mirrors/poky - poky - zepto initiative

mirror of https://git.yoctoproject.org/poky synced 2026-03-05 06:49:39 +01:00

Author	SHA1	Message	Date
Hongxu Jia	93db812f0c	ghostscript: 9.25 -> 9.26 - Drop backported CVE fixes 000[1-8]*.patch (From OE-Core rev: f30bd6bf01dbf81f0872382be44d507fb981f953) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-12-01 11:38:36 +00:00
Hongxu Jia	05c548c5f4	ghostscript: fix CVE-2018-18284 Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. (From OE-Core rev: 98ab5c5770d20b39bf3c58083f31f31838f2e940) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-11-07 23:08:54 +00:00
Hongxu Jia	9e2e38d349	ghostscript: fix CVE-2018-18073 Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. (From OE-Core rev: 6098c19e1f179896af7013c4b5db3081549c97bc) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-11-07 23:08:54 +00:00
Hongxu Jia	e84345d6e6	ghostscript: fix CVE-2018-17961 Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. (From OE-Core rev: 6c32ea184941d292cd8f0eb898e6cc90120ada40) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-11-07 23:08:54 +00:00
Hongxu Jia	49e0838e1d	ghostscript: 9.21 -> 9.23 1. Drop backported patches - CVE-2017-7207.patch - CVE-2017-5951.patch - CVE-2017-7975.patch - CVE-2017-9216.patch - CVE-2017-9611.patch - CVE-2017-9612.patch - CVE-2017-9739.patch - CVE-2017-9726.patch - CVE-2017-9727.patch - CVE-2017-9835.patch - CVE-2017-11714.patch 2. Rebase to 9.23 - ghostscript-9.15-parallel-make.patch - ghostscript-9.16-Werror-return-type.patch - do-not-check-local-libpng-source.patch - avoid-host-contamination.patch - mkdir-p.patch - ghostscript-9.21-prevent_recompiling.patch - ghostscript-9.02-genarch.patch - cups-no-gcrypt.patch - ghostscript-9.21-native-fix-disable-system-libtiff.patch - base-genht.c-add-a-preprocessor-define-to-allow-fope.patch 3. Add packps from (native to target) to support cross compiling. 4. Add remove-direct-symlink.patch to fix do_populate_sysroot failure (From OE-Core rev: f8b4636472c6784fb78ca09a7dd7ebe53011f631) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2018-05-04 13:28:01 +01:00
Hongxu Jia	16fbcbb57a	ghostscript: upgrade to 9.19 - Ghostscript and GhostPDL releases from version 9.19 have been moved to GitHub hosting, tweak download site - Drop 0001-Bug-696497-Fix-support-for-building-with-no-jbig2-de.patch, and 0002-Bug-696497-part-2-fix-support-for-building-with-a-JP.patch, ghostscript 9.19 has fixed them. - Fix QA Warning unrecognised options: --enable-little-endian. It use AC_C_BIGENDIAN to detect big/little endian. http://www.delorie.com/gnu/docs/autoconf/autoconf_64.html (From OE-Core rev: 227ca0a373b5a93602a419296ff1da1a96615ba2) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2016-06-15 08:35:02 +01:00
Hongxu Jia	ee8ff42634	ghostscript: 9.16 -> 9.18 - Backport patches to fix build failure caused by '--without-jbig2dec' and '--without-jbig2dec'. ... \|make[1]: *** No rule to make target `obj/sjbig2_.dev', needed by `obj/sjbig2.dev'. Stop. ... http://bugs.ghostscript.com/show_bug.cgi?id=696497 - Previously, it did not build the whole local libpng source in ghostscript, only picked up specific files and compile them. But on ghostscript 9.18, when the arm's FPU has been set to NEON (-mfpu=neon * with GCC), the selected file "libpng/pngrutil.c" needs to link 'png_init_filter_functions_neon' which should be compiled by a non-selected file "libpng/arm/arm_init.c". ... \|./obj/pngrutil.o: In function `png_init_filter_functions': \|armv7a-neon-poky-linux-gnueabi/ghostscript/9.18-r0/build/../ ghostscript-9.18/libpng/pngrutil.c:3921: undefined reference to `png_init_filter_functions_neon' ... So do not compile local libpng source in ghostscript, use shared libpng to instead. (From OE-Core rev: c7da39c43fc20e634c45212151400c663b39399a) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2016-03-09 16:58:12 +00:00

7 Commits