mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-28 07:12:30 -05:00
99406d9b68
* gnu/packages/patches/ghostscript-CVE-2019-14869.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/ghostscript.scm (ghostscript)[source](patches): Add it.
48 lines
1.7 KiB
Diff
48 lines
1.7 KiB
Diff
Fix CVE-2019-14869:
|
|
|
|
https://nvd.nist.gov/vuln/detail/CVE-2019-14869
|
|
|
|
Patch taken from upstream:
|
|
|
|
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=485904772c5f0aa1140032746e5a0abfc40f4cef
|
|
|
|
diff --git a/Resource/Init/gs_ttf.ps b/Resource/Init/gs_ttf.ps
|
|
index 74043d1..6be8fe9 100644
|
|
--- a/Resource/Init/gs_ttf.ps
|
|
+++ b/Resource/Init/gs_ttf.ps
|
|
@@ -1304,7 +1304,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef
|
|
TTFDEBUG { (\n1 setting alias: ) print dup ==only
|
|
( to be the same as ) print 2 index //== exec } if
|
|
|
|
- 7 index 2 index 3 -1 roll exch .forceput
|
|
+ 7 index 2 index 3 -1 roll exch put
|
|
} forall
|
|
pop pop pop
|
|
}
|
|
@@ -1322,7 +1322,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef
|
|
exch pop
|
|
TTFDEBUG { (\n2 setting alias: ) print 1 index ==only
|
|
( to use glyph index: ) print dup //== exec } if
|
|
- 5 index 3 1 roll .forceput
|
|
+ 5 index 3 1 roll put
|
|
//false
|
|
}
|
|
{
|
|
@@ -1339,7 +1339,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef
|
|
{ % CharStrings(dict) isunicode(boolean) cmap(dict) RAGL(dict) gname(name) codep(integer) gindex(integer)
|
|
TTFDEBUG { (\3 nsetting alias: ) print 1 index ==only
|
|
( to be index: ) print dup //== exec } if
|
|
- exch pop 5 index 3 1 roll .forceput
|
|
+ exch pop 5 index 3 1 roll put
|
|
}
|
|
{
|
|
pop pop
|
|
@@ -1369,7 +1369,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef
|
|
} ifelse
|
|
]
|
|
TTFDEBUG { (Encoding: ) print dup === flush } if
|
|
-} .bind executeonly odef % hides .forceput
|
|
+} .bind odef
|
|
|
|
% ---------------- CIDFontType 2 font loading ---------------- %
|
|
|