summaryrefslogtreecommitdiff
path: root/source/ap/ghostscript/ghostscript.SlackBuild
diff options
context:
space:
mode:
authorPatrick J Volkerding <volkerdi@slackware.com>2019-04-02 20:30:22 +0000
committerEric Hameleers <alien@slackware.com>2019-04-03 08:59:45 +0200
commitcaa5f28b83340fe23012ab27244a288449b26b26 (patch)
tree70102860b8f3df20347f25125b7ea065340cd1d5 /source/ap/ghostscript/ghostscript.SlackBuild
parentdf86158dc598141c63689a86c2f247053e616719 (diff)
downloadcurrent-caa5f28b83340fe23012ab27244a288449b26b26.tar.gz
Tue Apr 2 20:30:22 UTC 201920190402203022
a/hwdata-0.322-noarch-1.txz: Upgraded. a/kernel-firmware-20190402_67b7579-noarch-1.txz: Upgraded. a/shadow-4.6-x86_64-2.txz: Rebuilt. adduser: reprompt on invalid user input. Thanks to ttk. ap/ghostscript-9.26-x86_64-2.txz: Rebuilt. Fixes security issues: A specially crafted PostScript file could have access to the file system outside of the constrains imposed by -dSAFER. Transient procedures can allow access to system operators, leading to remote code execution. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3838 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6116 (* Security fix *) d/vala-0.44.2-x86_64-1.txz: Upgraded. l/glib-networking-2.60.1-x86_64-1.txz: Upgraded. l/imagemagick-6.9.10_36-x86_64-1.txz: Upgraded. l/python-pillow-6.0.0-x86_64-1.txz: Upgraded. n/wget-1.20.2-x86_64-1.txz: Upgraded. Fixed an unspecified buffer overflow vulnerability. (* Security fix *)
Diffstat (limited to 'source/ap/ghostscript/ghostscript.SlackBuild')
-rwxr-xr-xsource/ap/ghostscript/ghostscript.SlackBuild8
1 files changed, 7 insertions, 1 deletions
diff --git a/source/ap/ghostscript/ghostscript.SlackBuild b/source/ap/ghostscript/ghostscript.SlackBuild
index cad33b14..2d15f220 100755
--- a/source/ap/ghostscript/ghostscript.SlackBuild
+++ b/source/ap/ghostscript/ghostscript.SlackBuild
@@ -27,7 +27,7 @@ if [ -r gnu-ghostscript-*.tar.?z ]; then
SRCPREFIX="gnu-"
fi
VERSION=${VERSION:-$(echo $SRCPREFIX$PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
@@ -76,6 +76,12 @@ cd ${SRCPREFIX}${PKGNAM}-$VERSION || exit 1
# Remove unmaintained garbage:
rm -rf freetype jpeg lcms2 libpng libtiff png tiff zlib
+# Security and bugfix patches:
+zcat $CWD/ghostscript-cve-2019-6116.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/ghostscript-subclassing-devices-fix-put_image-method.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/ghostscript-cve-2019-3835.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/ghostscript-cve-2019-3838.patch.gz | patch -p1 --verbose || exit 1
+
# Regenerate ./configure. Needed if patched, or to prevent libtool mismatch.
autoreconf --force --install
( cd jbig2dec ; autoreconf --force --install )