From: Anuj Mittal <anuj.mittal@intel.com>
Date: Wed, 27 Nov 2019 00:53:24 +0000 (+0800)
Subject: ghostscript: fix for CVE-2019-14811 is same as CVE-2019-14813
X-Git-Tag: 2019-10.2-zeus~104
X-Git-Url: https://code.ossystems.io/gitweb?a=commitdiff_plain;h=85ae609d789763f9a6400dc603b675cb57bd7654;p=openembedded-core.git

ghostscript: fix for CVE-2019-14811 is same as CVE-2019-14813

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14813
https://www.openwall.com/lists/oss-security/2019/08/28/2

(From OE-Core rev: afef29326b4332fc87c53a5d9d43288cddcdd944)

Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---

diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch
index 3f28555e8a..d4ef0996ec 100644
--- a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch
+++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch
@@ -12,6 +12,7 @@ handler being used, but nevertheless, prevent access to .forceput from
 .setuserparams2.
 
 CVE: CVE-2019-14811
+CVE: CVE-2019-14813
 Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git]
 
 Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>