diff --git a/backport-CVE-2024-46951.patch b/backport-CVE-2024-46951.patch new file mode 100644 index 0000000000000000000000000000000000000000..93fb232b57d7a28b32bbd048dba4a70b8d2c5e93 --- /dev/null +++ b/backport-CVE-2024-46951.patch @@ -0,0 +1,31 @@ +From ada21374f0c90cc3acf7ce0e96302394560c7aee Mon Sep 17 00:00:00 2001 +From: Zdenek Hutyra +Date: Fri, 30 Aug 2024 13:16:39 +0100 +Subject: [PATCH] PS interpreter - check the type of the Pattern Implementation + +Bug #707991 + +See bug report for details. + +CVE-2024-46951 +--- + psi/zcolor.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/psi/zcolor.c b/psi/zcolor.c +index d4e7a4438..d3384d75d 100644 +--- a/psi/zcolor.c ++++ b/psi/zcolor.c +@@ -5276,6 +5276,9 @@ static int patterncomponent(i_ctx_t * i_ctx_p, ref *space, int *n) + code = array_get(imemory, pImpl, 0, &pPatInst); + if (code < 0) + return code; ++ ++ if (!r_is_struct(&pPatInst) || (!r_has_stype(&pPatInst, imemory, st_pattern1_instance) && !r_has_stype(&pPatInst, imemory, st_pattern2_instance))) ++ return_error(gs_error_typecheck); + cc.pattern = r_ptr(&pPatInst, gs_pattern_instance_t); + if (pattern_instance_uses_base_space(cc.pattern)) + *n = n_comps; +-- +2.34.1 + diff --git a/ghostscript.spec b/ghostscript.spec index 5317a9b9f058509354f3deed3f95d1b87b242e14..30fd2cd6b7ec253c68d046e138a58addfd67e20b 100644 --- a/ghostscript.spec +++ b/ghostscript.spec @@ -9,7 +9,7 @@ Name: ghostscript Version: 9.52 -Release: 19 +Release: 20 Summary: An interpreter for PostScript and PDF files License: AGPLv3+ URL: https://ghostscript.com/ @@ -63,6 +63,7 @@ Patch44: fix-CVE-2024-33871.patch Patch45: backport-CVE-2024-46953.patch Patch46: backport-CVE-2024-46956.patch Patch47: backport-CVE-2024-46955.patch +Patch48: backport-CVE-2024-46951.patch BuildRequires: automake gcc BuildRequires: adobe-mappings-cmap-devel adobe-mappings-pdf-devel @@ -223,6 +224,12 @@ install -m 0755 -d %{buildroot}%{_datadir}/%{name}/conf.d/ %{_bindir}/dvipdf %changelog +* Fri Nov 01 2024 liningjie - 9.52-20 +- Type:CVE +- ID:NA +- SUG:NA +- DECS: Fix CVE-2024-46951 + * Wed Oct 30 2024 liningjie - 9.52-19 - Type:CVE - ID:NA