[kirkstone,02/13] ghostscript: ignore CVE-2024-46954

Message ID	7f1b174b8f12fcf377c45c27022bac99b6652823.1736256495.git.steve@sakoman.com
State	RFC
Delegated to:	Steve Sakoman
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.214.178, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 02/13] ghostscript: ignore CVE-2024-46954 Date: Tue, 7 Jan 2025 05:31:06 -0800 Message-ID: <7f1b174b8f12fcf377c45c27022bac99b6652823.1736256495.git.steve@sakoman.com> In-Reply-To: <cover.1736256495.git.steve@sakoman.com> References: <cover.1736256495.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[kirkstone,01/13] libsndfile1: Backport fix for CVE-2022-33065 \| expand [kirkstone,01/13] libsndfile1: Backport fix for CVE-2022-33065 [kirkstone,02/13] ghostscript: ignore CVE-2024-46954 [kirkstone,03/13] tiff: ignore CVE-2023-2731 [kirkstone,04/13] tiff: patch CVE-2023-3164 [kirkstone,05/13] gstreame1.0: ignore CVEs from gstreamer1.0-plugins-bad [kirkstone,06/13] xwayland: patch CVE-2023-5380 CVE-2024-0229 [kirkstone,07/13] libarchive: Fix CVE-2024-20696 [kirkstone,08/13] webkitgtk: Security fix for CVE-2024-40776 and CVE-2024-40780 [kirkstone,09/13] ffmpeg: fix CVE-2024-35366 [kirkstone,10/13] ffmpeg: fix CVE-2024-35367 [kirkstone,11/13] ffmpeg: fix CVE-2024-35368 [kirkstone,12/13] python3: upgrade 3.10.15 -> 3.10.16 [kirkstone,13/13] ovmf-native: remove .pyc files from install

Message ID

7f1b174b8f12fcf377c45c27022bac99b6652823.1736256495.git.steve@sakoman.com

State

RFC

Delegated to:

Steve Sakoman

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 02/13] ghostscript: ignore CVE-2024-46954
Date: Tue,  7 Jan 2025 05:31:06 -0800
Message-ID: 
 <7f1b174b8f12fcf377c45c27022bac99b6652823.1736256495.git.steve@sakoman.com>
In-Reply-To: <cover.1736256495.git.steve@sakoman.com>
References: <cover.1736256495.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[kirkstone,01/13] libsndfile1: Backport fix for CVE-2022-33065 | expand

Commit Message

Steve Sakoman Jan. 7, 2025, 1:31 p.m. UTC

From: Peter Marko <peter.marko@siemens.com>

Issue in the GhostPCL. GhostPCL not part of this GhostScript recipe.

[1] points to [2] as patch, while file base/gp_utf8.c is not part of
ghostscript source tarball.

[1] https://nvd.nist.gov/vuln/detail/CVE-2024-46954
[2] https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=55f587dd039282316f512e1bea64218fd991f934

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
index cd0a7de70e..6d425710b5 100644
--- a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
+++ b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb
@@ -24,7 +24,7 @@  UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.tar"
 CVE_CHECK_IGNORE += "CVE-2013-6629"
 
 # Issue in the GhostPCL. GhostPCL not part of this GhostScript recipe.
-CVE_CHECK_IGNORE += "CVE-2023-38560"
+CVE_CHECK_IGNORE += "CVE-2023-38560 CVE-2024-46954"
 
 def gs_verdir(v):
     return "".join(v.split("."))

[kirkstone,02/13] ghostscript: ignore CVE-2024-46954

Commit Message

Patch