mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-31 12:49:46 +00:00
Code Issues Projects Releases Wiki Activity

ghostscript: CVE-2016-8602, CVE-2017-7975

Browse Source 
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote
attackers to cause a denial of service (application crash) or possibly execute
arbitrary code via a crafted Postscript document that calls .sethalftone5 with an
empty operand stack.

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because
of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c
during operations on a crafted JBIG2 file, leading to a denial of service (application
crash) or possibly execution of arbitrary code.

References:
https://nvd.nist.gov/vuln/detail/CVE-2016-8602
https://nvd.nist.gov/vuln/detail/CVE-2017-7975

Upstream patches:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=f5c7555c303
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5e57e483298

(From OE-Core rev: 8f919c2df47ca93132f21160d919b6ee2207d9a6)

(From OE-Core rev: 6040b8735b79397bf49a2154f81e9aab34c15413)

Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Catalin Enache
2017-05-08 16:42:59 +03:00
committed by Richard Purdie
parent 829e2027b6
commit 31e9be1981
3 changed files with 85 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-extended/ghostscript/ghostscript_9.20.bb
+2
View File
@@ -35,6 +35,8 @@ SRC_URI = "${SRC_URI_BASE} \
file://CVE-2016-10219.patch \
file://CVE-2016-10220.patch \
file://CVE-2017-5951.patch \
file://CVE-2016-8602.patch \
file://CVE-2017-7975.patch \
"
SRC_URI_class-native = "${SRC_URI_BASE} \