mupdf: import upstream patches for CVEs: 2017-17858, 2018-1000051, 2018-6187, 2018-6192

This commit is contained in:
Michael Raskin 2018-03-10 12:56:27 +01:00
parent 679580be35
commit f2f7b0579b

View File

@ -39,6 +39,48 @@ in stdenv.mkDerivation rec {
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=26527eef77b3e51c2258c8e40845bfbc015e405d;hp=ab98356f959c7a6e94b1ec10f78dd2c33ed3f3e7";
sha256 = "1brcc029s5zmd6ya0d9qk3mh9qwx5g6vhsf1j8h879092sya5627";
})
(fetchpatch {
# Bugs 698804/698810/698811, 698819: Keep PDF object numbers below limit.
name = "CVE-2017-17858.patch";
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=55c3f68d638ac1263a386e0aaa004bb6e8bde731";
sha256 = "1bf683d59i5009cv1hhmwmrp2rsb75cbf98qd44dk39cpvq8ydwv";
})
(fetchpatch {
# Bug 698825: Do not drop borrowed colorspaces.
name = "CVE-2018-1000051.patch";
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=321ba1de287016b0036bf4a56ce774ad11763384";
sha256 = "0jbcc9j565q5y305pi888qzlp83zww6nhkqbsmkk91gim958zikm";
})
(fetchpatch {
# Bug 698908 preprecondition: Add portable pseudo-random number generator based on the lrand48 family.
name = "CVE-2018-6187.0.1.patch";
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=2d5b4683e912d6e6e1f1e2ca5aa0297beb3e6807";
sha256 = "028bxinbjs5gg9myjr3vs366qxg9l2iyba2j3pxkxsh1851hj728";
})
(fetchpatch {
# Bug 698908 precondition: Fix "being able to search for redacted text" bug.
name = "CVE-2018-6187.0.2.patch";
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=25593f4f9df0c4a9b9adaa84aaa33fe2a89087f6";
sha256 = "195y69c3f8yqxcsa0bxrmxbdc3fx1dzvz8v66i56064mjj0mx04s";
})
(fetchpatch {
# Bug 698908: Resize object use and renumbering lists after repair.
name = "CVE-2018-6187.1.patch";
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=3e30fbb7bf5efd88df431e366492356e7eb969ec";
sha256 = "0wzbqj750h06q1wa6vxbpv5a5q9pfg0cxjdv88yggkrjb3vrkd9j";
})
(fetchpatch {
# Bug 698908: Plug PDF object leaks when decimating pages in pdfposter.
name = "CVE-2018-6187.2.patch";
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=a71e7c85a9f2313cde20d4479cd727a5f5518ed2";
sha256 = "1pcjkq8lg6l2m0186rl79lilg79crgdvz9hrmm3w60gy2gxkgksc";
})
(fetchpatch {
# Bug 698916: Indirect object numbers must be in range.
name = "CVE-2018-6192.patch";
url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=5e411a99604ff6be5db9e273ee84737204113299";
sha256 = "134zc07fp0p1mwqa8xrkq3drg4crajzf1hjf4mdwmcy1jfj2pfhj";
})
]
# Use shared libraries to decrease size