ghostscript-mini-devel-9.27-lp151.3.9.1 4>$  Ap]Έ/=„*tܜ~ߥ2L!eyҐQ 0r4_jTZR噡~ f,-T;6j@Ȫ-CuL |T\*~ 'tɒAÃC -{:@VqV.Um( "2FvC*@3^0CSQ(_SS4LiO}%[P`:y9`Þs6OC 2c0823e212013b8647d515c3d72dac84fd42a3ecb9ad1f32286416b9ff05f92aff663ae3fa4f633be03b2e06ebecbc7f0863b86e]Έ/=„ѫeI*|.R/ѕAhώL l)RHtjITWf,; =W3!)Oc:)D\t^ʆ+,Pm@ 4+m{򹮬-"[J^FGvNSx{_نbb"O{}|8 }-oyz\q6e2TesM>ϔlfXAK%!>6tikw3O!܃0ʝ>pA?|d * T ,28 h           , h  H` ^(b8l+9+: +F2GH Hx I XY\ ] ^bcd8e=f@lBuT vw x yz,06xCghostscript-mini-devel9.27lp151.3.9.1Development files for Minimal GhostscriptThis package contains the development files for Minimal Ghostscript.]Έbuild78openSUSE Leap 15.1openSUSEAGPL-3.0-onlyhttp://bugs.opensuse.orgDevelopment/Libraries/C and C++https://www.ghostscript.com/linuxi586' 72 ~  A큤A큤]Έu]Έu]Έu]Έu]Έu]Έy]Έy]Έy]Έy]Έu]Έy]Έyc3cfcde92fd85c9e5649c3c023989483c67a6a79e2aaee9df9ec80d4d366c3b3192d6abf44fe02a9386a383a3660c326a87153f880bfd9f4578fe690cb5a5d35a0f7f747df2b6b4e53d4d0067c987537081614d13bee7ca607091fa4f6b9abc721188bc5fc644f18f5014ef38e25838a39dfcded2384d5962d5f62179e1630a14fa1ad778339b1fb533d7b8e4ee76daf535faf7c9e861e296b5ad81bfa0c20fd0eb16b3a202b1204246e2fd1707e3a59950bcf8c3102ed8b350e6d17118fa385a1be4e364d552cd1c67343bf29e80599712ea25817e36104ca8e397189fd47ea029696281ad934bc3f7571d40f82922650573520300862a0000f9c4df867954dlibgs.so.9.27libijs-0.35.sorootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootghostscript-mini-9.27-lp151.3.9.1.src.rpmghostscript-mini-develghostscript-mini-devel(x86-32)pkgconfig(ijs)@    /usr/bin/pkg-configghostscript-minirpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)9.273.0.4-14.6.0-14.0-15.2-1ghostscriptghostscript-develghostscript-libraryghostscript-x114.14.1]M@]y@]y@]{]QT\\\@n@\&@[v[[Q@[Q@[{@ZZZ`@ZZH@Z@Y5Yo@Y1S@YtXXsXwoX@W@Wڍ@V@VVLh@V;DV3[VVV }@VU@U@U@U jsmeix@suse.deDr. Werner Fink Dr. Werner Fink Dr. Werner Fink Dr. Werner Fink jsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.destefan.bruens@rwth-aachen.denovell@mirell.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dedaniel.molkentin@suse.comjsmeix@suse.dejsmeix@suse.dejsmeix@suse.destefan.bruens@rwth-aachen.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.deschwab@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.dejsmeix@suse.de- CVE-2019-14869.patch contains commit from Ghostscript upstream https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=485904772c5f to fix CVE-2019-14869 "-dSAFER escape in .charkeys" (bsc#1156275)- Port latest ghostscript 9.27 from factory including latest security patches to SLES15/SLES12 * Port patch CVE-2019-10216.patch to 9.27 which is the orignal upstream commit now * Drop patch CVE-2019-3838.patch as now part of 9.27- Add patch gs-CVE-2019-14811-885444fc.patch to fix bsc#1146882 for CVE-2019-14811,CVE-2019-14812,CVE-2019-14813 - Add patch gs-CVE-2019-14817-cd1b1cac.patch to fix bsc#1146884 for CVE-2019-14817- Add patch openjpeg4gs-CVE-2018-6616-8ee33522.patch to fix bsc#1140359 for CVE-2019-12973- CVE-2019-10216.patch fixes CVE-2019-10216 forceput/superexec in .buildfont1 is still accessible https://bugzilla.suse.com/show_bug.cgi?id=1144621 bsc#1144621 https://bugs.ghostscript.com/show_bug.cgi?id=701394- Version upgrade to 9.27 Highlights in this release include: * We (i.e. Ghostscript upstream) have extensively cleaned up the Postscript name space: removing access to internal and/or undocumented Postscript operators, procedures and data. This has benefits for security and maintainability. Incompatible changes: The process of "tidying" the Postscript name space should have removed only non-standard and undocumented operators. Nevertheless, it is possible that any integrations or utilities that rely on those non-standard and undocumented operators may stop working, or may change behaviour. If you encounter such a case, please contact us (i.e. Ghostscript upstream) - (either the #ghostscript IRC channel, or the gs-devel mailing list would be best), and we'll work with you to either find an alternative solution. * Fontmap can now reference invidual fonts in a TrueType Collection for font subsitution. Previously, a Fontmap entry could only reference a TrueType collection and use the default (first) font. Now, the Fontmap syntax allows for specifying a specific index in a TTC. See the comments at the top of (the default) Fontmap.GS for details. * The usual round of bug fixes, compatibility changes, and incremental improvements. IMPORTANT: It is our intention, within the next 12 months (ideally sooner, in time for the next release) to make SAFER the default mode of operation. For many users this will have no effect, since they use SAFER explicitly, but some niche uses which rely on SAFER being disabled may need to start explicitly adding the "-dNOSAFER" option. IMPORTANT: We (i.e. Ghostscript upstream) are in the process of forking LittleCMS. LCMS2 is not thread safe, and cannot be made thread safe without breaking the ABI. Our fork will be thread safe, and include performance enhancements (these changes have all be been offered and rejected upstream). We will maintain compatibility between Ghostscript and LCMS2 for a time, but not in perpetuity. Our fork will be available as its own package separately from Ghostscript (and MuPDF). For a release summary see: http://www.ghostscript.com/doc/9.27/News.htm For details see the News.htm and History9.htm files. The Ghostscript 9.27 release should fix (cf. the entry below dated 'Fri Sep 14 10:47:33 CEST 2018' what "should fix" means) in particular those security issues: * CVE-2019-3838 forceput in DefineResource is still accessible https://bugzilla.suse.com/show_bug.cgi?id=1129186 bsc#1129186 https://bugs.ghostscript.com/show_bug.cgi?id=700576 * CVE-2019-3835: superexec operator is available https://bugzilla.suse.com/show_bug.cgi?id=1129180 bsc#1129180 https://bugs.ghostscript.com/show_bug.cgi?id=700585- CVE-2019-3838.patch fixes CVE-2019-3838 forceput in DefineResource is still accessible https://bugzilla.suse.com/show_bug.cgi?id=1129186 bsc#1129186 https://bugs.ghostscript.com/show_bug.cgi?id=700576- Version upgrade to 9.26a The version 9.26a is a special security bugfix version to fix * CVE-2019-6116: subroutines within pseudo-operators must themselves be pseudo-operators https://bugs.ghostscript.com/show_bug.cgi?id=700317 https://bugzilla.suse.com/show_bug.cgi?id=1122319 bsc#1122319- Version upgrade to 9.26 Highlights in this release include: * Security issues have been the primary focus of this release, including solving several (well publicised) real and potential exploits. Thanks to Man Yue Mo of Semmle Security Research Team, Jens Mueller of Ruhr-Universitaet Bochum and Tavis Ormandy of Google's Project Zero for their help to identify specific security issues. PLEASE NOTE: We (i.e. Ghostscript upstream) strongly urge users to upgrade to this latest release to avoid these issues. * The usual round of bug fixes, compatibility changes, and incremental improvements. For a release summary see: http://www.ghostscript.com/doc/9.26/News.htm For details see the News.htm and History9.htm files. The Ghostscript 9.26 release should fix (cf. the entry below dated 'Fri Sep 14 10:47:33 CEST 2018' what "should fix" means) in particular those security issues (bsc#1117331) * CVE-2018-19475: psi/zdevice2.c allows attackers to bypass intended access restrictions https://bugs.ghostscript.com/show_bug.cgi?id=700153 https://bugzilla.suse.com/show_bug.cgi?id=1117327 bsc#1117327 * CVE-2018-19476: psi/zicc.c allows attackers to bypass intended access restrictions because of a setcolorspace type confusion https://bugs.ghostscript.com/show_bug.cgi?id=700169 https://bugzilla.suse.com/show_bug.cgi?id=1117313 bsc#1117313 * CVE-2018-19477: psi/zfjbig2.c allows attackers to bypass intended access restrictions because of a JBIG2Decode type confusion https://bugs.ghostscript.com/show_bug.cgi?id=700168 https://bugzilla.suse.com/show_bug.cgi?id=1117274 bsc#1117274 * CVE-2018-19409: LockSafetyParams is not checked correctly if another device is used https://bugs.ghostscript.com/show_bug.cgi?id=700176 https://bugzilla.suse.com/show_bug.cgi?id=1117022 bsc#1117022 and those security issues * CVE-2018-18284: 1Policy operator gives access to .forceput https://bugs.ghostscript.com/show_bug.cgi?id=69963 https://bugzilla.suse.com/show_bug.cgi?id=1112229 bsc#1112229 * CVE-2018-18073: saved execution stacks can leak operator arrays https://bugs.ghostscript.com/show_bug.cgi?id=699927 https://bugzilla.suse.com/show_bug.cgi?id=1111480 bsc#1111480 * CVE-2018-17961: bypassing executeonly to escape -dSAFER sandbox https://bugs.ghostscript.com/show_bug.cgi?id=699816 https://bugzilla.suse.com/show_bug.cgi?id=1111479 bsc#1111479 * CVE-2018-17183: remote attackers could be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code https://bugs.ghostscript.com/show_bug.cgi?id=699708 https://bugzilla.suse.com/show_bug.cgi?id=1109105 bsc#1109105- Version upgrade to 9.26rc1 (first release candidate for 9.26). Highlights in this release include: * Purely security and a few bug fixes, there are no new features, and no API changes to report.- Version upgrade to 9.25 For the highlights in this release see the highlights in the 9.25rc1 first release candidate for 9.25 entry below. PLEASE NOTE: We (i.e. Ghostscript upstream) strongly urge users to upgrade to this latest release to avoid these issues. For a release summary see: http://www.ghostscript.com/doc/9.25/News.htm For details see the News.htm and History9.htm files. The Ghostscript 9.25 release should fix (see below) in particular those security issues: * CVE-2018-15909: shading_param incomplete type checking https://bugs.ghostscript.com/show_bug.cgi?id=699660 https://bugzilla.suse.com/show_bug.cgi?id=1106172 bsc#1106172 * CVE-2018-15908: .tempfile file permission issues https://bugs.ghostscript.com/show_bug.cgi?id=699657 https://bugzilla.suse.com/show_bug.cgi?id=1106171 bsc#1106171 * CVE-2018-15910: LockDistillerParams type confusion https://bugs.ghostscript.com/show_bug.cgi?id=699656 https://bugzilla.suse.com/show_bug.cgi?id=1106173 bsc#1106173 * CVE-2018-15911: uninitialized memory access in the aesdecode https://bugs.ghostscript.com/show_bug.cgi?id=699665 https://bugzilla.suse.com/show_bug.cgi?id=1106195 bsc#1106195 * CVE-2018-16513: setcolor missing type check https://bugs.ghostscript.com/show_bug.cgi?id=699655 https://bugzilla.suse.com/show_bug.cgi?id=1107412 bsc#1107412 * CVE-2018-16509: /invalidaccess bypass after failed restore https://bugs.ghostscript.com/show_bug.cgi?id=699654 https://bugzilla.suse.com/show_bug.cgi?id=1107410 bsc#1107410 * CVE-2018-16510: Incorrect exec stack handling in the "CS" and "SC" PDF primitives https://bugs.ghostscript.com/show_bug.cgi?id=699671 https://bugzilla.suse.com/show_bug.cgi?id=1107411 bsc#1107411 * CVE-2018-16542: .definemodifiedfont memory corruption if /typecheck is handled https://bugs.ghostscript.com/show_bug.cgi?id=699668 https://bugzilla.suse.com/show_bug.cgi?id=1107413 bsc#1107413 * CVE-2018-16541 incorrect free logic in pagedevice replacement https://bugs.ghostscript.com/show_bug.cgi?id=699664 https://bugzilla.suse.com/show_bug.cgi?id=1107421 bsc#1107421 * CVE-2018-16540 use-after-free in copydevice handling https://bugs.ghostscript.com/show_bug.cgi?id=699661 https://bugzilla.suse.com/show_bug.cgi?id=1107420 bsc#1107420 * CVE-2018-16539: incorrect access checking in temp file handling to disclose contents of files https://bugs.ghostscript.com/show_bug.cgi?id=699658 https://bugzilla.suse.com/show_bug.cgi?id=1107422 bsc#1107422 * CVE-2018-16543: gssetresolution and gsgetresolution allow for unspecified impact https://bugs.ghostscript.com/show_bug.cgi?id=699670 https://bugzilla.suse.com/show_bug.cgi?id=1107423 bsc#1107423 * CVE-2018-16511: type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact https://bugs.ghostscript.com/show_bug.cgi?id=699659 https://bugzilla.suse.com/show_bug.cgi?id=1107426 bsc#1107426 * CVE-2018-16585 .setdistillerkeys PostScript command is accepted even though it is not intended for use https://bugzilla.suse.com/show_bug.cgi?id=1107581 bsc#1107581 * CVE-2018-16802: Incorrect"restoration of privilege" checking when running out of stack during exceptionhandling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509 https://bugs.ghostscript.com/show_bug.cgi?id=699714 https://bugs.ghostscript.com/show_bug.cgi?id=699718 https://bugzilla.suse.com/show_bug.cgi?id=1108027 bnc#1108027 Regarding what the above "should fix" means: PostScript is a general purpose Turing-complete programming language (cf. https://en.wikipedia.org/wiki/PostScript) that supports in particular file access on the system disk. When Ghostscript processes PostScript it runs a PostScript program as the user who runs Ghostscript. When Ghostscript processes an arbitrary PostScript file, the user who runs Ghostscript runs an arbitrary program which can do anything on the system where Ghostscript runs that this user is allowed to do on that system. To make it safer when Ghostscript runs a PostScript program the Ghostscript command line option '-dSAFER' disables certain file access functionality, for details see /usr/share/doc/ghostscript/9.25/Use.htm Its name 'SAFER' says everything: It makes it 'safer' to let Ghostscript run a PostScript program, but it does not make it completely safe. In theory software is safe against misuse (i.e. has no bugs). In practice there is an endless sequence of various kind of security issues (i.e. software can be misused to do more than what is intended) that get fixed issue by issue ad infinitum. In the end all that means: In practice the user who runs Ghostscript must not let it process arbitrary PostScript files from untrusted origin. In particular Ghostscript is usually run when printing documents (with the '-dSAFER' option set), see the part about "It is crucial to limit access to CUPS to trusted users" in https://en.opensuse.org/SDB:CUPS_and_SANE_Firewall_settings- Version upgrade to 9.25rc1 (first release candidate for 9.25). Highlights in this release include: * This release fixes problems with argument handling, some unintended results of the security fixes to the SAFER file access restrictions (specifically accessing ICC profile files), and some additional security issues over the 9.24 release. * Security issues have been the primary focus of this release, including solving several (well publicised) real and potential exploits. PLEASE NOTE: We (i.e. Ghostscript upstream) strongly urge users to upgrade to this latest release to avoid these issues. * Avoid that ps2epsi fails with 'Error: /undefined in --setpagedevice--' Recent changes required to harden SAFER mode mean that it is no longer possible to run ps2epsi in SAFER mode, because it relies upon unsafe Ghostscript non-standard extension operators. Removing SAFER and DELAYSAFER, and the code to reset SAFER, allow ps2epsi to run as well as it ever did (ie badly). This program (i.e. ps2epsi) should now be considered unsafe, you should not use it on untrusted PostScript programs. Likely we (i.e. Ghostscript upstream) will deprecate and remove this program in future. For details see the News.htm and History9.htm files. Regarding installing packages (in particular release candidates) from the openSUSE build service development project "Printing" see https://build.opensuse.org/project/show/Printing- Version upgrade to 9.24 Highlights in this release include: * Security issues have been the primary focus of this release, including solving several (well publicised) real and potential exploits. PLEASE NOTE: We (i.e. Ghostscript upstream) strongly urge users to upgrade to this latest release to avoid these issues. * As well as Ghostscript itself, jbig2dec has had a significant amount of work improving its robustness in the face of out specification files. * IMPORTANT: We (i.e. Ghostscript upstream) are in the process of forking LittleCMS. LCMS2 is not thread safe, and cannot be made thread safe without breaking the ABI. Our fork will be thread safe, and include performance enhancements (these changes have all be been offered and rejected upstream). We will maintain compatibility between Ghostscript and LCMS2 for a time, but not in perpetuity. Our fork will be available as its own package separately from Ghostscript (and MuPDF). * The usual round of bug fixes, compatibility changes, and incremental improvements. For a release summary see: http://www.ghostscript.com/doc/9.24/News.htm For details see the News.htm and History9.htm files. - fix_ln_docdir_gsdatadir.patch is no longer needed because the issue is fixed in the upstream sources. - CVE-2018-10194.patch is no longer needed because the issue is fixed in the upstream sources.- CVE-2018-10194.patch fixes stack-based buffer overflow in gdevpdts.c (bsc#1090099), see https://bugs.ghostscript.com/show_bug.cgi?id=699255 and http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879- Version upgrade to 9.23 Highlights in this release include: * Ghostscript now has a family of 'pdfimage' devices (pdfimage8, pdfimage24 and pdfimage32) which produce rendered output wrapped up as an image in a PDF. Additionally, there is a 'pclm' device which produces PCLm format output. * There is now a ColorAccuracy parameter allowing the user to decide between speed or accuracy in ICC color transforms. * JPEG Passthrough: devices which support it can now receive the 'raw' JPEG stream from the interpreter. The main use of this is the pdfwrite/ps2write family of devices that can now take JPEG streams from the input file(s) and write them unchanged to the output (thus avoiding additional quantization effects). * PDF transparency performance improvements * IMPORTANT: We (i.e. Ghostscript upstream) are in the process of forking LittleCMS. LCMS2 is not thread safe, and cannot be made thread safe without breaking the ABI. Our fork will be thread safe, and include performance enhancements (these changes have all be been offered and rejected upstream). We will maintain compatibility between Ghostscript and LCMS2 for a time, but not in perpetuity. Our fork will be available as its own package separately from Ghostscript (and MuPDF). * We have continued the focus on code hygiene in this release cleaning up security issues, ignored return values, and compiler warnings. * The usual round of bug fixes, compatibility changes, and incremental improvements. Incompatible changes * The planned device API tidy has, unfortunately, been indefinitely postponed, until appropriate resources are available. For a release summary see: http://www.ghostscript.com/doc/9.23/News.htm For details see the News.htm and History9.htm files. See also the entries below since "Version upgrade to 9.22" (boo#1082896 and boo#1074266).- For now use lcms2 from SUSE because that is what currently Ghostscript upstream recommends according to https://ghostscript.com/pipermail/gs-devel/2018-March/010061.html because since Ghostscript 9.23rc1 there is no longer lcms2 in Ghostscript but now it is lcms2art which is the beginning of a lcms2 fork, see News.htm that reads in particular "LCMS2 is not thread safe ... Our fork will be thread safe ... We will maintain compatibility between Ghostscript and LCMS2 for a time, but not in perpetuity", see also https://bugzilla.opensuse.org/show_bug.cgi?id=1082896#c14 - On SLE11 and on SLE12-SP1 there is liblcms2-2-2.5 which is too old so that configure fails there with configure: error: lcms2 not found, or too old but there is no configure option to build it without lcms2 so that for SLE11 and SLE12-SP1 it is built with the lcms2art in Ghostscript. - ppc64le-support.patch is no longer needed because it only contained a fix for lcms2art/include/lcms2art.h in Ghostscript but currently lcms2 from SUSE is used instead (see above). - Do no longer require any fonts packages in particular neither require ghostscript-fonts-std because the PostScript Base35 fonts are provided by Ghostscript (in 'Resource') nor require ghostscript-fonts-other (provides Bitream Charter, Adobe Utopia, URW Antiqua, URW Grotesq and Hershey fonts where all but the last are also provided by texlive--fonts) and those fonts are not required for PostScript compliance, see https://bugzilla.opensuse.org/show_bug.cgi?id=1082896#c13- Version upgrade to 9.23rc1 (first release candidate for 9.23). For details see the News.htm and History9.htm files. Regarding installing packages (in particular release candidates) from the openSUSE build service development project "Printing" see https://build.opensuse.org/project/show/Printing - Adapted ppc64le-support.patch: In Ghostscript 9.23 there is now lcms2art/include/lcms2art.h (instead of lcms2/include/lcms2.h). - ghostscript-fix-debug-use.patch is no longer needed because the issue is fixed in the upstream sources. - fix_ln_docdir_gsdatadir.patch avoids "base/unixinst.mak:162: recipe for target 'install-doc' failed" - Adapted spec file to the new Ghostscript upstream documentation directory /usr/share/doc/ghostscript/9.23/- Use -p /sbin/ldconfig instead of shell post(un) scriptlet, drop explicit Prereq for ldconfig - Use shared libgs library for gs binary instead of static linked version - Use --disable-compile-inits, to allow unbundling of Resource files - Remove --disable-omni switch, has been removed in GS 9.20 - Keep patch ordering in full/mini consistent - Remove patch backup files to avoid packaging- Add ghostscript-fix-debug-use.patch from upstream to fix broken printing with some drivers (especially Dell Printers) from https://bugs.ghostscript.com/show_bug.cgi?id=698837 - Fix build for SLE targets- Version upgrade to 9.22. For details see the News.htm and History9.htm files. Highlights in this release include: * Ghostscript can now consume and produce (via the pdfwrite device) PDF 2.0 compliant files. * The main focus of this release has been security and code cleanliness. Hence many AddressSanitizer, Valgrind and Coverity issues have been addressed. * The usual round of bug fixes, compatibility changes, and incremental improvements. Incompatible changes * The planned device API tidy (still!) did not happen for this release, due to time pressures, but we still intend to undertake the following: We plan to somewhat tidy up the device API. We intend to remove deprecated device procs (methods/function pointers) and change the device API so every device proc takes a graphics state parameter (rather than the current scheme where only a very few procs take an imager state parameter). This should serve as notice to anyone maintaining a Ghostscript device outside the canonical source tree that you may (probably will) need to update your device(s) when these changes happen. Devices using only the non-deprecated procs should be trivial to update. - Up to 9.22rc1 it "just built" for all openSUSE versions but since 9.22rc2 the libijs part does no longer buid for any released openSUSE version where if fails with messages like libtool: Version mismatch error. This is libtool 2.4.6 Debian-2.4.6-2, but the definition of this LT_INIT comes from libtool 2.4.2. You should recreate aclocal.m4 with macros from libtool 2.4.6 Debian-2.4.6-2 and run autoconf again. Makefile: recipe for target 'ijs.lo' failed so that currently it only builds for Tumbleweed/Factory. Presumably it is not too complicated to make it build again also for released openSUSE versions but currently I have less than zero energy to fix such "latest breaking changes" so that for now Ghostscript 9.22 is only provided for openSUSE Tumbleweed/Factory and the upcoming SLE15/Leap15.- Version upgrade to 9.22rc2 (second release candidate for 9.22). For details see the News.htm and History9.htm files. Regarding installing packages (in particular release candidates) from the openSUSE build service development project "Printing" see https://build.opensuse.org/project/show/Printing- Version upgrade to 9.22rc1 (first release candidate for 9.22). For details see the News.htm and History9.htm files. Regarding installing packages (in particular release candidates) from the openSUSE build service development project "Printing" see https://build.opensuse.org/project/show/Printing - Since Ghostscript 9.22rc1 font2c and wftopfa are removed. - CVE-2017-5951.patch CVE-2017-7207.patch CVE-2017-8291.patch and CVE-2017-9216.patch are fixed in the version 9.22rc1 upstream sources.- CVE-2017-7207.patch fixes a NULL pointer dereference in mem_get_bits_rectangle see https://bugs.ghostscript.com/show_bug.cgi?id=697676 (bsc#1030263) - CVE-2017-9216.patch fixes a NULL pointer dereference in jbig2_huffman_get see https://bugs.ghostscript.com/show_bug.cgi?id=697934 (bsc#1040643)- CVE-2017-8291.patch fixes a type confusion in .rsdparams and .eqproc see https://bugs.ghostscript.com/show_bug.cgi?id=697808 and https://bugs.ghostscript.com/show_bug.cgi?id=697799 (bsc#1036453).- CVE-2016-10317 (bsc#1032230) heap buffer overflow in fill_threshhold_buffer() is not yet fixed because there is no fix available at https://bugs.ghostscript.com/show_bug.cgi?id=697459 - CVE-2016-10219 (bsc#1032138) divide by zero in intersect() https://bugs.ghostscript.com/show_bug.cgi?id=697453 is fixed in the version 9.21 upstream sources - CVE-2016-10218 (bsc#1032135) null pointer dereference in pdf14_pop_transparency_group() https://bugs.ghostscript.com/show_bug.cgi?id=697444 is fixed in the version 9.21 upstream sources. - CVE-2016-10217 (bsc#1032130) use-after-free in pdf14_cleanup_parent_color_profiles() that is related to pdf14_open() in base/gdevp14.c https://bugs.ghostscript.com/show_bug.cgi?id=697456 is fixed in the version 9.21 upstream sources. - CVE-2016-10220 (bsc#1032120) null pointer dereference in gx_device_finalize() that is related to gs_makewordimagedevice() in base/gsdevmem.c https://bugs.ghostscript.com/show_bug.cgi?id=697450 is fixed in the version 9.21 upstream sources. - CVE-2017-5951.patch fixes null pointer dereference in ref_stack_index() that is related to mem_get_bits_rectangle() in base/gdevmem.c https://bugs.ghostscript.com/show_bug.cgi?id=697548 (bsc#1032114)- Version upgrade to 9.21. For details see the News.htm and History9.htm files. Highlights in this release include: * pdfwrite now preserves annotations from input PDFs (where possible). * The GhostXPS interpreter now provides the pdfwrite device with the data it requires to emit a ToUnicode CMap: thus allowing fully searchable PDFs to be created from XPS input (in the vast majority of cases). * Ghostscript now allows the default color space for PDF transparency blends. * The Ghostscript/GhostPDL configure script now has much better/fuller support for cross compiling. * The tiffscaled and tiffscaled4 devices can now use ETS (Even Tone Screening) * The toolbin/pdf_info.ps utility can now emit the PDF XML metadata. * Ghostscript has a new scan converter available (currently optional, but will become the default in a near future release). It can be enabled by using the command line option: '-dSCANCONVERTERTYPE=2'. This new implementation provides vastly improved performance with large and complex paths. * The usual round of bug fixes, compatibility changes, and incremental improvements. Incompatible changes: * The planned device API tidy (still!) did not happen for this release, due to time pressures, but we still intend to undertake the following: We plan to somewhat tidy up the device API. We intend to remove deprecated device procs (methods/function pointers) and change the device API so every device proc takes a graphics state parameter (rather than the current scheme where only a very few procs take an imager state parameter). This should serve as notice to anyone maintaining a Ghostscript device outside the canonical source tree that you may (probably will) need to update your device(s) when these changes happen. Devices using only the non-deprecated procs should be trivial to update. - CVE-2016-7976.patch and CVE-2016-7977.patch and CVE-2016-7978.patch and CVE-2016-7979.patch and CVE-2016-8602.patch are no longer needed because those issues are fixed in the upstream sources. - 0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch and 0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch are no longer needed because both are included in the upstream sources, see the upstream issue https://bugs.ghostscript.com/show_bug.cgi?id=697484 - Again use the zlib sources from Ghostscript upstream and disable remove-zlib-h-dependency.patch because Ghostscript 9.21 does no longer build this way, cf. the entry below dated "Wed Nov 18 11:46:58 UTC 2015"- Set SOURCE_DATE_EPOCH based on changelog head - Add 0001-mkromfs-make-build-reproducible-use-buildtime-from-S.patch * Use SOURCE_DATE_EPOCH for mkromfs output for reproducible build - Add 0002-mkromfs-sort-gp_enumerate_files-output-for-determini.patch * Sort ROM contents for deterministic output- CVE-2013-5653 (getenv and filenameforall ignore -dSAFER) is fixed in the Ghostscript 9.20 upstream sources see http://bugs.ghostscript.com/show_bug.cgi?id=694724 (bsc#1001951). - CVE-2016-7976.patch fixes that various userparams allow %pipe% in paths, allowing remote shell command execution see http://bugs.ghostscript.com/show_bug.cgi?id=697178 (bsc#1001951). - CVE-2016-7977.patch fixes that .libfile doesn't check PermitFileReading array, allowing remote file disclosure see http://bugs.ghostscript.com/show_bug.cgi?id=697169 (bsc#1001951). - CVE-2016-7978.patch fixes that reference leak in .setdevice allows use-after-free and remote code execution see http://bugs.ghostscript.com/show_bug.cgi?id=697179 (bsc#1001951). - CVE-2016-7979.patch fixes that type confusion in .initialize_dsc_parser allows remote code execution see http://bugs.ghostscript.com/show_bug.cgi?id=697190 (bsc#1001951). - CVE-2016-8602.patch fixes a NULL dereference in .sethalftone5 see http://bugs.ghostscript.com/show_bug.cgi?id=697203 (bsc#1004237).- Version upgrade to 9.20. Purely a maintenance release. For details see the News.htm and History9.htm files. Highlights in this release include: * The usual round of bug fixes, compatibility changes, and incremental improvements. Incompatible changes: * The planned device API tidy did not happen for this release, due to time pressures, but we still intend to undertake the following: We plan to somewhat tidy up the device API. We intend to remove deprecated device procs (methods/function pointers) and change the device API so every device proc takes a graphics state parameter (rather than the current scheme where only a very few procs take an imager state parameter). This should serve as notice to anyone maintaining a Ghostscript device outside the canonical source tree that you may (probably will) need to update your device(s) when these changes happen. Devices using only the non-deprecated procs should be trivial to update.- Version upgrade to 9.20rc1 (first release candidate for 9.20). For details see the News.htm and History9.htm files. Regarding installing packages (in particular release candidates) from the openSUSE build service development project "Printing" see https://build.opensuse.org/project/show/Printing- Version upgrade to 9.19. Mainly a maintenance release. For details see the News.htm and History9.htm files. Highlights in this release include: * Metadata pdfmark is now implemented. This allows the user to specify an XMP stream which will be written to the Catalog of the PDF file. A new pdfmark 'Ext_Metadata' has been defined. This takes a string parameter which contains XML to be add to the XMP normally created by pdfwrite. See "pdfwrite pdfmark extensions" for more information. * An experimental, rudimentary raster trapping implementation has been added to the Ghostscript graphics library. See "Trapping" for details. Incompatible changes: * (Minor) API change: copy_alpha now supports 8 bit depth (as well as the previous 2 and 4). * The gs man pages are woefully out of date and basically unmaintained. With the release following 9.19, we intend to replace their contents with a very limited summary of (unlikely to ever change aspects of) calling Ghostscript, and a pointer to the (maintained) HTML documentation. That is, unless a volunteer is willing to update, and commit to maintaining the man pages. * ijs-config is no longer provided Planned incompatible changes: * We plan (ideally for the release following 9.19) to somewhat tidy up the device API. We plan to remove deprecated device procs (methods/function pointers). We also intend to merge the imager state and graphics state (thus eliminating the imager state), and change the device API so every device proc takes a graphics state parameter (rather than the current scheme where only a very few procs take an imager state parameter). This should serve as notice to anyone maintaining a Ghostscript device outside the canonical source tree that you may (probably will) need to update your device(s) when these changes happen. Devices using only the non-deprecated procs should be trivial to update. - fix_make_install.patch fixes and add_brackets_for_old_autoconf.patch are no longer needed because both issues are fixed in the upstream sources.- Version upgrade to 9.19rc1 (first release candidate for 9.19). For details see the News.htm and History9.htm files. Regarding installing packages (in particular release candidates) from the openSUSE build service development project "Printing" see https://build.opensuse.org/project/show/Printing - ijs-config is no longer provided - fix_make_install.patch fixes an install error and add_brackets_for_old_autoconf.patch fixes an autoconf error see http://bugs.ghostscript.com/show_bug.cgi?id=696665 - fix_ijs_and_x11_for_FirstPage_and_LastPage.patch is no longer needed because it is fixed in the upstream sources. - install_gserrors.h.patch is no longer needed because it is fixed in the upstream sources.- Do not use library sources for freetype jpeg libpng tiff zlib from the Ghostscript upstream tarball because we prefer to use for long-established standard libraries the ones from SUSE in particular to automatically get SUSE security updates for standard libraries. In contrast we use e.g. lcms2 from the Ghostscript upstream tarball because this one is specially modified to work with Ghostscript so that we cannot use lcms2 from SUSE. - remove-zlib-h-dependency.patch removes dependency on zlib/zlib.h in makefiles as we do not use the zlib sources from the Ghostscript upstream tarball.- An incompatible change appeared when building other software with Ghostscript 9.18. Since version 9.18 Ghostscript does no longer provide e_ (e.g. e_NeedInput) in its header files (gserrors.h and ierrors.h). When building other software with Ghostscript 9.18 gs_error_ (e.g. gs_error_NeedInput) must be used, see boo#953149 and http://bugs.ghostscript.com/show_bug.cgi?id=696317- install_gserrors.h.patch installs gserrors.h to fix http://bugs.ghostscript.com/show_bug.cgi?id=696301 because without gserrors.h several other packages fail to build (in particular texlive, libspectre, gimp,...).- fix_ijs_and_x11_for_FirstPage_and_LastPage.patch fixes the Ghostscript device ijs and the x11* devices so that they also work when -dFirstPage/-dLastPage is used, see http://bugs.ghostscript.com/show_bug.cgi?id=696246- Version upgrade to 9.18. A maintenance release. There are no recorded incompatible changes (as of this writing). Highlights in this release include: * A substantial revision of the build system and GhostPDL directory structure. Ghostscript-only users should not be affected by this change. * A new method of internally inserting devices into the device chain has been developed, named "device subclassing". This allows suitably written devices to be more easily and consistently as "filter" devices. The first fruit of this is a new implementation of the "-dFirstPage"/"-dLastPage" feature which functions a device filter in the Ghostscript graphics library, meaning it works consistently with all input languages. * Plus the usual round of bug fixes, compatibility changes, and incremental improvements. See http://www.ghostscript.com/doc/9.18/News.htm For details see the News.htm and History9.htm files.- Version upgrade to 9.18rc2 (second release candidate for 9.18). For details see the News.htm and History9.htm files. Regarding installing packages (in particular release candidates) from the openSUSE build service development project "Printing" see https://build.opensuse.org/project/show/Printing - assign_pointer_not_value_in_gximono.c.patch is no longer needed because it is fixed in the upstream sources.- Version upgrade to 9.18rc1 (first release candidate for 9.18). For details see the News.htm and History9.htm files. Regarding installing packages (in particular release candidates) from the openSUSE build service development project "Printing" see https://build.opensuse.org/project/show/Printing - CVE-2015-3228.patch is no longer needed because it is fixed in the upstream sources. - assign_pointer_not_value_in_gximono.c.patch attempts to fix a "assignment makes pointer from integer without a cast" compiler warning by assigning the pointer and not the integer value. - Removed --disable-compile-inits from configure, see http://bugs.ghostscript.com/show_bug.cgi?id=696223 and "Precompiled run-time data" in /usr/share/ghostscript/9.18/doc/Make.htm- CVE-2015-3228.patch fixes out of bound read/write cause by integer overflow in gsmalloc.c (boo#939342).- Version upgrade to 9.16. Primarily a maintenance release. There are no recorded incompatible changes (as of this writing). Highlights in this release include: * "LockColorants" command line option for tiffsep and psdcmyk devices. * Improved high level devices handling of Forms. See http://www.ghostscript.com/doc/9.16/News.htm For details see the News.htm and History9.htm files. - fix.including.pread.pwrite.pthread_mutexattr_settype.diff is no longer needed because it is fixed in the upstream sources.- fix.including.pread.pwrite.pthread_mutexattr_settype.diff fixes on SLE11 implicit declaration of function warnings for 'pread' 'pwrite' 'pthread_mutexattr_settype' see http://bugs.ghostscript.com/show_bug.cgi?id=695882 - ppc64le-support.patch is a remainder of the previous patch now the hunk for LCMS (lcms/include/lcms.h) is removed because LCMS 1.x is removed since Ghostscript 9.16 but the hunk for LCMS2 (lcms2/include/lcms2.h) is still needed see http://bugs.ghostscript.com/show_bug.cgi?id=695544- Version upgrade to 9.16rc2 (second release candidate for 9.16). For details see the News.htm and History9.htm files. Regarding installing packages (in particular release candidates) from the openSUSE build service development project "Printing" see https://build.opensuse.org/project/show/Printingbuild78 1573816457 9.27-lp151.3.9.19.27-lp151.3.9.10.35ghostscriptgdevdsp.hgserrors.hiapi.hierrors.hijsijs.hijs_client.hijs_server.hlibgs.solibijs.soijs.pc/usr/include//usr/include/ghostscript//usr/include/ijs//usr/lib//usr/lib/pkgconfig/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:11508/openSUSE_Leap_15.1_Update/dfb8f1025d587b9fefb679f9e013f662-ghostscript-mini.openSUSE_Leap_15.1_Updatecpioxz5i586-suse-linuxdirectoryC source, ASCII textpkgconfig filePR0~SL291utf-82e471805e2f5810641f23d11cab42b903e846741df800eff48e033f255ec4170?7zXZ !t/)] crt:bLL F&tRqаo5̊0Њ˘cvMU2j4#Uϰ0pN *;qEƁ1]_on^}/TXZ98$Osz}n?Έl:z:Bd@QNRo y@=IlbᱢۑO0zc&F'Ϯ3tuc2Nωݽ%ULxr4;9l(v͞y~{8C"./X94kYD99_a:XIl( q%w {pCr}+^L8@vBVc!cp]|gzXPy#.hРM')4} B74Pyv]8G%+sYFjcƦS5BQz&2H@57>"]JbF.fȂ("jϐ8^s̞c]f# sl@->ŔLqN~&YJY޷;q=ݞG&L׎ Իj;z9\:<#S N$~l_#ȌAXleQ*$COui&{%~m̶y$bT P w Wa6 80w˂!dYd(.ksK; QNX@NY"ќbsfG޿|je0Yiӟ}QZ#5SiVଋN쩥rD΢-"1P]Tۍ d^B̗LJ/t8-W.ȿ,4~ Tbyr( ~mܤޟ7m@k|RrTH C6<}ɣY/1oQ.7$|{!-g1jWPgV e\KWgKQ=QF{UWUFN̪+%[u=v`Im(Omop }ϙy.tAE}.>&Q ɮ c%R\7`8e&o~A Fi6G; rMAZگiovn )a8{pBĝ Ƕ3|*,`Dcl,קe,0;8? -&O>ry4w΁V'8p3=$pƽ6֗SLZi~ذcvzL-lVKWd#GՆ !Z@x\B)H=Vr j~'bQnl7Դ{t'dc#W Q/_wk # 0\ՋP"@av !=Vl/{btFD/,V;;h?; qPa7)|p̧79J})/C *iw (dܨjJ3i &&RЩ|i )lz?$jd{%0'qy`OL9D\q4{pSWe ڂs YU ;u30|hzEQ}_piLALPIͤDx3Y{|f}WjR(5J&D;\a=rUs(0B+fh@Ke݈a:yf0!=\>;[ y.8ntqn!ҡ)v5jx]8LE_;Y^m7M6ҏ װܗ=jfe&)m0oƳW]Qw' f¨tM20f[{*COxxm٪zy# ?>3t<ځbUclT1@\>&97 9g&^ z,~kHDrAϮ[`FK'"r`eؑt ` U2JBt|V s4EU@mV[ ۚ09ꉓhwüq=c+iC$J$4'ozrֿJOJ;Z˽㨄5z1Dq@c?'_"}|h7.x_$@*BiJ͑4r}EG(vjF!5LLnwċO8:ɔcّxdT0~&\ X^&Ppb͔}Ϯ W)*h}}A(*,$ )ڰ_"ǔMFǐ-[poX'oWVDȽ6ow%?oK >RRŎ'M≄F]TF/LuGͭ{ ه CIYeᶓ Wg&KX1]>&E@ @\HO|:oM #l I`%]w?XN C*OiȗF'ÌEn|5V佩 A,嘵.rmRx\S6.,쭵Wx,/m{^RgcQ0(@pomPu!NI, SC[WtzS6.&Enݢb`+ Y-)fg/i/PH喂@@OL*3H("<)F&+#i.Y/M@+scbLB xy@G;lW9_Qs;7h5NI"*7Na|6Pl"Q8Iz+N6,<=3 '9Чb@T9GJEݑK""|; K.Z[2_S՜^MVk'ܻROh2=-ۺYAaZ9,ZuSJZ@:1٩5~zq*|D>afMtl,:BwsV:6fnGz#gYryQӯ~ Fj9KM;yZ6d#\4TCEHmC O{Z~, Crw@yya9ӬᡎMK8:NIβLjh[}oI[~9<S긔׃G {H 2C?(j% ygnjs[r мURg]GΫrFx;Tj!3h;d}:&̜4MoVtM"^D~5ޱjוQRN=WcvՐ~3ĪgNC>,_*<0T~֓/>+ <_2S%f(쒹V*L^s*j~.=+: /]{|tGI\A3yaPZyV$Xo*=l ks޶h/ E xpC:f\Gk -#YUFߤ so`rGqDr m_.YlQ )*J 3=G\7W7l"Gv􋶃;A^$q-BE%o6gyc]&͝2wpRd>%jŖPHvxQLkLtz߲[>t_'`$,4y'ևf79Aƥ&/K^KM518iV*mW0M<Lh`9NY$D\V0 CVGS"Rq< G}_|g|In' f'`x{"?VY37Wf7G{ 6t4do]KzmI:C %X BL c?pe2A:w,~Tz/xF}Ftq腜Py&sŀ<_eѼOqQ{,o8`>Ȩk~D-:[L+M~R[TQ%n=j̏)k-΢BXm4'ր]|5 ]80{iJub&l=7wq.o~SHL&^ /k1:v ‘mf)"SAFXm$ZWZ!'YyNVb5|iad(|'BPl('Awڈ-00vTlӠzGg'hS%,Qx nxe0?544J3 <ctq,*;<|ydvY.U4ܻT1OΧb{o/7 ple~}K>-5͙#:o9u;`oe J87P4EA'*XS"^}{y$QJV QB-(?G*m~ Lz{IkZ& Fi{w\~ =/\BB\˚ j_W7-xh '"{gxuA{EN{Oi=6L.]o[fj>_ uAf"@QK 6e]lW*\U!%Il 䫯( Ӧb̗Dt)V _YC{`3Ou'|m5_7(|%.y l|&|¥+RElhi~lXtt|yS]US Fgu$׎*WީoP\4 ɖM-} !ܿx[Z.! zM Z?#їI:&nB‷ ,D՜ea݄sQL8Z9mi%Q?`vMSF/>:PCQLzP%_ߒ$É>=TuJ s~㰏h1EXBhA"+Ryf"zyw]<:R}S( lҒ_[4SKx7=iEoz }%zy!P־Y}7 IÂﶗ˖pŗUlJna%loyjETΔ9{yR7M/_АD޴Re5^&" EH pv%Ԏq%!i TP uIj6BGi}T(Ǜ'z UB]x-75ExEjdLf] )-i:yuۢs_]9$:@O[~m_KE!@FÚ؁Ƀ|}@GF7=ߗXXOjtrݪ4Zb;S5Ǭ'֘luXjWIȪ >"J " Eբ8]K%I 8B+Nӽh oSp?91N/ OV8r 0^5v+$Bw j${F3k`2fژN _352@pE(yDgitS=;.ҙI@cYp hs\\2ĨwF4E|0n$J)0wL& 4Yrk-24"HI_m7^Vlqk|~^,\ކC"ROU>ӈDxbmpx- d&Q'z6mXGnn$R~n[XL 9Z̰} ?5؄9 КkwtУt"=*? Ȗ 㢉RUy0M$d7˃암vTMςKWs^Uby=^G *ʷ𨗦 e BT vx>8_Hg7XeڬrnwFvQ $$ir{;K9kiotOQ 2eWWu 3 -hSБ],jۚtZy0)64]+>xBƂ  ĵJwVV 7ޤ+B2O䝚S%!81G}x@HDL9LZE_ S%vQ_Q\YKwPx(E9A袜|jgXKKm$8E]hypOi DwF_>;ʁZ [҂줳 ߩ8Wꮭ凂lX„=DKmws|uS޼|Gmf$̋ FMN<IM G"i؍ݜy?:eG=qs|uaY|OF`qAhʊΈ7%]5!NOVKq\yO/:,A3J^^O+`7!n1Ry(c/fJ2=X }T^I|LXG@xl{^/_!岯K2Dz-8t.57yo}Esnir'P4k \8`XPK}qTr e87KAvt"$f;g8'Fϫ) X9GC S3ȨlanH.f܈$O(8>"˕U`·bY"ޟjg >%_w~< {8# s.Hyc2:&#%ͻ:-,3cYu3ͨe68o1S 1'H 5[3V`MW5 ^H,/3{n6q#dzŝ0 \oEHJ=ՙѥޔgfd;}\ w UsCSΕ5ƻ@sNq@m+3e"fK~Pave} FDbQaFsUCkpRȓ,G YZ