From owner-svn-ports-branches@freebsd.org  Tue Sep  1 23:15:09 2015
Return-Path: <owner-svn-ports-branches@freebsd.org>
Delivered-To: svn-ports-branches@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id DC7EA9C8D1C;
 Tue,  1 Sep 2015 23:15:09 +0000 (UTC)
 (envelope-from junovitch@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id C1415E26;
 Tue,  1 Sep 2015 23:15:09 +0000 (UTC)
 (envelope-from junovitch@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.70])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id t81NF9Au061336;
 Tue, 1 Sep 2015 23:15:09 GMT (envelope-from junovitch@FreeBSD.org)
Received: (from junovitch@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id t81NF72A061328;
 Tue, 1 Sep 2015 23:15:07 GMT (envelope-from junovitch@FreeBSD.org)
Message-Id: <201509012315.t81NF72A061328@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: junovitch set sender to
 junovitch@FreeBSD.org using -f
From: Jason Unovitch <junovitch@FreeBSD.org>
Date: Tue, 1 Sep 2015 23:15:07 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-branches@freebsd.org
Subject: svn commit: r395804 - in branches/2015Q3/print: ghostscript7
 ghostscript7/files ghostscript8 ghostscript8/files ghostscript9
 ghostscript9-agpl ghostscript9-agpl/files ghostscript9/files
X-SVN-Group: ports-branches
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-branches@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: SVN commit messages for all the branches of the ports tree
 <svn-ports-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-branches>, 
 <mailto:svn-ports-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-branches/>
List-Post: <mailto:svn-ports-branches@freebsd.org>
List-Help: <mailto:svn-ports-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-branches>, 
 <mailto:svn-ports-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Sep 2015 23:15:10 -0000

Author: junovitch
Date: Tue Sep  1 23:15:06 2015
New Revision: 395804
URL: https://svnweb.freebsd.org/changeset/ports/395804

Log:
  MFH: r395047 (security relevant change only)
  
  - Apply fix for CVE-2015-3228, denial of service via crafted Postscript files.
  
  The security relevant change was applied manually as r395047 split the
  Ghostscript ports into separate X11-independent and -dependent parts.
  
  PR:		202781
  Security:	CVE-2015-3228
  Security:	fc1f6658-4f53-11e5-934b-002590263bf5
  Approved by:	ports-secteam (feld), feld,delphij (mentors)

Added:
  branches/2015Q3/print/ghostscript7/files/patch-src-gsmalloc.c
     - copied unchanged from r395637, head/print/ghostscript7-base/files/patch-src-gsmalloc.c
  branches/2015Q3/print/ghostscript8/files/patch-base-gsmalloc.c
     - copied unchanged from r395637, head/print/ghostscript8-base/files/patch-base-gsmalloc.c
  branches/2015Q3/print/ghostscript9-agpl/files/patch-base-gsmalloc.c
     - copied unchanged from r395637, head/print/ghostscript9-agpl-base/files/patch-base-gsmalloc.c
  branches/2015Q3/print/ghostscript9/files/patch-base-gsmalloc.c
     - copied unchanged from r395637, head/print/ghostscript9-base/files/patch-base-gsmalloc.c
Modified:
  branches/2015Q3/print/ghostscript7/Makefile
  branches/2015Q3/print/ghostscript8/Makefile
  branches/2015Q3/print/ghostscript9-agpl/Makefile
  branches/2015Q3/print/ghostscript9/Makefile

Modified: branches/2015Q3/print/ghostscript7/Makefile
==============================================================================
--- branches/2015Q3/print/ghostscript7/Makefile	Tue Sep  1 22:49:57 2015	(r395803)
+++ branches/2015Q3/print/ghostscript7/Makefile	Tue Sep  1 23:15:06 2015	(r395804)
@@ -3,7 +3,7 @@
 
 PORTNAME=	ghostscript
 PORTVERSION=	7.07
-PORTREVISION=	31
+PORTREVISION=	32
 CATEGORIES=	print
 MASTER_SITES=	SF/ghostscript/gnu-gs/${PORTVERSION}:gs_srcs \
 		ftp://mirror.cs.wisc.edu/pub/mirrors/ghost/gnu/gs${PORTVERSION:S/.//}/:gs_srcs \

Copied: branches/2015Q3/print/ghostscript7/files/patch-src-gsmalloc.c (from r395637, head/print/ghostscript7-base/files/patch-src-gsmalloc.c)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2015Q3/print/ghostscript7/files/patch-src-gsmalloc.c	Tue Sep  1 23:15:06 2015	(r395804, copy of r395637, head/print/ghostscript7-base/files/patch-src-gsmalloc.c)
@@ -0,0 +1,11 @@
+--- src/gsmalloc.c.orig	2015-07-24 09:55:54.032137000 +0900
++++ src/gsmalloc.c	2015-07-24 09:57:15.070246000 +0900
+@@ -170,7 +170,7 @@
+     } else {
+ 	uint added = size + sizeof(gs_malloc_block_t);
+ 
+-	if (mmem->limit - added < mmem->used)
++	if (added <= size || mmem->limit - added < mmem->used)
+ 	    set_msg("exceeded limit");
+ 	else if ((ptr = (byte *) malloc(added)) == 0)
+ 	    set_msg("failed");

Modified: branches/2015Q3/print/ghostscript8/Makefile
==============================================================================
--- branches/2015Q3/print/ghostscript8/Makefile	Tue Sep  1 22:49:57 2015	(r395803)
+++ branches/2015Q3/print/ghostscript8/Makefile	Tue Sep  1 23:15:06 2015	(r395804)
@@ -3,7 +3,7 @@
 
 PORTNAME=	ghostscript
 PORTVERSION=	8.71
-PORTREVISION=	18
+PORTREVISION=	19
 CATEGORIES=	print
 MASTER_SITES=	http://downloads.ghostscript.com/public/:gs_srcs \
 		SF/ghostscript/GPL%20Ghostscript/${PORTVERSION}:gs_srcs \

Copied: branches/2015Q3/print/ghostscript8/files/patch-base-gsmalloc.c (from r395637, head/print/ghostscript8-base/files/patch-base-gsmalloc.c)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2015Q3/print/ghostscript8/files/patch-base-gsmalloc.c	Tue Sep  1 23:15:06 2015	(r395804, copy of r395637, head/print/ghostscript8-base/files/patch-base-gsmalloc.c)
@@ -0,0 +1,11 @@
+--- base/gsmalloc.c.orig	2015-07-24 09:52:39.718916000 +0900
++++ base/gsmalloc.c	2015-07-24 09:54:31.761202000 +0900
+@@ -174,7 +174,7 @@
+     } else {
+ 	uint added = size + sizeof(gs_malloc_block_t);
+ 
+-	if (mmem->limit - added < mmem->used)
++	if (added <= size || mmem->limit - added < mmem->used)
+ 	    set_msg("exceeded limit");
+ 	else if ((ptr = (byte *) malloc(added)) == 0)
+ 	    set_msg("failed");

Modified: branches/2015Q3/print/ghostscript9-agpl/Makefile
==============================================================================
--- branches/2015Q3/print/ghostscript9-agpl/Makefile	Tue Sep  1 22:49:57 2015	(r395803)
+++ branches/2015Q3/print/ghostscript9-agpl/Makefile	Tue Sep  1 23:15:06 2015	(r395804)
@@ -2,7 +2,7 @@
 
 PORTNAME=	ghostscript
 PORTVERSION=	9.15
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	print
 MASTER_SITES=	http://downloads.ghostscript.com/public/:gs_srcs \
 		SF/ghostscript/GPL%20Ghostscript/${PORTVERSION}:gs_srcs \

Copied: branches/2015Q3/print/ghostscript9-agpl/files/patch-base-gsmalloc.c (from r395637, head/print/ghostscript9-agpl-base/files/patch-base-gsmalloc.c)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2015Q3/print/ghostscript9-agpl/files/patch-base-gsmalloc.c	Tue Sep  1 23:15:06 2015	(r395804, copy of r395637, head/print/ghostscript9-agpl-base/files/patch-base-gsmalloc.c)
@@ -0,0 +1,11 @@
+--- base/gsmalloc.c.orig	2015-08-22 03:09:16.838614000 +0900
++++ base/gsmalloc.c	2015-08-22 03:09:34.776354000 +0900
+@@ -178,7 +178,7 @@
+     } else {
+         uint added = size + sizeof(gs_malloc_block_t);
+ 
+-        if (mmem->limit - added < mmem->used)
++        if (added <= size || mmem->limit - added < mmem->used)
+             set_msg("exceeded limit");
+         else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0)
+             set_msg("failed");

Modified: branches/2015Q3/print/ghostscript9/Makefile
==============================================================================
--- branches/2015Q3/print/ghostscript9/Makefile	Tue Sep  1 22:49:57 2015	(r395803)
+++ branches/2015Q3/print/ghostscript9/Makefile	Tue Sep  1 23:15:06 2015	(r395804)
@@ -2,7 +2,7 @@
 
 PORTNAME=	ghostscript
 PORTVERSION=	9.06
-PORTREVISION=	10
+PORTREVISION=	11
 CATEGORIES=	print
 MASTER_SITES=	http://downloads.ghostscript.com/public/:gs_srcs \
 		SF/ghostscript/GPL%20Ghostscript/${PORTVERSION}:gs_srcs \

Copied: branches/2015Q3/print/ghostscript9/files/patch-base-gsmalloc.c (from r395637, head/print/ghostscript9-base/files/patch-base-gsmalloc.c)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2015Q3/print/ghostscript9/files/patch-base-gsmalloc.c	Tue Sep  1 23:15:06 2015	(r395804, copy of r395637, head/print/ghostscript9-base/files/patch-base-gsmalloc.c)
@@ -0,0 +1,11 @@
+--- base/gsmalloc.c.orig	2015-07-24 09:41:05.295969000 +0900
++++ base/gsmalloc.c	2015-07-24 09:41:15.146305000 +0900
+@@ -178,7 +178,7 @@
+     } else {
+         uint added = size + sizeof(gs_malloc_block_t);
+ 
+-        if (mmem->limit - added < mmem->used)
++        if (added <= size || mmem->limit - added < mmem->used)
+             set_msg("exceeded limit");
+         else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0)
+             set_msg("failed");