Monday, September 23, 2024

Re: [SECURITY] print/ghostscript/gnu 10.04.0

Patches need regenerating.

What's the reason for the bump? I don't see new functions in the
libraries (but haven't ooked for struct changes). Library bumps in
-stable are problematic.

On 2024/09/23 00:32, Volker Schlecht wrote:
> Fixes
>
> CVE-2024-46951
> CVE-2024-46952
> CVE-2024-46953
> CVE-2024-46954
> CVE-2024-46955
> CVE-2024-46956
>
> Looking for OKs to commit once the tree is unlocked, both to -current and
> 7.6-stable.

> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/print/ghostscript/gnu/Makefile,v
> diff -u -p -r1.134 Makefile
> --- Makefile 1 Aug 2024 11:34:27 -0000 1.134
> +++ Makefile 22 Sep 2024 21:56:12 -0000
> @@ -1,13 +1,12 @@
> COMMENT = PostScript and PDF interpreter
>
> -VERSION = 10.03.1
> +VERSION = 10.04.0
> DISTNAME = ghostpdl-${VERSION}
> PKGNAME = ghostscript-${VERSION}
> EXTRACT_SUFX = .tar.xz
> CATEGORIES = lang print
> -SHARED_LIBS = gs 18.2
> -SHARED_LIBS += gpcl6 18.2
> -REVISION = 2
> +SHARED_LIBS = gs 18.3
> +SHARED_LIBS += gpcl6 18.3
>
> SITES = https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${VERSION:S/.//g}/
>
> @@ -105,6 +104,7 @@ pre-configure:
> rm -rf ${WRKSRC}/zlib
>
> post-install:
> + rm -f ${PREFIX}/lib/libgpcl6.so{,.${LIBgs_VERSION:R}}
> rm -f ${PREFIX}/lib/libgs.so{,.${LIBgs_VERSION:R}}
> .if !${FLAVOR:Mgtk}
> rm -f ${PREFIX}/bin/gsx
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/print/ghostscript/gnu/distinfo,v
> diff -u -p -r1.27 distinfo
> --- distinfo 28 Jul 2024 07:59:55 -0000 1.27
> +++ distinfo 22 Sep 2024 21:56:12 -0000
> @@ -1,2 +1,2 @@
> -SHA256 (ghostpdl-10.03.1.tar.xz) = Be7kUmj2uyxhifmkBoXEYIygiUQ6k/KvX1GU2D3DaNs=
> -SIZE (ghostpdl-10.03.1.tar.xz) = 73553744
> +SHA256 (ghostpdl-10.04.0.tar.xz) = BgP1YpvG9We0VJEdEEzZZwJInJ5w5Xd4eEP0gLI9Snc=
> +SIZE (ghostpdl-10.04.0.tar.xz) = 73576724
> Index: pkg/PLIST
> ===================================================================
> RCS file: /cvs/ports/print/ghostscript/gnu/pkg/PLIST,v
> diff -u -p -r1.39 PLIST
> --- pkg/PLIST 1 Aug 2024 11:34:27 -0000 1.39
> +++ pkg/PLIST 22 Sep 2024 21:56:12 -0000
> @@ -34,8 +34,6 @@ include/ghostscript/gserrors.h
> include/ghostscript/iapi.h
> include/ghostscript/ierrors.h
> include/ghostscript/plapi.h
> -@comment @so lib/libgpcl6.so
> -@comment lib/libgpcl6.so.18
> @lib lib/libgpcl6.so.${LIBgpcl6_VERSION}
> @lib lib/libgs.so.${LIBgs_VERSION}
> @man man/man1/dvipdf.1

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)