Index: trunk/server/fedora/Makefile =================================================================== --- trunk/server/fedora/Makefile (revision 1586) +++ trunk/server/fedora/Makefile (revision 1587) @@ -19,5 +19,5 @@ # See /COPYRIGHT in this repository for more information. -upstream_yum = krb5 krb5.i586 httpd openssh shadow-utils libpng +upstream_yum = krb5 krb5.i586 httpd openssh shadow-utils libpng ghostscript upstream = openafs $(upstream_yum) moira cluster-glue heartbeat pacemaker oursrc = execsys tokensys accountadm httpdmods logview sql-signup nss_nonlocal nss_nonlocal.i586 whoisd mit-zephyr athrun php_scripts scripts-wizard scripts-base Index: trunk/server/fedora/specs/ghostscript.spec.patch =================================================================== --- trunk/server/fedora/specs/ghostscript.spec.patch (revision 1587) +++ trunk/server/fedora/specs/ghostscript.spec.patch (revision 1587) @@ -0,0 +1,44 @@ +--- ghostscript.spec 2010-07-16 01:35:28.000000000 -0400 ++++ ghostscript.spec 2010-07-16 01:55:49.000000000 -0400 +@@ -5,7 +5,7 @@ + Name: ghostscript + Version: %{gs_ver} + +-Release: 6%{?dist} ++Release: 6.scripts%{scriptsversion}%{?dist} + + # Included CMap data is Redistributable, no modification permitted, + # see http://bugzilla.redhat.com/487510 +@@ -35,6 +35,8 @@ + Patch17: ghostscript-tiff-default-strip-size.patch + Patch18: ghostscript-tiff-fixes.patch + ++Patch100: ghostscript-CVE-2010-1628.patch ++ + Requires: urw-fonts >= 1.1, ghostscript-fonts + BuildRequires: xz + BuildRequires: libjpeg-devel, libXt-devel +@@ -151,6 +153,9 @@ + # Backported some more TIFF fixes (bug #573970). + %patch18 -p1 -b .tiff-fixes + ++# Avoid an exploitable overflow (scripts.mit.edu local patch). ++%patch100 -p1 -b .CVE-2010-1628 ++ + # Convert manual pages to UTF-8 + from8859_1() { + iconv -f iso-8859-1 -t utf-8 < "$1" > "${1}_" +@@ -332,6 +337,13 @@ + %{_libdir}/libgs.so + + %changelog ++* Fri Jul 16 2010 Geoffrey Thomas 8.71-6.scripts ++- Include the patch ++ http://bugs.ghostscript.com/attachment.cgi?id=6350 ++ to fix CVE-2010-1628 (potential arbitrary code execution via ++ an overflow), from the upstream bug report: ++ http://bugs.ghostscript.com/show_bug.cgi?id=691295 ++ + * Tue Mar 16 2010 Tim Waugh 8.71-6 + - Backported some more TIFF fixes (bug #573970). + - Use upstream fix for TIFF default strip size (bug #571520).