mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-11 11:13:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
94dea33c75f818c1424dc24366a3e3f368a208fe
poky/meta/recipes-extended/ghostscript
History
Peter Marko 73c2187fbc ghostscript: ignore CVE-2024-29507 
Fix for this CVE is [3] (per [1] and [2]).
It fixes cidfsubstfont handling which is not present in 9.55.0 yet.
It was introduced (as cidsubstpath) in 9.56.0 via [4] and later modified
to cidfsubstfont in [5].
Since this recipe has version 9.55.0, mark it as not affected yet.

[1] https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=7745dbe24514710b0cfba925e608e607dee9eb0f
[2] https://nvd.nist.gov/vuln/detail/CVE-2024-29507
[3] https://security-tracker.debian.org/tracker/CVE-2024-29507
[4] https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=82efed6cae8b0f2a3d10593b21083be1e7b1ab23
[5] https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=4422012f6b40f0627d3527dba92f3a1ba30017d3

(From OE-Core rev: 5c9f3c244971aadee65a98d83668e3d5d63825a0)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-05-14 06:38:21 -07:00
..
files
ghostscript: update 9.50 -> 9.52
2020-05-03 15:41:40 +01:00
ghostscript
ghostscript: Fix CVE-2025-27836
2025-04-11 08:36:03 -07:00
ghostscript_9.55.0.bb
ghostscript: ignore CVE-2024-29507
2025-05-14 06:38:21 -07:00