NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2462bf1ba5
kumquat-buildroot/package/ghostscript/ghostscript.hash

6 lines
369 B
Plaintext
Raw Normal View History

package/ghostscript: security bump to version 9.53.0 - Use tar.gz as SHA512SUMS does not contain the hash for tar.xz - Fix CVE-2020-15900: A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32_t. https://www.ghostscript.com/doc/9.53.0/News.htm Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-09-12 18:59:07 +02:00
# From https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs9530/SHA512SUMS
sha512 fe73842339bee7aa6d0f177be7733b97b9394dafe69b122645c9c80de763214ffb6735b961ff5bf97146b29c2d0e9b4b9cfaee60baf77a1c280bcf651d789982 ghostscript-9.53.0.tar.gz
ghostscript: bump to version 9.23 - Remove sha256 (not provided anymore) and keep only sha512 - Update patch - Add hash for license file Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-03 13:33:47 +02:00
# Hash for license file:
package/ghostscript: security bump to version 9.52 Fix a bunch of CVEs: CVE-2020-16287, CVE-2020-16288, CVE-2020-16289, CVE-2020-16290, CVE-2020-16291, CVE-2020-16292, CVE-2020-16293, CVE-2020-16294, CVE-2020-16295, CVE-2020-16296, CVE-2020-16297, CVE-2020-16298, CVE-2020-16299, CVE-2020-16300, CVE-2020-16301, CVE-2020-16302, CVE-2020-16303, CVE-2020-16304, CVE-2020-16305 CVE-2020-16308, CVE-2020-16309, CVE-2020-17538 PKGCONFIG must be passed since version 9.51 and https://github.com/ArtifexSoftware/ghostpdl/commit/2d84ecc57837785b566ebd9d5909ba9edc9d697f Also drop patch (already in version) and update indentation in hash file (two spaces) Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-17 20:51:09 +02:00
sha256 6f852249f975287b3efd43a5883875e47fa9f3125e2f1b18b5c09517ac30ecf2 LICENSE
Reference in New Issue Copy Permalink