GNU bug report logs -
#28762
[PATCH] gnu: ghostscript: Replace with 9.22 [security fixes].
Previous Next
Reported by: Leo Famulari <leo <at> famulari.name>
Date: Mon, 9 Oct 2017 18:47:01 UTC
Severity: normal
Tags: patch
Done: Leo Famulari <leo <at> famulari.name>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 28762 in the body.
You can then email your comments to 28762 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
guix-patches <at> gnu.org:
bug#28762; Package
guix-patches.
(Mon, 09 Oct 2017 18:47:01 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Leo Famulari <leo <at> famulari.name>:
New bug report received and forwarded. Copy sent to
guix-patches <at> gnu.org.
(Mon, 09 Oct 2017 18:47:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Fixes CVE-2017-{7948,7975,8908,9216,9610,9611,9612,9618,9619,9620,9726,9727,
9739,9740,9835}.
* gnu/packages/ghostscript.scm (ghostscript)[replacement]: New field.
(ghostscript-9.22): New variables.
---
gnu/packages/ghostscript.scm | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
diff --git a/gnu/packages/ghostscript.scm b/gnu/packages/ghostscript.scm
index d5d5aa2df..1e036a5e4 100644
--- a/gnu/packages/ghostscript.scm
+++ b/gnu/packages/ghostscript.scm
@@ -131,6 +131,7 @@ printing, and psresize, for adjusting page sizes.")
(define-public ghostscript
(package
(name "ghostscript")
+ (replacement ghostscript-9.22)
(version "9.21")
(source
(origin
@@ -254,6 +255,34 @@ output file formats and printers.")
(home-page "https://www.ghostscript.com/")
(license license:agpl3+)))
+(define ghostscript-9.22
+ (package
+ (inherit ghostscript)
+ (version "9.22")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/ArtifexSoftware/"
+ "ghostpdl-downloads/releases/download/gs"
+ (string-delete #\. version)
+ "/ghostscript-" version ".tar.xz"))
+ (sha256
+ (base32
+ "1fyi4yvdj39bjgs10klr31cda1fbx1ar7a7b7yz7v68gykk65y61"))
+ (patches (search-patches "ghostscript-runpath.patch"
+ "ghostscript-no-header-creationdate.patch"
+ "ghostscript-no-header-id.patch"
+ "ghostscript-no-header-uuid.patch"))
+ (modules '((guix build utils)))
+ (snippet
+ ;; Remove bundled libraries. The bundled OpenJPEG is a patched fork so
+ ;; we leave it, at least for now.
+ ;; TODO Try unbundling ijs, which is developed alongside Ghostscript.
+ '(begin
+ (for-each delete-file-recursively '("freetype" "jbig2dec" "jpeg"
+ "lcms2" "libpng"
+ "tiff" "zlib"))))))))
+
(define-public ghostscript/x
(package/inherit ghostscript
(name (string-append (package-name ghostscript) "-with-x"))
--
2.14.2
Information forwarded
to
guix-patches <at> gnu.org:
bug#28762; Package
guix-patches.
(Mon, 09 Oct 2017 20:54:01 GMT)
Full text and
rfc822 format available.
Message #8 received at 28762 <at> debbugs.gnu.org (full text, mbox):
Leo Famulari <leo <at> famulari.name> skribis:
> Fixes CVE-2017-{7948,7975,8908,9216,9610,9611,9612,9618,9619,9620,9726,9727,
> 9739,9740,9835}.
>
> * gnu/packages/ghostscript.scm (ghostscript)[replacement]: New field.
> (ghostscript-9.22): New variables.
[...]
> +(define ghostscript-9.22
> + (package
> + (inherit ghostscript)
> + (version "9.22")
> + (source
> + (origin
> + (method url-fetch)
> + (uri (string-append "https://github.com/ArtifexSoftware/"
> + "ghostpdl-downloads/releases/download/gs"
> + (string-delete #\. version)
> + "/ghostscript-" version ".tar.xz"))
> + (sha256
> + (base32
> + "1fyi4yvdj39bjgs10klr31cda1fbx1ar7a7b7yz7v68gykk65y61"))
> + (patches (search-patches "ghostscript-runpath.patch"
> + "ghostscript-no-header-creationdate.patch"
> + "ghostscript-no-header-id.patch"
> + "ghostscript-no-header-uuid.patch"))
> + (modules '((guix build utils)))
> + (snippet
> + ;; Remove bundled libraries. The bundled OpenJPEG is a patched fork so
> + ;; we leave it, at least for now.
> + ;; TODO Try unbundling ijs, which is developed alongside Ghostscript.
> + '(begin
> + (for-each delete-file-recursively '("freetype" "jbig2dec" "jpeg"
> + "lcms2" "libpng"
> + "tiff" "zlib"))))))))
Maybe:
(source
(origin
(inherit (package-source ghostscript))
(uri …)
(sha256 …)
(patches …)))
It should be slightly more concise.
Otherwise LGTM, thank you!
Ludo’.
bug closed, send any further explanations to
28762 <at> debbugs.gnu.org and Leo Famulari <leo <at> famulari.name>
Request was from
Leo Famulari <leo <at> famulari.name>
to
control <at> debbugs.gnu.org.
(Tue, 10 Oct 2017 14:56:02 GMT)
Full text and
rfc822 format available.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Wed, 08 Nov 2017 12:24:05 GMT)
Full text and
rfc822 format available.
This bug report was last modified 7 years and 317 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.