MIRRORS/poky
1
0
Fork 0
mirror of git://git.yoctoproject.org/poky.git synced 2025-07-19 12:59:02 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

ghostscript: Fix CVE-2025-27835

Browse Source 
Upstream-Status: Backport
[https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=de900010a6f2310d1fd54e99eeba466693da0e13]

(From OE-Core rev: c30c46c2b4048dd58cf91b1523ddeca6075176ec)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Vijay Anusuri 2025-04-08 16:27:20 +05:30 committed by Steve Sakoman
parent ee952ae624
commit 21f4513cd1
2 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
meta/recipes-extended/ghostscript/ghostscript/CVE-2025-27835.patch Normal file
View File

@ -0,0 +1,34 @@
From de900010a6f2310d1fd54e99eeba466693da0e13 Mon Sep 17 00:00:00 2001
From: Zdenek Hutyra <zhutyra@centrum.cz>
Date: Wed, 20 Nov 2024 11:27:52 +0000
Subject: Bug 708131: Fix confusion between bytes and shorts
We were copying data from a string in multiple of shorts, rather than multiple
of bytes, leading to both an read (probably benign, given the memory manager)
and write buffer overflow.
CVE-2025-27835
Upstream-Status: Backport [https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=de900010a6f2310d1fd54e99eeba466693da0e13]
CVE: CVE-2025-27835
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
psi/zbfont.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/psi/zbfont.c b/psi/zbfont.c
index acffb39ef..5850ab54d 100644
--- a/psi/zbfont.c
+++ b/psi/zbfont.c
@@ -253,7 +253,7 @@ gs_font_map_glyph_to_unicode(gs_font *font, gs_glyph glyph, int ch, ushort *u, u
if (l > length)
return l;
- memcpy(unicode_return, v->value.const_bytes, l * sizeof(short));
+ memcpy(unicode_return, v->value.const_bytes, l);
return l;
}
if (r_type(v) == t_integer) {
--
cgit v1.2.3

1
meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
View File

@ -67,6 +67,7 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d
file://CVE-2025-27831.patch \
file://CVE-2025-27832.patch \
file://CVE-2025-27834.patch \
file://CVE-2025-27835.patch \
"
SRC_URI = "${SRC_URI_BASE} \