diff options
-rw-r--r-- | gnu/local.mk | 1 | ||||
-rw-r--r-- | gnu/packages/ghostscript.scm | 39 | ||||
-rw-r--r-- | gnu/packages/patches/ghostscript-CVE-2019-14869.patch | 48 | ||||
-rw-r--r-- | gnu/packages/patches/ghostscript-no-header-uuid.patch | 12 |
4 files changed, 34 insertions, 66 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index d5271067d6..ebb6b859b3 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -930,7 +930,6 @@ dist_patch_DATA = \ %D%/packages/patches/ghc-monad-par-fix-tests.patch \ %D%/packages/patches/ghc-pandoc-fix-html-tests.patch \ %D%/packages/patches/ghc-pandoc-fix-latex-test.patch \ - %D%/packages/patches/ghostscript-CVE-2019-14869.patch \ %D%/packages/patches/ghostscript-no-header-id.patch \ %D%/packages/patches/ghostscript-no-header-uuid.patch \ %D%/packages/patches/ghostscript-no-header-creationdate.patch \ diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm index 3cd1e4af8d..ae689925e1 100644 --- a/gnu/packages/ghostscript.scm +++ b/gnu/packages/ghostscript.scm @@ -7,7 +7,7 @@ ;;; Copyright © 2017, 2018, 2019 Efraim Flashner <efraim@flashner.co.il> ;;; Copyright © 2017 Leo Famulari <leo@famulari.name> ;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr> -;;; Copyright © 2018 Marius Bakke <mbakke@fastmail.com> +;;; Copyright © 2018, 2020 Marius Bakke <mbakke@fastmail.com> ;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com> ;;; ;;; This file is part of GNU Guix. @@ -159,7 +159,7 @@ printing, and psresize, for adjusting page sizes.") (define-public ghostscript (package (name "ghostscript") - (version "9.50") + (version "9.51") (source (origin (method url-fetch) @@ -169,9 +169,8 @@ printing, and psresize, for adjusting page sizes.") "/ghostscript-" version ".tar.xz")) (sha256 (base32 - "1m770dwc82afdgzgq2kar3120r1lbybm3mssdm79f8kggf0v16yv")) - (patches (search-patches "ghostscript-CVE-2019-14869.patch" - "ghostscript-no-header-creationdate.patch" + "0wdpcq9lq19v8an8xs28cgg7vfzb23f1j12m9p2wdnwa1vwk64by")) + (patches (search-patches "ghostscript-no-header-creationdate.patch" "ghostscript-no-header-id.patch" "ghostscript-no-header-uuid.patch")) (modules '((guix build utils))) @@ -234,10 +233,6 @@ printing, and psresize, for adjusting page sizes.") (substitute* "base/gscdef.c" (("GS_DOCDIR") "\"~/.guix-profile/share/doc/ghostscript\"")) - ;; The docdir default changed in 9.23 and a compatibility - ;; symlink was added from datadir->docdir. Remove it. - (substitute* "base/unixinst.mak" - (("ln -s \\$\\(DESTDIR\\)\\$\\(docdir\\).*") "")) #t)) (add-after 'configure 'patch-config-files (lambda _ @@ -245,7 +240,31 @@ printing, and psresize, for adjusting page sizes.") (("/bin/sh") (which "sh"))) #t)) ,@(if (%current-target-system) - `((add-after 'configure 'add-native-lz + `((add-after 'unpack 'define-ARCH_MAX_SIZE_T + (lambda _ + ;; XXX: arch_autoconf.h is missing the recent addition of + ;; ARCH_MAX_SIZE_T. Just add it here based on the definition + ;; in "base/genarch.c". This can likely be removed for + ;; Ghostscript > 9.51. + (substitute* "arch/arch_autoconf.h.in" + (("#define ARCH_MAX_ULONG.*" all) + (string-append all "\n" + "#define ARCH_MAX_SIZE_T " + "((size_t)~0L + (size_t)0)\n"))) + #t)) + (add-before 'configure 'do-not-fail-without-native-freetype + (lambda _ + ;; The configure script recurses to build the native tools. + ;; They are built with --disable-freetype, which was made a + ;; hard error in 9.51, causing a build failure because a + ;; native freetype is not detected. Just ignore the check + ;; because it's not needed for these auxiliary tools. + (substitute* "configure" + (("as_fn_error \\$\\? \"(No usable Freetype.*found)\".*" all msg) + (string-append "$as_echo \"$as_me:${as_lineno-$LINENO}: " + "WARNING: " msg "\"\n"))) + #t)) + (add-after 'configure 'add-native-lz (lambda _ ;; Add missing '-lz' for native tools such as 'mkromfs'. (substitute* "Makefile" diff --git a/gnu/packages/patches/ghostscript-CVE-2019-14869.patch b/gnu/packages/patches/ghostscript-CVE-2019-14869.patch deleted file mode 100644 index d80fba0594..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2019-14869.patch +++ /dev/null @@ -1,48 +0,0 @@ -Fix CVE-2019-14869: - -https://nvd.nist.gov/vuln/detail/CVE-2019-14869 - -Patch taken from upstream: - -https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=485904772c5f0aa1140032746e5a0abfc40f4cef - -diff --git a/Resource/Init/gs_ttf.ps b/Resource/Init/gs_ttf.ps -index 74043d1..6be8fe9 100644 ---- a/Resource/Init/gs_ttf.ps -+++ b/Resource/Init/gs_ttf.ps -@@ -1304,7 +1304,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef - TTFDEBUG { (\n1 setting alias: ) print dup ==only - ( to be the same as ) print 2 index //== exec } if - -- 7 index 2 index 3 -1 roll exch .forceput -+ 7 index 2 index 3 -1 roll exch put - } forall - pop pop pop - } -@@ -1322,7 +1322,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef - exch pop - TTFDEBUG { (\n2 setting alias: ) print 1 index ==only - ( to use glyph index: ) print dup //== exec } if -- 5 index 3 1 roll .forceput -+ 5 index 3 1 roll put - //false - } - { -@@ -1339,7 +1339,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef - { % CharStrings(dict) isunicode(boolean) cmap(dict) RAGL(dict) gname(name) codep(integer) gindex(integer) - TTFDEBUG { (\3 nsetting alias: ) print 1 index ==only - ( to be index: ) print dup //== exec } if -- exch pop 5 index 3 1 roll .forceput -+ exch pop 5 index 3 1 roll put - } - { - pop pop -@@ -1369,7 +1369,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef - } ifelse - ] - TTFDEBUG { (Encoding: ) print dup === flush } if --} .bind executeonly odef % hides .forceput -+} .bind odef - - % ---------------- CIDFontType 2 font loading ---------------- % - diff --git a/gnu/packages/patches/ghostscript-no-header-uuid.patch b/gnu/packages/patches/ghostscript-no-header-uuid.patch index 473531220c..f4b55764c8 100644 --- a/gnu/packages/patches/ghostscript-no-header-uuid.patch +++ b/gnu/packages/patches/ghostscript-no-header-uuid.patch @@ -11,7 +11,7 @@ See: https://bugs.ghostscript.com/show_bug.cgi?id=698208 diff -ur orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c aa/gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c --- orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c 2017-07-09 23:30:28.960479189 +0200 +++ gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c 2017-07-10 01:04:12.252478276 +0200 -@@ -617,7 +617,7 @@ +@@ -620,7 +620,7 @@ return code; /* PDF/A XMP reference recommends setting UUID to empty. If not empty must be a URI */ @@ -20,13 +20,12 @@ diff -ur orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c aa/gnu-ghostscrip instance_uuid[0] = 0x00; cre_date_time_len = pdf_get_docinfo_item(pdev, "/CreationDate", cre_date_time, sizeof(cre_date_time)); -@@ -719,15 +719,18 @@ +@@ -720,14 +720,17 @@ pdf_xml_tag_close(s, "rdf:Description"); pdf_xml_newline(s); - pdf_xml_tag_open_beg(s, "rdf:Description"); -- pdf_xml_attribute_name(s, "rdf:about"); -- pdf_xml_attribute_value(s, instance_uuid); +- pdf_xml_copy(s, " rdf:about=\"\""); - pdf_xml_attribute_name(s, "xmlns:xapMM"); - pdf_xml_attribute_value(s, "http://ns.adobe.com/xap/1.0/mm/"); - pdf_xml_attribute_name(s, "xapMM:DocumentID"); @@ -36,8 +35,7 @@ diff -ur orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c aa/gnu-ghostscrip + if (!getenv("GS_GENERATE_UUIDS") || (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") != 0 && strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") != 0)) + { + pdf_xml_tag_open_beg(s, "rdf:Description"); -+ pdf_xml_attribute_name(s, "rdf:about"); -+ pdf_xml_attribute_value(s, instance_uuid); ++ pdf_xml_copy(s, " rdf:about=\"\""); + pdf_xml_attribute_name(s, "xmlns:xapMM"); + pdf_xml_attribute_value(s, "http://ns.adobe.com/xap/1.0/mm/"); + pdf_xml_attribute_name(s, "xapMM:DocumentID"); @@ -47,4 +45,4 @@ diff -ur orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c aa/gnu-ghostscrip + } pdf_xml_tag_open_beg(s, "rdf:Description"); - pdf_xml_attribute_name(s, "rdf:about"); + pdf_xml_copy(s, " rdf:about=\"\""); |