634616 – app-text/ghostscript-gpl-9.22 version bump

Bug 634616 - app-text/ghostscript-gpl-9.22 version bump

Summary: app-text/ghostscript-gpl-9.22 version bump

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal major with 1 vote (vote)
Assignee:	Printing Team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:	CVE-2017-7948 620148
	Show dependency tree

Reported:	2017-10-18 06:46 UTC by Mart Raudsepp
Modified:	2018-09-20 23:56 UTC (History)
CC List:	6 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
patchset for 9.25 (ghostscript-gpl-9.25-patchset-1.tar,20.00 KB, application/x-tar) 2018-09-18 23:49 UTC, Teika kazura	Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Mart Raudsepp gentoo-dev

2017-10-18 06:46:17 UTC

Highlights in this release include:

    Ghostscript can now consume and produce (via the pdfwrite device) PDF 2.0 compliant files.

    The main focus of this release has been security and code cleanliness. Hence many AddressSanitizer, Valgrind and Coverity issues have been addressed.

    The usual round of bug fixes, compatibility changes, and incremental improvements.

Comment 1 Jonas Stein gentoo-dev

2017-12-08 18:20:52 UTC

https://ghostscript.com/doc/9.22/News.htm

Comment 2 Teika kazura 2018-04-15 03:35:45 UTC

ghostscript-9.23 was released in March:
  https://ghostscript.com/Ghostscript_9.23.html

Comment 3 Alexander Tsoy 2018-09-05 08:22:13 UTC

9.24 is out with security fixes

Comment 4 Teika kazura 2018-09-18 22:16:31 UTC

9.25 is there, fixing security issues further.

The upstream news of both 9.25 and 9.24 say "PLEASE NOTE: We strongly urge users to upgrade to this latest release to avoid these issues."
* https://www.ghostscript.com/doc/9.24/News.htm
* https://www.ghostscript.com/doc/9.25/News.htm

The same pages say there hasn't been any incompatible changes (in fact from 9.21)

Comment 5 Teika kazura 2018-09-18 23:49:58 UTC

Created attachment 547266 [details]
patchset for 9.25

Let me submit a patchset for 9.25. Changes from ghostscript-gpl-9.21-patchset-1.tar.xz are:
* All *9.21* patches are deleted, which are already applied in the source. Namely, they are:
./patches/ghostscript-9.21-cve-2017-5951.patch
./patches/ghostscript-9.21-cve-2017-7207.patch
./patches/ghostscript-9.21-cve-2017-8291-2.patch
./patches/ghostscript-9.21-cve-2017-8291-3.patch
./patches/ghostscript-9.21-cve-2017-8291-4.patch
./patches/ghostscript-9.21-cve-2017-8291-1.patch
./patches/ghostscript-9.21-system-openjpeg.patch

* Font name patch is updated minimally. The order of some entries were changed in the source, so I followed these changes. Other changes are simply ignored. I renamed the patch filename, by changing "9.20" to "9.25"
  ghostscript-9.20-urw-fonts-naming.patch -> ghostscript-9.25-urw-fonts-naming.patch

Comment 6 Teika kazura 2018-09-18 23:57:33 UTC

Comment on attachment 547266 [details]
patchset for 9.25

9.25 already appeared in the official portage tree. Thanks Andreas K. Hüttel!

Comment 7 Andreas K. Hüttel archtester

2018-09-20 16:51:50 UTC

(In reply to Teika kazura from comment #6)
> Comment on attachment 547266 [details]
> patchset for 9.25
> 
> 9.25 already appeared in the official portage tree. Thanks Andreas K. Hüttel!

Comment 8 Teika kazura 2018-09-20 23:56:12 UTC

Now these bugs can be closed:
bug 618820
bug 626418
bug 635426
bug 655404