ghostscript: fix for CVE-2019-14811 is same as CVE-2019-14813

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14813
https://www.openwall.com/lists/oss-security/2019/08/28/2

(From OE-Core rev: afef29326b4332fc87c53a5d9d43288cddcdd944)

Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>

diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch
index 3f28555e8af1cfb63f8b3ebfb4611e85a8edd69d..d4ef0996ecf2ad867330d382fe2dae3866e84e16 100644 (file)
--- a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch
+++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch
@@ -12,6 +12,7 @@ handler being used, but nevertheless, prevent access to .forceput from
 .setuserparams2.
 
 CVE: CVE-2019-14811
+CVE: CVE-2019-14813
 Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git]
 
 Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>