option.
Fix parallel build directory creation issue.
(From OE-Core rev: 2bfc7be412da501d8a9138a3dde33636c5fe2616)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The following warning occurs when building with meta-zephyr
with MACHINE set to arduino-101-sss:
WARNING: /srv/sdc/builds/11319/meta/recipes-extended/ghostscript/ghostscript_9.20.bb: Unable to get checksum for ghostscript SRC_URI entry objarch.h: file could not be found
This is due to the the TARGET_ARCH = "arc" for meta-zephyr is not
supported by ghostscript and causing bitbake unable to locate the
correct config file during recipe parse.
Adding checker in the recipe to raise an exception if the target
architecture is "arc". This would then only display an error if
someone specifically tries to build the recipe:
ERROR: ghostscript was skipped: incompatible with host arc-yocto-elf (not in COMPATIBLE_HOST)
[YOCTO #11344]
(From OE-Core rev: 720a7230b92d734106d5340a426270dd4e921e8e)
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
1)Upgrade ghostscript from 9.19 to 9.20.
2)Modify ghostscript-9.15-parallel-make.patch, since the data has been changed.
(From OE-Core rev: 4f3483c3a0ba22f46d768d78d6f56880e8ac5608)
(From OE-Core rev: 9133ba6b8138951f3ef798f0a1cc6f694fe71868)
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
MIPS MACHINE_OVERRIDES can be used to provide the same objarch.h
files for MIPS pre-R2 and R6 ISA versions.
Use them to reduce duplication in supporting MIPS R6 ISA
(From OE-Core rev: a169f11cee3f4288467120cbc363f5e664b86f0c)
Signed-off-by: Zubair Lutfullah Kakakhel <Zubair.Kakakhel@imgtec.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Reduce duplication in MIPS variants now that the MACHINEOVERRIDES
variable is defined
(From OE-Core rev: c4aefe37ef5ff34ebd8e1a077c9198dcf3634e07)
Signed-off-by: Zubair Lutfullah Kakakhel <Zubair.Kakakhel@imgtec.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Ghostscript and GhostPDL releases from version 9.19 have been moved to GitHub
hosting, tweak download site
- Drop 0001-Bug-696497-Fix-support-for-building-with-no-jbig2-de.patch, and
0002-Bug-696497-part-2-fix-support-for-building-with-a-JP.patch, ghostscript
9.19 has fixed them.
- Fix QA Warning unrecognised options: --enable-little-endian. It use AC_C_BIGENDIAN
to detect big/little endian.
http://www.delorie.com/gnu/docs/autoconf/autoconf_64.html
(From OE-Core rev: 227ca0a373b5a93602a419296ff1da1a96615ba2)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Backport patches to fix build failure caused by
'--without-jbig2dec' and '--without-jbig2dec'.
...
|make[1]: *** No rule to make target `obj/sjbig2_.dev',
needed by `obj/sjbig2.dev'. Stop.
...
http://bugs.ghostscript.com/show_bug.cgi?id=696497
- Previously, it did not build the whole local libpng
source in ghostscript, only picked up specific files
and compile them. But on ghostscript 9.18, when the
arm's FPU has been set to NEON (-mfpu=neon * with GCC),
the selected file "libpng/pngrutil.c" needs to link
'png_init_filter_functions_neon' which should be
compiled by a non-selected file "libpng/arm/arm_init.c".
...
|./obj/pngrutil.o: In function `png_init_filter_functions':
|armv7a-neon-poky-linux-gnueabi/ghostscript/9.18-r0/build/../
ghostscript-9.18/libpng/pngrutil.c:3921: undefined reference to
`png_init_filter_functions_neon'
...
So do not compile local libpng source in ghostscript,
use shared libpng to instead.
(From OE-Core rev: c7da39c43fc20e634c45212151400c663b39399a)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When using parallel make jobs, we need to be sure that
pnglibconf.h is created before we try to reference it,
so add a rule to png.mak.
(From OE-Core rev: fad19750d23aad2d14a1726c4e3c2c0d05f6e13d)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Update LICENSE's md5sum, the new version added a "of" in the file, the
license is the same.
* Remove ghostscript-9.02-parallel-make.patch, it has 932 lines and
modified 24 files, which is hard to maintain, and it can't be applied
since the code has changed, and if we meet parallel issues again, we
need fix it in other ways.
* Fix a build error of -Werror=return-type.
(From OE-Core rev: c5adb5903bd93f1c71acd52062d8c8620de2f944)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Add objarch.h for MicroBlaze big and little endian
(From OE-Core rev: cb7e4f8e3dcbe1d85eabc7d1545fddcd2500e02b)
Signed-off-by: Nathan Rossi <nathan.rossi@xilinx.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ghostscript application fails to fetch objarch.h file while building for armeb.
The fetch failure is due to absence of this file in the default set of
directories that the OpenEmbedded build system searches (i.e FILESPATH)
for patches and files. This patch adds the required objarch.h file for
armeb in one of the default locations where OpenEmbedded build system searches.
(From OE-Core rev: c520165f8fe7c01865ddb2565908211c0cfd2185)
Signed-off-by: Krishnanjanappa, Jagadeesh <jagadeesh.krishnanjanappa@caviumnetworks.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[YOCTO #7230]
In certain system configurations TRANSLATED_TARGET_ARCH will not
expand in the right order for gcc-cross-candian-mips64n32 to be
generated properly.
This will cause SDKs to fail to generate properly.
Changing the global definition of TRANSLATED_TARGET_ARCH always
expands the ABIEXTENSION, which causes the OVERRIDES to pick it up
as well. This effectively defines a new class of overrides for the 'n32'.
The side effect is that we need to duplicate some mips64 overrides, and
redefine others that were previously 'n32' or 'mips64' exclusive to have
the correct semantics.
(From OE-Core rev: 4b3a2b703b20583bd107f00a297d972e9bfb514a)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The commit: http://ghostscript.com/pipermail/gs-cvs/2014-February/017271.html
newly added a 'compile time assert' on 9.14 that causes the build to fail if
the sizeof(GX_COLOR_INDEX_TYPE) is not equal to ARCH_SIZEOF_GX_COLOR_INDEX.
Disscuss on IRC:
http://ghostscript.com/irclogs/2014/02/06.html
The commit from OE-Core rev: 78a13ba170c1de6d7ef077854e3e34e18d17099f
...
ghostscript: add pregenerated objarch for mipsel/mips64/mips64el
...
has defined ARCH_SIZEOF_GX_COLOR_INDEX according to the type of archs,
and assigned 4 for mips/mipsel (8 for others).
The GX_COLOR_INDEX_TYPE was defined at do_configure time, which used
large color index (with 8) by default. We should manually choose the
opposite one (with 4) for mips/mipsel.
(From OE-Core rev: 0710ed28e868d4fc4ca027afb3c7acfc899f9409)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This patch goes through the OE-Core recipes and marks those which use autotools
but don't support a separate build directory (${S} != ${B}). A new class,
autotools-brokensep is used for this purpose.
This doesn't introduce any change in behaviour in its own right.
(From OE-Core rev: 006b8a7808a58713af16c326dc37d07765334b12)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove --without-jasper since the jasper had been removed:
commit 6070a6f33bebf7538e48219010bc1e4de8341ea8
Author: Ray Johnston <ray.johnston@artifex.com>
Date: Fri Aug 3 00:32:32 2012 -0700
Rip out jasper -- openjpeg is our JPX implementation.
(From OE-Core rev: 711ec79d118e0d116b14d48a08820e4f88979ed5)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some versions of patch (e.g. 2.6.1.136-31a7 on OpenSUSE 12.2) will
refuse to patch a file via a symlink (probably a fairly sensible
security precaution). The "base/" subdirectory specified within the
ghostscript-9.05-NOT-check-endian.patch file was being lost by the
default application with -p1, but this was not caught on most systems
due to the symlink. Fix the path so that we always patch the file
directly.
Fixes [YOCTO #4773].
(From OE-Core rev: 96a009da2456a03c65c198d8dca7d2af8b228f4f)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[ CQID: WIND00394747 ]
The original patch removes endianness detection completely, causing lcms
to be built against the wrong endian. Instead, pass the correct endian
through the recipe using SITEINFO_ENDIANNESS.
(From OE-Core rev: 0a07ec7d13becc7ce87c502e75a006300a7090a5)
Signed-off-by: Jesse Zhang <sen.zhang@windriver.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The ghostscript-native will check libtiff
automatically at configure time and libtiff
needs libjpeg. If libtiff and libjpeg is
just populated to staging native directories
and the host doesn't install them, the libjpeg
could not be linked, fail with:
|libjpeg.so.8, needed by libtiff.so, not found
|libtiff.so: undefined reference to
`jpeg_set_defaults@LIBJPEG_8.0'
|collect2: error: ld returned 1 exit status
Disable libtiff support to fix this issue and
modify configure to let disable system libtiff
could work.
We also explicity disable fontconfig, freetype,
cups for ghostscript-native to avoid the similar
issues.
[YOCTO #3562]
(From OE-Core rev: c00778dd0d9c3b62657057e92c868ad2257d72d3)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
