Download raw body.
[SECURITY] print/ghostscript/gnu 10.04.0
OK for main and stable post the relevant unlocks.
(Note that -stable unlocks _after_ the main tree is open).
On 2024/09/23 18:35, Volker Schlecht wrote:
> Here's the fixed diff.
>
> On 2024-09-23 11:31, Stuart Henderson wrote:
> > Patches need regenerating.
> >
> > What's the reason for the bump? I don't see new functions in the
> > libraries (but haven't ooked for struct changes). Library bumps in
> > -stable are problematic.
> >
> > On 2024/09/23 00:32, Volker Schlecht wrote:
> > > Fixes
> > >
> > > CVE-2024-46951
> > > CVE-2024-46952
> > > CVE-2024-46953
> > > CVE-2024-46954
> > > CVE-2024-46955
> > > CVE-2024-46956
> > >
> > > Looking for OKs to commit once the tree is unlocked, both to -current and
> > > 7.6-stable.
>
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/print/ghostscript/gnu/Makefile,v
> diff -u -p -r1.134 Makefile
> --- Makefile 1 Aug 2024 11:34:27 -0000 1.134
> +++ Makefile 23 Sep 2024 11:49:36 -0000
> @@ -1,13 +1,12 @@
> COMMENT = PostScript and PDF interpreter
>
> -VERSION = 10.03.1
> +VERSION = 10.04.0
> DISTNAME = ghostpdl-${VERSION}
> PKGNAME = ghostscript-${VERSION}
> EXTRACT_SUFX = .tar.xz
> CATEGORIES = lang print
> SHARED_LIBS = gs 18.2
> SHARED_LIBS += gpcl6 18.2
> -REVISION = 2
>
> SITES = https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${VERSION:S/.//g}/
>
> @@ -105,6 +104,7 @@ pre-configure:
> rm -rf ${WRKSRC}/zlib
>
> post-install:
> + rm -f ${PREFIX}/lib/libgpcl6.so{,.${LIBgpcl6_VERSION:R}}
> rm -f ${PREFIX}/lib/libgs.so{,.${LIBgs_VERSION:R}}
> .if !${FLAVOR:Mgtk}
> rm -f ${PREFIX}/bin/gsx
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/print/ghostscript/gnu/distinfo,v
> diff -u -p -r1.27 distinfo
> --- distinfo 28 Jul 2024 07:59:55 -0000 1.27
> +++ distinfo 23 Sep 2024 11:49:36 -0000
> @@ -1,2 +1,2 @@
> -SHA256 (ghostpdl-10.03.1.tar.xz) = Be7kUmj2uyxhifmkBoXEYIygiUQ6k/KvX1GU2D3DaNs=
> -SIZE (ghostpdl-10.03.1.tar.xz) = 73553744
> +SHA256 (ghostpdl-10.04.0.tar.xz) = BgP1YpvG9We0VJEdEEzZZwJInJ5w5Xd4eEP0gLI9Snc=
> +SIZE (ghostpdl-10.04.0.tar.xz) = 73576724
> Index: patches/patch-configure
> ===================================================================
> RCS file: /cvs/ports/print/ghostscript/gnu/patches/patch-configure,v
> diff -u -p -r1.8 patch-configure
> --- patches/patch-configure 8 Mar 2024 12:19:02 -0000 1.8
> +++ patches/patch-configure 23 Sep 2024 11:49:36 -0000
> @@ -1,7 +1,7 @@
> Index: configure
> --- configure.orig
> +++ configure
> -@@ -13158,8 +13158,8 @@ DLL_EXT=""
> +@@ -13210,8 +13210,8 @@ DLL_EXT=""
> SO_LIB_VERSION_SEPARATOR="."
>
> libname1="_SO_BASE)\$(GS_SOEXT)\$(DLL_EXT)"
> @@ -12,7 +12,7 @@ Index: configure
> GS_SONAME="lib\$(GS${libname1}"
> GS_SONAME_MAJOR="lib\$(GS${libname2}"
> GS_SONAME_MAJOR_MINOR="lib\$(GS${libname3}"
> -@@ -13271,11 +13271,11 @@ case $host in
> +@@ -13323,11 +13323,11 @@ case $host in
> ;;
> *bsd*)
> DYNAMIC_CFLAGS="-fPIC $DYNAMIC_CFLAGS"
> Index: pkg/PLIST
> ===================================================================
> RCS file: /cvs/ports/print/ghostscript/gnu/pkg/PLIST,v
> diff -u -p -r1.39 PLIST
> --- pkg/PLIST 1 Aug 2024 11:34:27 -0000 1.39
> +++ pkg/PLIST 23 Sep 2024 11:49:36 -0000
> @@ -34,8 +34,6 @@ include/ghostscript/gserrors.h
> include/ghostscript/iapi.h
> include/ghostscript/ierrors.h
> include/ghostscript/plapi.h
> -@comment @so lib/libgpcl6.so
> -@comment lib/libgpcl6.so.18
> @lib lib/libgpcl6.so.${LIBgpcl6_VERSION}
> @lib lib/libgs.so.${LIBgs_VERSION}
> @man man/man1/dvipdf.1
[SECURITY] print/ghostscript/gnu 10.04.0