[arch-commits] Commit in ghostscript/trunk (CVE-2019-14869.patch)

Thu Mar 12 18:45:40 UTC 2020

Date: Thursday, March 12, 2020 @ 18:45:40
  Author: andyrtr
Revision: 377417

upgpkg: ghostscript 9.51-1: upstream update 9.51

Deleted:
  ghostscript/trunk/CVE-2019-14869.patch

----------------------+
 CVE-2019-14869.patch |   66 -------------------------------------------------
 1 file changed, 66 deletions(-)

Deleted: CVE-2019-14869.patch
===================================================================

--- CVE-2019-14869.patch	2020-03-12 18:41:12 UTC (rev 377416)
+++ CVE-2019-14869.patch	2020-03-12 18:45:40 UTC (rev 377417)
@@ -1,66 +0,0 @@
-From 485904772c5f0aa1140032746e5a0abfc40f4cef Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell at artifex.com>
-Date: Tue, 5 Nov 2019 09:45:27 +0000
-Subject: [PATCH] Bug 701841: remove .forceput from /.charkeys
-
-When loading Type 1 or Truetype fonts from disk, we attempt to extend the glyph
-name table to include all identifiable glyph names from the Adobe Glyph List.
-
-In the case of Type 1 fonts, the font itself (almost always) marks the
-CharStrings dictionary as read-only, hence we have to use .forceput for that
-case.
-
-But for Truetype fonts, the CharStrings dictionary is created internally and is
-not read-only until *after* we have fully populated it (including the extended
-glyph names from the AGL), hence there is no need for .forceput, and no need to
-carry the security risk of using it.
-
-Replace with regular put.
----
- Resource/Init/gs_ttf.ps | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/Resource/Init/gs_ttf.ps b/Resource/Init/gs_ttf.ps
-index 74043d1..6be8fe9 100644
---- a/Resource/Init/gs_ttf.ps
-+++ b/Resource/Init/gs_ttf.ps
-@@ -1304,7 +1304,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef
-           TTFDEBUG { (\n1 setting alias: ) print dup ==only
-                 ( to be the same as  ) print 2 index //== exec } if
- 
--          7 index 2 index 3 -1 roll exch .forceput
-+          7 index 2 index 3 -1 roll exch put
-         } forall
-         pop pop pop
-       }
-@@ -1322,7 +1322,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef
-           exch pop
-           TTFDEBUG { (\n2 setting alias: ) print 1 index ==only
-                      ( to use glyph index: ) print dup //== exec } if
--          5 index 3 1 roll .forceput
-+          5 index 3 1 roll put
-           //false
-         }
-         {
-@@ -1339,7 +1339,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef
-         {                            %  CharStrings(dict) isunicode(boolean) cmap(dict) RAGL(dict) gname(name) codep(integer) gindex(integer)
-           TTFDEBUG { (\3 nsetting alias: ) print 1 index ==only
-                 ( to be index: ) print dup //== exec } if
--          exch pop 5 index 3 1 roll .forceput
-+          exch pop 5 index 3 1 roll put
-         }
-         {
-           pop pop
-@@ -1369,7 +1369,7 @@ currentdict /.pickcmap_with_no_xlatmap .undef
-       } ifelse
-     ]
-   TTFDEBUG { (Encoding: ) print dup === flush } if
--} .bind executeonly odef		% hides .forceput
-+} .bind odef
- 
- % ---------------- CIDFontType 2 font loading ---------------- %
- 
--- 
-2.9.1
-
-

