Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/media-sound/lilypond/files/lilypond-fix-cve-2020-17353.patch
diff options
context:
space:
mode:
Diffstat (limited to 'media-sound/lilypond/files/lilypond-fix-cve-2020-17353.patch')
-rw-r--r--media-sound/lilypond/files/lilypond-fix-cve-2020-17353.patch101
1 files changed, 0 insertions, 101 deletions
diff --git a/media-sound/lilypond/files/lilypond-fix-cve-2020-17353.patch b/media-sound/lilypond/files/lilypond-fix-cve-2020-17353.patch
deleted file mode 100644
index e91947eae056..000000000000
--- a/media-sound/lilypond/files/lilypond-fix-cve-2020-17353.patch
+++ /dev/null
@@ -1,101 +0,0 @@
-From b84ea4740f3279516905c5db05f4074e777c16ff Mon Sep 17 00:00:00 2001
-From: Han-Wen Nienhuys <hanwenn@gmail.com>
-Date: Tue, 21 Jul 2020 14:45:08 +0200
-Subject: [PATCH] scm: disable embedded-ps and embedded-svg in -dsafe mode
-
-This prevents executing privileged PostScript and exploiting
-Ghostscript vulnerablilities
-
-Tested:
- $ lilypond -dsafe input/regression/les-nereides.ly
- (works, kinda)
-
- $ cat f.ly
- { c4_ \markup \postscript #" (x) show " }
-
- $ lilypond -dsafe f
- Preprocessing graphical objects.../home/hanwen/vc/lilypond/out/share/lilypond/current/scm/define-markup-commands.scm:1145:3: In procedure ly_make_stencil in expression (ly:make-stencil (list # #) (quote #) ...):
- /home/hanwen/vc/lilypond/out/share/lilypond/current/scm/define-markup-commands.scm:1145:3: Wrong type argument in position 1 (expecting registered stencil expression): (embedded-ps "
----
- scm/define-stencil-commands.scm | 65 ++++++++++++++++++++++-------------------
- 1 file changed, 35 insertions(+), 30 deletions(-)
-
-diff --git a/scm/define-stencil-commands.scm b/scm/define-stencil-commands.scm
-index 09a2299..e388788 100644
---- a/scm/define-stencil-commands.scm
-+++ b/scm/define-stencil-commands.scm
-@@ -21,36 +21,41 @@
- (define-public (ly:all-stencil-commands)
- "Return the list of stencil commands that can be
- defined in the output modules (@file{output-*.scm})."
-- '(blank
-- char
-- circle
-- dashed-line
-- draw-line
-- ellipse
-- embedded-ps
-- embedded-svg
-- end-group-node
-- glyph-string
-- grob-cause
-- named-glyph
-- no-origin
-- page-link
-- path
-- partial-ellipse
-- placebox
-- polygon
-- resetcolor
-- resetrotation
-- resetscale
-- round-filled-box
-- setcolor
-- setrotation
-- setscale
-- start-group-node
-- text
-- unknown
-- url-link
-- utf-8-string
-+ (let*
-+ ((commands '(blank
-+ char
-+ circle
-+ dashed-line
-+ draw-line
-+ ellipse
-+ end-group-node
-+ glyph-string
-+ grob-cause
-+ named-glyph
-+ no-origin
-+ page-link
-+ path
-+ partial-ellipse
-+ placebox
-+ polygon
-+ resetcolor
-+ resetrotation
-+ resetscale
-+ round-filled-box
-+ setcolor
-+ setrotation
-+ setscale
-+ start-group-node
-+ text
-+ unknown
-+ url-link
-+ utf-8-string
-+ )))
-+
-+ (if (ly:get-option 'safe)
-+ commands
-+ (append '(embedded-ps embedded-svg)
-+ commands))
- ))
-
- ;; TODO:
---
-1.9.1
-