code.ossystems Code Review - openembedded-core.git/commit

ghostscript: CVE-2019-14811, CVE-2019-14817

A flaw was found in, ghostscript versions prior to 9.28,
in the .pdf_hook_DSC_Creator procedure where it did not
properly secure its privileged calls, enabling scripts to
bypass `-dSAFER` restrictions. A specially crafted PostScript
file could disable security protection and then have access
to the file system, or execute arbitrary commands.

A flaw was found in, ghostscript versions prior to 9.28,
in the .pdfexectoken and other procedures where it did not
properly secure its privileged calls, enabling scripts to
bypass `-dSAFER` restrictions. A specially crafted PostScript
file could disable security protection and then have access
to the file system, or execute arbitrary commands.

References:
https://nvd.nist.gov/vuln/detail/CVE-2019-14811
https://nvd.nist.gov/vuln/detail/CVE-2019-14817

Upstream patches:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=cd1b1cacadac2479e291efe611979bdc1b3bdb19

Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>

author	Stefan Ghinea <stefan.ghinea@windriver.com>
	Tue, 10 Sep 2019 06:34:12 +0000 (09:34 +0300)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Sun, 15 Sep 2019 16:49:48 +0000 (17:49 +0100)
commit	1533b92848ea73d6fe6ba22d87d7b6749b47842c
tree	92387a3375dee6a929a8280b1f7013834f37910e	tree \| snapshot
parent	a870ce9261fffc2e4772e55bd2e727aa27172846	commit \| diff

meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch	[new file with mode: 0644]	blob
meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14817-0001.patch	[new file with mode: 0644]	blob
meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14817-0002.patch	[new file with mode: 0644]	blob
meta/recipes-extended/ghostscript/ghostscript_9.27.bb		diff \| blob \| history