Backport a patch file from upstream, since doing an uprev of the recipe
to the version with the fix (9.55) would introduce functional changes.
CVE: CVE-2021-3781
(From OE-Core rev: db413a3a4fa42ac05824c2217f633a0af7ab50cd)
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The CVE is in the jpeg sources included with ghostscript. We use our own
external jpeg library so this doesn't affect us.
(From OE-Core rev: e19caff111bcbd70e5e7507388a4aaea2d10f7e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ghostscript-9.15-parallel-make.patch rebased; one of the
chunks removed upstream.
Remove bundled jpeg source, as that seems to be the only way
to get ghostscript to fall back to system jpeg library.
(From OE-Core rev: ad8c8ffc5a008872d40a36ea825da30accd6a11a)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
