mirrors/poky - poky - zepto initiative

mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-02-22 09:29:40 +01:00

Commit Graph

Author	SHA1	Message	Date
Ovidiu Panait	e6058824bb	ghostscript: Fix 3 CVEs It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the -dSAFER protection and, for example, execute arbitrary shell commands via a specially crafted PostScript document. It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. References: https://nvd.nist.gov/vuln/detail/CVE-2019-6116 https://www.openwall.com/lists/oss-security/2019/01/23/5 https://nvd.nist.gov/vuln/detail/CVE-2019-3835 https://nvd.nist.gov/vuln/detail/CVE-2019-3838 Upstream patches: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=13b0a36 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2db98f9 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=99f1309 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=59d8f4d http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2768d1a http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=49c8092 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2ff600a http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=779664d http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=e8acf6d http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2055917 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d683d1e http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ed9fcd9 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a82601e (From OE-Core rev: 12e140dfdac8456772223c816e37bd869419bb18) (From OE-Core rev: cf5d29dcac6247e8476f7af78b4e0bb129b94677) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Fix for CVE-2019-6116 is already in thud, so that has been removed] Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-07-29 23:50:43 +01:00
Ovidiu Panait	7756de368d	ghostscript: Fix CVE-2019-6116 It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the -dSAFER protection and, for example, execute arbitrary shell commands via a specially crafted PostScript document. Reference: https://www.openwall.com/lists/oss-security/2019/01/23/5 Upstream patches: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=13b0a36f8181db66a91bcc8cea139998b53a8996 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2db98f9c66135601efb103d8db7d020a672308db http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=99f13091a3f309bdc95d275ea9fec10bb9f42d9a http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=59d8f4deef90c1598ff50616519d5576756b4495 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2768d1a6dddb83f5c061207a7ed2813999c1b5c9 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=49c8092da88ef6bb0aa281fe294ae0925a44b5b9 http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2ff600a3c4fc169e7c6c1e83874a6bf63a6fb42b (From OE-Core rev: af397d31e467d6af00ef835537221bc211d94ca6) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-02-25 22:27:38 +00:00
Hongxu Jia	19627f0f0f	ghostscript: 9.25 -> 9.26 - Drop backported CVE fixes 000[1-8]*.patch (From OE-Core rev: f30bd6bf01dbf81f0872382be44d507fb981f953) (From OE-Core rev: c62b64e771eb27089738a153ee61d34cdf6441ab) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-01-08 20:14:43 +00:00

Author

SHA1

Message

Date

Ovidiu Panait

e6058824bb

ghostscript: Fix 3 CVEs

It was discovered that the ghostscript /invalidaccess checks fail under
certain conditions. An attacker could possibly exploit this to bypass
the -dSAFER protection and, for example, execute arbitrary shell commands
via a specially crafted PostScript document.

It was found that the superexec operator was available in the internal
dictionary in ghostscript before 9.27. A specially crafted PostScript
file could use this flaw in order to, for example, have access to the
file system outside of the constrains imposed by -dSAFER.

It was found that the forceput operator could be extracted from the
DefineResource method in ghostscript before 9.27. A specially crafted
PostScript file could use this flaw in order to, for example, have
access to the file system outside of the constrains imposed by -dSAFER.

References:
https://nvd.nist.gov/vuln/detail/CVE-2019-6116
https://www.openwall.com/lists/oss-security/2019/01/23/5
https://nvd.nist.gov/vuln/detail/CVE-2019-3835
https://nvd.nist.gov/vuln/detail/CVE-2019-3838

Upstream patches:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=13b0a36
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2db98f9
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=99f1309
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=59d8f4d
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2768d1a
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=49c8092
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2ff600a
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=779664d
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=e8acf6d
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2055917
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d683d1e
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ed9fcd9
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a82601e

(From OE-Core rev: 12e140dfdac8456772223c816e37bd869419bb18)

(From OE-Core rev: cf5d29dcac6247e8476f7af78b4e0bb129b94677)

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[Fix for CVE-2019-6116 is already in thud, so that has been removed]
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2019-07-29 23:50:43 +01:00

Ovidiu Panait

7756de368d

ghostscript: Fix CVE-2019-6116

It was discovered that the ghostscript /invalidaccess checks fail under
certain conditions. An attacker could possibly exploit this to bypass
the -dSAFER protection and, for example, execute arbitrary shell commands
via a specially crafted PostScript document.

Reference:
https://www.openwall.com/lists/oss-security/2019/01/23/5

Upstream patches:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=13b0a36f8181db66a91bcc8cea139998b53a8996
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2db98f9c66135601efb103d8db7d020a672308db
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=99f13091a3f309bdc95d275ea9fec10bb9f42d9a
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=59d8f4deef90c1598ff50616519d5576756b4495
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2768d1a6dddb83f5c061207a7ed2813999c1b5c9
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=49c8092da88ef6bb0aa281fe294ae0925a44b5b9
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2ff600a3c4fc169e7c6c1e83874a6bf63a6fb42b

(From OE-Core rev: af397d31e467d6af00ef835537221bc211d94ca6)

Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2019-02-25 22:27:38 +00:00

Hongxu Jia

19627f0f0f

ghostscript: 9.25 -> 9.26

- Drop backported CVE fixes
  000[1-8]*.patch

(From OE-Core rev: f30bd6bf01dbf81f0872382be44d507fb981f953)

(From OE-Core rev: c62b64e771eb27089738a153ee61d34cdf6441ab)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2019-01-08 20:14:43 +00:00

3 Commits