svn commit: r395804 - in branches/2015Q3/print: ghostscript7 ghostscript7/files ghostscript8 ghostscript8/files ghostscript9 ghostscript9-agpl ghostscript9-agpl/files ghostscript9/files
Jason Unovitch
junovitch at FreeBSD.org
Tue Sep 1 23:15:10 UTC 2015
Author: junovitch
Date: Tue Sep 1 23:15:06 2015
New Revision: 395804
URL: https://svnweb.freebsd.org/changeset/ports/395804
Log:
MFH: r395047 (security relevant change only)
- Apply fix for CVE-2015-3228, denial of service via crafted Postscript files.
The security relevant change was applied manually as r395047 split the
Ghostscript ports into separate X11-independent and -dependent parts.
PR: 202781
Security: CVE-2015-3228
Security: fc1f6658-4f53-11e5-934b-002590263bf5
Approved by: ports-secteam (feld), feld,delphij (mentors)
Added:
branches/2015Q3/print/ghostscript7/files/patch-src-gsmalloc.c
- copied unchanged from r395637, head/print/ghostscript7-base/files/patch-src-gsmalloc.c
branches/2015Q3/print/ghostscript8/files/patch-base-gsmalloc.c
- copied unchanged from r395637, head/print/ghostscript8-base/files/patch-base-gsmalloc.c
branches/2015Q3/print/ghostscript9-agpl/files/patch-base-gsmalloc.c
- copied unchanged from r395637, head/print/ghostscript9-agpl-base/files/patch-base-gsmalloc.c
branches/2015Q3/print/ghostscript9/files/patch-base-gsmalloc.c
- copied unchanged from r395637, head/print/ghostscript9-base/files/patch-base-gsmalloc.c
Modified:
branches/2015Q3/print/ghostscript7/Makefile
branches/2015Q3/print/ghostscript8/Makefile
branches/2015Q3/print/ghostscript9-agpl/Makefile
branches/2015Q3/print/ghostscript9/Makefile
Modified: branches/2015Q3/print/ghostscript7/Makefile
==============================================================================
--- branches/2015Q3/print/ghostscript7/Makefile Tue Sep 1 22:49:57 2015 (r395803)
+++ branches/2015Q3/print/ghostscript7/Makefile Tue Sep 1 23:15:06 2015 (r395804)
@@ -3,7 +3,7 @@
PORTNAME= ghostscript
PORTVERSION= 7.07
-PORTREVISION= 31
+PORTREVISION= 32
CATEGORIES= print
MASTER_SITES= SF/ghostscript/gnu-gs/${PORTVERSION}:gs_srcs \
ftp://mirror.cs.wisc.edu/pub/mirrors/ghost/gnu/gs${PORTVERSION:S/.//}/:gs_srcs \
Copied: branches/2015Q3/print/ghostscript7/files/patch-src-gsmalloc.c (from r395637, head/print/ghostscript7-base/files/patch-src-gsmalloc.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2015Q3/print/ghostscript7/files/patch-src-gsmalloc.c Tue Sep 1 23:15:06 2015 (r395804, copy of r395637, head/print/ghostscript7-base/files/patch-src-gsmalloc.c)
@@ -0,0 +1,11 @@
+--- src/gsmalloc.c.orig 2015-07-24 09:55:54.032137000 +0900
++++ src/gsmalloc.c 2015-07-24 09:57:15.070246000 +0900
+@@ -170,7 +170,7 @@
+ } else {
+ uint added = size + sizeof(gs_malloc_block_t);
+
+- if (mmem->limit - added < mmem->used)
++ if (added <= size || mmem->limit - added < mmem->used)
+ set_msg("exceeded limit");
+ else if ((ptr = (byte *) malloc(added)) == 0)
+ set_msg("failed");
Modified: branches/2015Q3/print/ghostscript8/Makefile
==============================================================================
--- branches/2015Q3/print/ghostscript8/Makefile Tue Sep 1 22:49:57 2015 (r395803)
+++ branches/2015Q3/print/ghostscript8/Makefile Tue Sep 1 23:15:06 2015 (r395804)
@@ -3,7 +3,7 @@
PORTNAME= ghostscript
PORTVERSION= 8.71
-PORTREVISION= 18
+PORTREVISION= 19
CATEGORIES= print
MASTER_SITES= http://downloads.ghostscript.com/public/:gs_srcs \
SF/ghostscript/GPL%20Ghostscript/${PORTVERSION}:gs_srcs \
Copied: branches/2015Q3/print/ghostscript8/files/patch-base-gsmalloc.c (from r395637, head/print/ghostscript8-base/files/patch-base-gsmalloc.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2015Q3/print/ghostscript8/files/patch-base-gsmalloc.c Tue Sep 1 23:15:06 2015 (r395804, copy of r395637, head/print/ghostscript8-base/files/patch-base-gsmalloc.c)
@@ -0,0 +1,11 @@
+--- base/gsmalloc.c.orig 2015-07-24 09:52:39.718916000 +0900
++++ base/gsmalloc.c 2015-07-24 09:54:31.761202000 +0900
+@@ -174,7 +174,7 @@
+ } else {
+ uint added = size + sizeof(gs_malloc_block_t);
+
+- if (mmem->limit - added < mmem->used)
++ if (added <= size || mmem->limit - added < mmem->used)
+ set_msg("exceeded limit");
+ else if ((ptr = (byte *) malloc(added)) == 0)
+ set_msg("failed");
Modified: branches/2015Q3/print/ghostscript9-agpl/Makefile
==============================================================================
--- branches/2015Q3/print/ghostscript9-agpl/Makefile Tue Sep 1 22:49:57 2015 (r395803)
+++ branches/2015Q3/print/ghostscript9-agpl/Makefile Tue Sep 1 23:15:06 2015 (r395804)
@@ -2,7 +2,7 @@
PORTNAME= ghostscript
PORTVERSION= 9.15
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= print
MASTER_SITES= http://downloads.ghostscript.com/public/:gs_srcs \
SF/ghostscript/GPL%20Ghostscript/${PORTVERSION}:gs_srcs \
Copied: branches/2015Q3/print/ghostscript9-agpl/files/patch-base-gsmalloc.c (from r395637, head/print/ghostscript9-agpl-base/files/patch-base-gsmalloc.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2015Q3/print/ghostscript9-agpl/files/patch-base-gsmalloc.c Tue Sep 1 23:15:06 2015 (r395804, copy of r395637, head/print/ghostscript9-agpl-base/files/patch-base-gsmalloc.c)
@@ -0,0 +1,11 @@
+--- base/gsmalloc.c.orig 2015-08-22 03:09:16.838614000 +0900
++++ base/gsmalloc.c 2015-08-22 03:09:34.776354000 +0900
+@@ -178,7 +178,7 @@
+ } else {
+ uint added = size + sizeof(gs_malloc_block_t);
+
+- if (mmem->limit - added < mmem->used)
++ if (added <= size || mmem->limit - added < mmem->used)
+ set_msg("exceeded limit");
+ else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0)
+ set_msg("failed");
Modified: branches/2015Q3/print/ghostscript9/Makefile
==============================================================================
--- branches/2015Q3/print/ghostscript9/Makefile Tue Sep 1 22:49:57 2015 (r395803)
+++ branches/2015Q3/print/ghostscript9/Makefile Tue Sep 1 23:15:06 2015 (r395804)
@@ -2,7 +2,7 @@
PORTNAME= ghostscript
PORTVERSION= 9.06
-PORTREVISION= 10
+PORTREVISION= 11
CATEGORIES= print
MASTER_SITES= http://downloads.ghostscript.com/public/:gs_srcs \
SF/ghostscript/GPL%20Ghostscript/${PORTVERSION}:gs_srcs \
Copied: branches/2015Q3/print/ghostscript9/files/patch-base-gsmalloc.c (from r395637, head/print/ghostscript9-base/files/patch-base-gsmalloc.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2015Q3/print/ghostscript9/files/patch-base-gsmalloc.c Tue Sep 1 23:15:06 2015 (r395804, copy of r395637, head/print/ghostscript9-base/files/patch-base-gsmalloc.c)
@@ -0,0 +1,11 @@
+--- base/gsmalloc.c.orig 2015-07-24 09:41:05.295969000 +0900
++++ base/gsmalloc.c 2015-07-24 09:41:15.146305000 +0900
+@@ -178,7 +178,7 @@
+ } else {
+ uint added = size + sizeof(gs_malloc_block_t);
+
+- if (mmem->limit - added < mmem->used)
++ if (added <= size || mmem->limit - added < mmem->used)
+ set_msg("exceeded limit");
+ else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0)
+ set_msg("failed");
More information about the svn-ports-all
mailing list