[oe-commits] [openembedded-core] 18/22: ghostscript: fix for CVE-2019-14811 is same as CVE-2019-14813

git at git.openembedded.org git at git.openembedded.org
Fri Nov 29 17:44:21 UTC 2019


This is an automated email from the git hooks/post-receive script.

rpurdie pushed a commit to branch master
in repository openembedded-core.

commit afef29326b4332fc87c53a5d9d43288cddcdd944
Author: Anuj Mittal <anuj.mittal at intel.com>
AuthorDate: Wed Nov 27 08:53:24 2019 +0800

    ghostscript: fix for CVE-2019-14811 is same as CVE-2019-14813
    
    https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14813
    https://www.openwall.com/lists/oss-security/2019/08/28/2
    
    Signed-off-by: Anuj Mittal <anuj.mittal at intel.com>
    Signed-off-by: Ross Burton <ross.burton at intel.com>
---
 meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch
index 3f28555..d4ef099 100644
--- a/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch
+++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2019-14811-0001.patch
@@ -12,6 +12,7 @@ handler being used, but nevertheless, prevent access to .forceput from
 .setuserparams2.
 
 CVE: CVE-2019-14811
+CVE: CVE-2019-14813
 Upstream-Status: Backport [git://git.ghostscript.com/ghostpdl.git]
 
 Signed-off-by: Stefan Ghinea <stefan.ghinea at windriver.com>

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.


More information about the Openembedded-commits mailing list