[PR PATCH] ghostscript: update to 9.55.0.

[PR PATCH] ghostscript: update to 9.55.0.

[chili-b]

[-- Attachment #1: Type: text/plain, Size: 1265 bytes --]

There is a new pull request by chili-b against master on the void-packages repository

https://github.com/chili-b/void-packages ghostscript
https://github.com/void-linux/void-packages/pull/36057

ghostscript: update to 9.55.0.
Remove patch for CVE-2021-3781 as it is included in the current release.

Include a patch for a typo in the current release:
https://bugs.ghostscript.com/show_bug.cgi?id=704501

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **briefly**

<!--
#### New package
- This new package conforms to the [quality requirements](https://github.com/void-linux/void-packages/blob/master/Manual.md#quality-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please [skip CI](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration)
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
#### Local build testing
- I built this PR locally for my native architecture, (x86_64-glibc)


A patch file from https://github.com/void-linux/void-packages/pull/36057.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-ghostscript-36057.patch --]
[-- Type: text/x-diff, Size: 11577 bytes --]

From cf4244f081dbff2ab33dd7115534127288cf0df7 Mon Sep 17 00:00:00 2001
From: chili-b <dexter.gaonshatford@gmail.com>
Date: Wed, 9 Mar 2022 00:02:11 -0500
Subject: [PATCH] ghostscript: update to 9.55.0.

Remove patch for CVE-2021-3781 as it is included in the current release.

Include a patch for a typo in the current release:
https://bugs.ghostscript.com/show_bug.cgi?id=704501
---
 .../ghostscript/patches/CVE-2021-3781.patch   | 233 ------------------
 .../fix_gscms_transform_color_typo.patch      |  11 +
 srcpkgs/ghostscript/template                  |   6 +-
 3 files changed, 14 insertions(+), 236 deletions(-)
 delete mode 100644 srcpkgs/ghostscript/patches/CVE-2021-3781.patch
 create mode 100644 srcpkgs/ghostscript/patches/fix_gscms_transform_color_typo.patch

diff --git a/srcpkgs/ghostscript/patches/CVE-2021-3781.patch b/srcpkgs/ghostscript/patches/CVE-2021-3781.patch
deleted file mode 100644
index e9c34ee05b51..000000000000
--- a/srcpkgs/ghostscript/patches/CVE-2021-3781.patch
+++ /dev/null
@@ -1,233 +0,0 @@
-https://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=a9bd3dec9fde
-
-From a9bd3dec9fde03327a4a2c69dad1036bf9632e20 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Tue, 7 Sep 2021 20:36:12 +0100
-Subject: [PATCH] Bug 704342: Include device specifier strings in access
- validation
-
-for the "%pipe%", %handle%" and %printer% io devices.
-
-We previously validated only the part after the "%pipe%" Postscript device
-specifier, but this proved insufficient.
-
-This rebuilds the original file name string, and validates it complete. The
-slight complication for "%pipe%" is it can be reached implicitly using
-"|" so we have to check both prefixes.
-
-Addresses CVE-2021-3781
----
- base/gdevpipe.c | 22 +++++++++++++++-
- base/gp_mshdl.c | 11 +++++++-
- base/gp_msprn.c | 10 ++++++-
- base/gp_os2pr.c | 13 +++++++++-
- base/gslibctx.c | 69 ++++++++++---------------------------------------
- 5 files changed, 65 insertions(+), 60 deletions(-)
-
-diff --git a/base/gdevpipe.c b/base/gdevpipe.c
-index 96d71f5d8..5bdc485be 100644
---- a/base/gdevpipe.c
-+++ b/base/gdevpipe.c
-@@ -72,8 +72,28 @@ pipe_fopen(gx_io_device * iodev, const char *fname, const char *access,
- #else
-     gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
-     gs_fs_list_t *fs = ctx->core->fs;
-+    /* The pipe device can be reached in two ways, explicltly with %pipe%
-+       or implicitly with "|", so we have to check for both
-+     */
-+    char f[gp_file_name_sizeof];
-+    const char *pipestr = "|";
-+    const size_t pipestrlen = strlen(pipestr);
-+    const size_t preflen = strlen(iodev->dname);
-+    const size_t nlen = strlen(fname);
-+    int code1;
-+
-+    if (preflen + nlen >= gp_file_name_sizeof)
-+        return_error(gs_error_invalidaccess);
-+
-+    memcpy(f, iodev->dname, preflen);
-+    memcpy(f + preflen, fname, nlen + 1);
-+
-+    code1 = gp_validate_path(mem, f, access);
-+
-+    memcpy(f, pipestr, pipestrlen);
-+    memcpy(f + pipestrlen, fname, nlen + 1);
- 
--    if (gp_validate_path(mem, fname, access) != 0)
-+    if (code1 != 0 && gp_validate_path(mem, f, access) != 0 )
-         return gs_error_invalidfileaccess;
- 
-     /*
-diff --git a/base/gp_mshdl.c b/base/gp_mshdl.c
-index 2b964ed74..8d87ceadc 100644
---- a/base/gp_mshdl.c
-+++ b/base/gp_mshdl.c
-@@ -95,8 +95,17 @@ mswin_handle_fopen(gx_io_device * iodev, const char *fname, const char *access,
-     long hfile;	/* Correct for Win32, may be wrong for Win64 */
-     gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
-     gs_fs_list_t *fs = ctx->core->fs;
-+    char f[gp_file_name_sizeof];
-+    const size_t preflen = strlen(iodev->dname);
-+    const size_t nlen = strlen(fname);
- 
--    if (gp_validate_path(mem, fname, access) != 0)
-+    if (preflen + nlen >= gp_file_name_sizeof)
-+        return_error(gs_error_invalidaccess);
-+
-+    memcpy(f, iodev->dname, preflen);
-+    memcpy(f + preflen, fname, nlen + 1);
-+
-+    if (gp_validate_path(mem, f, access) != 0)
-         return gs_error_invalidfileaccess;
- 
-     /* First we try the open_handle method. */
-diff --git a/base/gp_msprn.c b/base/gp_msprn.c
-index ed4827968..746a974f7 100644
---- a/base/gp_msprn.c
-+++ b/base/gp_msprn.c
-@@ -168,8 +168,16 @@ mswin_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
-     uintptr_t *ptid = &((tid_t *)(iodev->state))->tid;
-     gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
-     gs_fs_list_t *fs = ctx->core->fs;
-+    const size_t preflen = strlen(iodev->dname);
-+    const size_t nlen = strlen(fname);
- 
--    if (gp_validate_path(mem, fname, access) != 0)
-+    if (preflen + nlen >= gp_file_name_sizeof)
-+        return_error(gs_error_invalidaccess);
-+
-+    memcpy(pname, iodev->dname, preflen);
-+    memcpy(pname + preflen, fname, nlen + 1);
-+
-+    if (gp_validate_path(mem, pname, access) != 0)
-         return gs_error_invalidfileaccess;
- 
-     /* First we try the open_printer method. */
-diff --git a/base/gp_os2pr.c b/base/gp_os2pr.c
-index f852c71fc..ba54cde66 100644
---- a/base/gp_os2pr.c
-+++ b/base/gp_os2pr.c
-@@ -107,9 +107,20 @@ os2_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
-            FILE ** pfile, char *rfname, uint rnamelen)
- {
-     os2_printer_t *pr = (os2_printer_t *)iodev->state;
--    char driver_name[256];
-+    char driver_name[gp_file_name_sizeof];
-     gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
-     gs_fs_list_t *fs = ctx->core->fs;
-+    const size_t preflen = strlen(iodev->dname);
-+    const int size_t = strlen(fname);
-+
-+    if (preflen + nlen >= gp_file_name_sizeof)
-+        return_error(gs_error_invalidaccess);
-+
-+    memcpy(driver_name, iodev->dname, preflen);
-+    memcpy(driver_name + preflen, fname, nlen + 1);
-+
-+    if (gp_validate_path(mem, driver_name, access) != 0)
-+        return gs_error_invalidfileaccess;
- 
-     /* First we try the open_printer method. */
-     /* Note that the loop condition here ensures we don't
-diff --git a/base/gslibctx.c b/base/gslibctx.c
-index 6dfed6cd5..318039fad 100644
---- a/base/gslibctx.c
-+++ b/base/gslibctx.c
-@@ -655,82 +655,39 @@ rewrite_percent_specifiers(char *s)
- int
- gs_add_outputfile_control_path(gs_memory_t *mem, const char *fname)
- {
--    char *fp, f[gp_file_name_sizeof];
--    const int pipe = 124; /* ASCII code for '|' */
--    const int len = strlen(fname);
--    int i, code;
-+    char f[gp_file_name_sizeof];
-+    int code;
- 
-     /* Be sure the string copy will fit */
--    if (len >= gp_file_name_sizeof)
-+    if (strlen(fname) >= gp_file_name_sizeof)
-         return gs_error_rangecheck;
-     strcpy(f, fname);
--    fp = f;
-     /* Try to rewrite any %d (or similar) in the string */
-     rewrite_percent_specifiers(f);
--    for (i = 0; i < len; i++) {
--        if (f[i] == pipe) {
--           fp = &f[i + 1];
--           /* Because we potentially have to check file permissions at two levels
--              for the output file (gx_device_open_output_file and the low level
--              fopen API, if we're using a pipe, we have to add both the full string,
--              (including the '|', and just the command to which we pipe - since at
--              the pipe_fopen(), the leading '|' has been stripped.
--            */
--           code = gs_add_control_path(mem, gs_permit_file_writing, f);
--           if (code < 0)
--               return code;
--           code = gs_add_control_path(mem, gs_permit_file_control, f);
--           if (code < 0)
--               return code;
--           break;
--        }
--        if (!IS_WHITESPACE(f[i]))
--            break;
--    }
--    code = gs_add_control_path(mem, gs_permit_file_control, fp);
-+
-+    code = gs_add_control_path(mem, gs_permit_file_control, f);
-     if (code < 0)
-         return code;
--    return gs_add_control_path(mem, gs_permit_file_writing, fp);
-+    return gs_add_control_path(mem, gs_permit_file_writing, f);
- }
- 
- int
- gs_remove_outputfile_control_path(gs_memory_t *mem, const char *fname)
- {
--    char *fp, f[gp_file_name_sizeof];
--    const int pipe = 124; /* ASCII code for '|' */
--    const int len = strlen(fname);
--    int i, code;
-+    char f[gp_file_name_sizeof];
-+    int code;
- 
-     /* Be sure the string copy will fit */
--    if (len >= gp_file_name_sizeof)
-+    if (strlen(fname) >= gp_file_name_sizeof)
-         return gs_error_rangecheck;
-     strcpy(f, fname);
--    fp = f;
-     /* Try to rewrite any %d (or similar) in the string */
--    for (i = 0; i < len; i++) {
--        if (f[i] == pipe) {
--           fp = &f[i + 1];
--           /* Because we potentially have to check file permissions at two levels
--              for the output file (gx_device_open_output_file and the low level
--              fopen API, if we're using a pipe, we have to add both the full string,
--              (including the '|', and just the command to which we pipe - since at
--              the pipe_fopen(), the leading '|' has been stripped.
--            */
--           code = gs_remove_control_path(mem, gs_permit_file_writing, f);
--           if (code < 0)
--               return code;
--           code = gs_remove_control_path(mem, gs_permit_file_control, f);
--           if (code < 0)
--               return code;
--           break;
--        }
--        if (!IS_WHITESPACE(f[i]))
--            break;
--    }
--    code = gs_remove_control_path(mem, gs_permit_file_control, fp);
-+    rewrite_percent_specifiers(f);
-+
-+    code = gs_remove_control_path(mem, gs_permit_file_control, f);
-     if (code < 0)
-         return code;
--    return gs_remove_control_path(mem, gs_permit_file_writing, fp);
-+    return gs_remove_control_path(mem, gs_permit_file_writing, f);
- }
- 
- int
--- 
-2.17.1
diff --git a/srcpkgs/ghostscript/patches/fix_gscms_transform_color_typo.patch b/srcpkgs/ghostscript/patches/fix_gscms_transform_color_typo.patch
new file mode 100644
index 000000000000..9ffa2e09ba66
--- /dev/null
+++ b/srcpkgs/ghostscript/patches/fix_gscms_transform_color_typo.patch
@@ -0,0 +1,11 @@
+--- ./base/gsicc_lcms2.c.jlg	2021-09-27 03:44:02.000000000 -0400
++++ ./base/gsicc_lcms2.c	2021-10-05 10:50:03.428000000 -0400
+@@ -462,7 +462,7 @@
+ gscms_transform_color(gx_device *dev, gsicc_link_t *icclink, void *inputcolor,
+                              void *outputcolor, int num_bytes)
+ {
+-    return gscms_transformm_color_const(dev, icclink, inputcolor, outputcolor, num_bytes);
++    return gscms_transform_color_const(dev, icclink, inputcolor, outputcolor, num_bytes);
+ }
+ 
+ int
diff --git a/srcpkgs/ghostscript/template b/srcpkgs/ghostscript/template
index 5d9e1aa9d410..299327154220 100644
--- a/srcpkgs/ghostscript/template
+++ b/srcpkgs/ghostscript/template
@@ -1,7 +1,7 @@
 # Template file for 'ghostscript'
 pkgname=ghostscript
-version=9.54.0
-revision=2
+version=9.55.0
+revision=1
 hostmakedepends="automake libtool pkg-config"
 makedepends="$(vopt_if cups cups-devel) dbus-devel fontconfig-devel jasper-devel jbig2dec-devel
  lcms2-devel libXext-devel libXt-devel libopenjpeg2-devel libpaper-devel"
@@ -11,7 +11,7 @@ maintainer="Orphaned <orphan@voidlinux.org>"
 license="AGPL-3.0-or-later, CPL-1.0"
 homepage="https://www.ghostscript.com/"
 distfiles="https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${version//./}/ghostscript-${version}.tar.xz"
-checksum=c2b7b43cde600f4e70efb2cd95865f6d884a67315c3de235914697d8ccde6e3b
+checksum=6ee3057773646d6a2c6d117eb53a17d6752feadc513828e4322f68b7b7789ff6
 
 build_options="cups"
 build_options_default="cups"

Re: [PR PATCH] [Updated] ghostscript: update to 9.55.0.

[chili-b]

[-- Attachment #1: Type: text/plain, Size: 1270 bytes --]

There is an updated pull request by chili-b against master on the void-packages repository

https://github.com/chili-b/void-packages ghostscript
https://github.com/void-linux/void-packages/pull/36057

ghostscript: update to 9.55.0.
Remove patch for CVE-2021-3781 as it is included in the current release.

Include a patch for a typo in the current release:
https://bugs.ghostscript.com/show_bug.cgi?id=704501

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **briefly**

<!--
#### New package
- This new package conforms to the [quality requirements](https://github.com/void-linux/void-packages/blob/master/Manual.md#quality-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please [skip CI](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration)
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
#### Local build testing
- I built this PR locally for my native architecture, (x86_64-glibc)


A patch file from https://github.com/void-linux/void-packages/pull/36057.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-ghostscript-36057.patch --]
[-- Type: text/x-diff, Size: 11577 bytes --]

From 9baac6803f5d0316e79a778fc3bf512e67f7532b Mon Sep 17 00:00:00 2001
From: chili-b <dexter.gaonshatford@gmail.com>
Date: Wed, 9 Mar 2022 00:02:11 -0500
Subject: [PATCH] ghostscript: update to 9.55.0.

Remove patch for CVE-2021-3781 as it is included in the current release.

Include a patch for a typo in the current release:
https://bugs.ghostscript.com/show_bug.cgi?id=704501
---
 .../ghostscript/patches/CVE-2021-3781.patch   | 233 ------------------
 .../fix_gscms_transform_color_typo.patch      |  11 +
 srcpkgs/ghostscript/template                  |   6 +-
 3 files changed, 14 insertions(+), 236 deletions(-)
 delete mode 100644 srcpkgs/ghostscript/patches/CVE-2021-3781.patch
 create mode 100644 srcpkgs/ghostscript/patches/fix_gscms_transform_color_typo.patch

diff --git a/srcpkgs/ghostscript/patches/CVE-2021-3781.patch b/srcpkgs/ghostscript/patches/CVE-2021-3781.patch
deleted file mode 100644
index e9c34ee05b51..000000000000
--- a/srcpkgs/ghostscript/patches/CVE-2021-3781.patch
+++ /dev/null
@@ -1,233 +0,0 @@
-https://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=a9bd3dec9fde
-
-From a9bd3dec9fde03327a4a2c69dad1036bf9632e20 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Tue, 7 Sep 2021 20:36:12 +0100
-Subject: [PATCH] Bug 704342: Include device specifier strings in access
- validation
-
-for the "%pipe%", %handle%" and %printer% io devices.
-
-We previously validated only the part after the "%pipe%" Postscript device
-specifier, but this proved insufficient.
-
-This rebuilds the original file name string, and validates it complete. The
-slight complication for "%pipe%" is it can be reached implicitly using
-"|" so we have to check both prefixes.
-
-Addresses CVE-2021-3781
----
- base/gdevpipe.c | 22 +++++++++++++++-
- base/gp_mshdl.c | 11 +++++++-
- base/gp_msprn.c | 10 ++++++-
- base/gp_os2pr.c | 13 +++++++++-
- base/gslibctx.c | 69 ++++++++++---------------------------------------
- 5 files changed, 65 insertions(+), 60 deletions(-)
-
-diff --git a/base/gdevpipe.c b/base/gdevpipe.c
-index 96d71f5d8..5bdc485be 100644
---- a/base/gdevpipe.c
-+++ b/base/gdevpipe.c
-@@ -72,8 +72,28 @@ pipe_fopen(gx_io_device * iodev, const char *fname, const char *access,
- #else
-     gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
-     gs_fs_list_t *fs = ctx->core->fs;
-+    /* The pipe device can be reached in two ways, explicltly with %pipe%
-+       or implicitly with "|", so we have to check for both
-+     */
-+    char f[gp_file_name_sizeof];
-+    const char *pipestr = "|";
-+    const size_t pipestrlen = strlen(pipestr);
-+    const size_t preflen = strlen(iodev->dname);
-+    const size_t nlen = strlen(fname);
-+    int code1;
-+
-+    if (preflen + nlen >= gp_file_name_sizeof)
-+        return_error(gs_error_invalidaccess);
-+
-+    memcpy(f, iodev->dname, preflen);
-+    memcpy(f + preflen, fname, nlen + 1);
-+
-+    code1 = gp_validate_path(mem, f, access);
-+
-+    memcpy(f, pipestr, pipestrlen);
-+    memcpy(f + pipestrlen, fname, nlen + 1);
- 
--    if (gp_validate_path(mem, fname, access) != 0)
-+    if (code1 != 0 && gp_validate_path(mem, f, access) != 0 )
-         return gs_error_invalidfileaccess;
- 
-     /*
-diff --git a/base/gp_mshdl.c b/base/gp_mshdl.c
-index 2b964ed74..8d87ceadc 100644
---- a/base/gp_mshdl.c
-+++ b/base/gp_mshdl.c
-@@ -95,8 +95,17 @@ mswin_handle_fopen(gx_io_device * iodev, const char *fname, const char *access,
-     long hfile;	/* Correct for Win32, may be wrong for Win64 */
-     gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
-     gs_fs_list_t *fs = ctx->core->fs;
-+    char f[gp_file_name_sizeof];
-+    const size_t preflen = strlen(iodev->dname);
-+    const size_t nlen = strlen(fname);
- 
--    if (gp_validate_path(mem, fname, access) != 0)
-+    if (preflen + nlen >= gp_file_name_sizeof)
-+        return_error(gs_error_invalidaccess);
-+
-+    memcpy(f, iodev->dname, preflen);
-+    memcpy(f + preflen, fname, nlen + 1);
-+
-+    if (gp_validate_path(mem, f, access) != 0)
-         return gs_error_invalidfileaccess;
- 
-     /* First we try the open_handle method. */
-diff --git a/base/gp_msprn.c b/base/gp_msprn.c
-index ed4827968..746a974f7 100644
---- a/base/gp_msprn.c
-+++ b/base/gp_msprn.c
-@@ -168,8 +168,16 @@ mswin_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
-     uintptr_t *ptid = &((tid_t *)(iodev->state))->tid;
-     gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
-     gs_fs_list_t *fs = ctx->core->fs;
-+    const size_t preflen = strlen(iodev->dname);
-+    const size_t nlen = strlen(fname);
- 
--    if (gp_validate_path(mem, fname, access) != 0)
-+    if (preflen + nlen >= gp_file_name_sizeof)
-+        return_error(gs_error_invalidaccess);
-+
-+    memcpy(pname, iodev->dname, preflen);
-+    memcpy(pname + preflen, fname, nlen + 1);
-+
-+    if (gp_validate_path(mem, pname, access) != 0)
-         return gs_error_invalidfileaccess;
- 
-     /* First we try the open_printer method. */
-diff --git a/base/gp_os2pr.c b/base/gp_os2pr.c
-index f852c71fc..ba54cde66 100644
---- a/base/gp_os2pr.c
-+++ b/base/gp_os2pr.c
-@@ -107,9 +107,20 @@ os2_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
-            FILE ** pfile, char *rfname, uint rnamelen)
- {
-     os2_printer_t *pr = (os2_printer_t *)iodev->state;
--    char driver_name[256];
-+    char driver_name[gp_file_name_sizeof];
-     gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
-     gs_fs_list_t *fs = ctx->core->fs;
-+    const size_t preflen = strlen(iodev->dname);
-+    const int size_t = strlen(fname);
-+
-+    if (preflen + nlen >= gp_file_name_sizeof)
-+        return_error(gs_error_invalidaccess);
-+
-+    memcpy(driver_name, iodev->dname, preflen);
-+    memcpy(driver_name + preflen, fname, nlen + 1);
-+
-+    if (gp_validate_path(mem, driver_name, access) != 0)
-+        return gs_error_invalidfileaccess;
- 
-     /* First we try the open_printer method. */
-     /* Note that the loop condition here ensures we don't
-diff --git a/base/gslibctx.c b/base/gslibctx.c
-index 6dfed6cd5..318039fad 100644
---- a/base/gslibctx.c
-+++ b/base/gslibctx.c
-@@ -655,82 +655,39 @@ rewrite_percent_specifiers(char *s)
- int
- gs_add_outputfile_control_path(gs_memory_t *mem, const char *fname)
- {
--    char *fp, f[gp_file_name_sizeof];
--    const int pipe = 124; /* ASCII code for '|' */
--    const int len = strlen(fname);
--    int i, code;
-+    char f[gp_file_name_sizeof];
-+    int code;
- 
-     /* Be sure the string copy will fit */
--    if (len >= gp_file_name_sizeof)
-+    if (strlen(fname) >= gp_file_name_sizeof)
-         return gs_error_rangecheck;
-     strcpy(f, fname);
--    fp = f;
-     /* Try to rewrite any %d (or similar) in the string */
-     rewrite_percent_specifiers(f);
--    for (i = 0; i < len; i++) {
--        if (f[i] == pipe) {
--           fp = &f[i + 1];
--           /* Because we potentially have to check file permissions at two levels
--              for the output file (gx_device_open_output_file and the low level
--              fopen API, if we're using a pipe, we have to add both the full string,
--              (including the '|', and just the command to which we pipe - since at
--              the pipe_fopen(), the leading '|' has been stripped.
--            */
--           code = gs_add_control_path(mem, gs_permit_file_writing, f);
--           if (code < 0)
--               return code;
--           code = gs_add_control_path(mem, gs_permit_file_control, f);
--           if (code < 0)
--               return code;
--           break;
--        }
--        if (!IS_WHITESPACE(f[i]))
--            break;
--    }
--    code = gs_add_control_path(mem, gs_permit_file_control, fp);
-+
-+    code = gs_add_control_path(mem, gs_permit_file_control, f);
-     if (code < 0)
-         return code;
--    return gs_add_control_path(mem, gs_permit_file_writing, fp);
-+    return gs_add_control_path(mem, gs_permit_file_writing, f);
- }
- 
- int
- gs_remove_outputfile_control_path(gs_memory_t *mem, const char *fname)
- {
--    char *fp, f[gp_file_name_sizeof];
--    const int pipe = 124; /* ASCII code for '|' */
--    const int len = strlen(fname);
--    int i, code;
-+    char f[gp_file_name_sizeof];
-+    int code;
- 
-     /* Be sure the string copy will fit */
--    if (len >= gp_file_name_sizeof)
-+    if (strlen(fname) >= gp_file_name_sizeof)
-         return gs_error_rangecheck;
-     strcpy(f, fname);
--    fp = f;
-     /* Try to rewrite any %d (or similar) in the string */
--    for (i = 0; i < len; i++) {
--        if (f[i] == pipe) {
--           fp = &f[i + 1];
--           /* Because we potentially have to check file permissions at two levels
--              for the output file (gx_device_open_output_file and the low level
--              fopen API, if we're using a pipe, we have to add both the full string,
--              (including the '|', and just the command to which we pipe - since at
--              the pipe_fopen(), the leading '|' has been stripped.
--            */
--           code = gs_remove_control_path(mem, gs_permit_file_writing, f);
--           if (code < 0)
--               return code;
--           code = gs_remove_control_path(mem, gs_permit_file_control, f);
--           if (code < 0)
--               return code;
--           break;
--        }
--        if (!IS_WHITESPACE(f[i]))
--            break;
--    }
--    code = gs_remove_control_path(mem, gs_permit_file_control, fp);
-+    rewrite_percent_specifiers(f);
-+
-+    code = gs_remove_control_path(mem, gs_permit_file_control, f);
-     if (code < 0)
-         return code;
--    return gs_remove_control_path(mem, gs_permit_file_writing, fp);
-+    return gs_remove_control_path(mem, gs_permit_file_writing, f);
- }
- 
- int
--- 
-2.17.1
diff --git a/srcpkgs/ghostscript/patches/fix_gscms_transform_color_typo.patch b/srcpkgs/ghostscript/patches/fix_gscms_transform_color_typo.patch
new file mode 100644
index 000000000000..9ffa2e09ba66
--- /dev/null
+++ b/srcpkgs/ghostscript/patches/fix_gscms_transform_color_typo.patch
@@ -0,0 +1,11 @@
+--- ./base/gsicc_lcms2.c.jlg	2021-09-27 03:44:02.000000000 -0400
++++ ./base/gsicc_lcms2.c	2021-10-05 10:50:03.428000000 -0400
+@@ -462,7 +462,7 @@
+ gscms_transform_color(gx_device *dev, gsicc_link_t *icclink, void *inputcolor,
+                              void *outputcolor, int num_bytes)
+ {
+-    return gscms_transformm_color_const(dev, icclink, inputcolor, outputcolor, num_bytes);
++    return gscms_transform_color_const(dev, icclink, inputcolor, outputcolor, num_bytes);
+ }
+ 
+ int
diff --git a/srcpkgs/ghostscript/template b/srcpkgs/ghostscript/template
index 5d9e1aa9d410..299327154220 100644
--- a/srcpkgs/ghostscript/template
+++ b/srcpkgs/ghostscript/template
@@ -1,7 +1,7 @@
 # Template file for 'ghostscript'
 pkgname=ghostscript
-version=9.54.0
-revision=2
+version=9.55.0
+revision=1
 hostmakedepends="automake libtool pkg-config"
 makedepends="$(vopt_if cups cups-devel) dbus-devel fontconfig-devel jasper-devel jbig2dec-devel
  lcms2-devel libXext-devel libXt-devel libopenjpeg2-devel libpaper-devel"
@@ -11,7 +11,7 @@ maintainer="Orphaned <orphan@voidlinux.org>"
 license="AGPL-3.0-or-later, CPL-1.0"
 homepage="https://www.ghostscript.com/"
 distfiles="https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${version//./}/ghostscript-${version}.tar.xz"
-checksum=c2b7b43cde600f4e70efb2cd95865f6d884a67315c3de235914697d8ccde6e3b
+checksum=6ee3057773646d6a2c6d117eb53a17d6752feadc513828e4322f68b7b7789ff6
 
 build_options="cups"
 build_options_default="cups"

Re: [PR REVIEW] ghostscript: update to 9.55.0.

[paper42]

[-- Attachment #1: Type: text/plain, Size: 271 bytes --]

New review comment by paper42 on void-packages repository

https://github.com/void-linux/void-packages/pull/36057#discussion_r822445168

Comment:
```suggestion
homepage="https://www.ghostscript.com/"
changelog="https://www.ghostscript.com/doc/${version}/News.htm"
```

Re: [PR PATCH] [Updated] ghostscript: update to 9.55.0.

[chili-b]

[-- Attachment #1: Type: text/plain, Size: 1270 bytes --]

There is an updated pull request by chili-b against master on the void-packages repository

https://github.com/chili-b/void-packages ghostscript
https://github.com/void-linux/void-packages/pull/36057

ghostscript: update to 9.55.0.
Remove patch for CVE-2021-3781 as it is included in the current release.

Include a patch for a typo in the current release:
https://bugs.ghostscript.com/show_bug.cgi?id=704501

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **briefly**

<!--
#### New package
- This new package conforms to the [quality requirements](https://github.com/void-linux/void-packages/blob/master/Manual.md#quality-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please [skip CI](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration)
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
#### Local build testing
- I built this PR locally for my native architecture, (x86_64-glibc)


A patch file from https://github.com/void-linux/void-packages/pull/36057.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-ghostscript-36057.patch --]
[-- Type: text/x-diff, Size: 11696 bytes --]

From a2168ca647bc9b25be8f9c2d8e6bbf082293e771 Mon Sep 17 00:00:00 2001
From: chili-b <dexter.gaonshatford@gmail.com>
Date: Wed, 9 Mar 2022 00:02:11 -0500
Subject: [PATCH] ghostscript: update to 9.55.0.

Remove patch for CVE-2021-3781 as it is included in the current release.

Include a patch for a typo in the current release:
https://bugs.ghostscript.com/show_bug.cgi?id=704501
---
 .../ghostscript/patches/CVE-2021-3781.patch   | 233 ------------------
 .../fix_gscms_transform_color_typo.patch      |  11 +
 srcpkgs/ghostscript/template                  |   7 +-
 3 files changed, 15 insertions(+), 236 deletions(-)
 delete mode 100644 srcpkgs/ghostscript/patches/CVE-2021-3781.patch
 create mode 100644 srcpkgs/ghostscript/patches/fix_gscms_transform_color_typo.patch

diff --git a/srcpkgs/ghostscript/patches/CVE-2021-3781.patch b/srcpkgs/ghostscript/patches/CVE-2021-3781.patch
deleted file mode 100644
index e9c34ee05b51..000000000000
--- a/srcpkgs/ghostscript/patches/CVE-2021-3781.patch
+++ /dev/null
@@ -1,233 +0,0 @@
-https://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=a9bd3dec9fde
-
-From a9bd3dec9fde03327a4a2c69dad1036bf9632e20 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Tue, 7 Sep 2021 20:36:12 +0100
-Subject: [PATCH] Bug 704342: Include device specifier strings in access
- validation
-
-for the "%pipe%", %handle%" and %printer% io devices.
-
-We previously validated only the part after the "%pipe%" Postscript device
-specifier, but this proved insufficient.
-
-This rebuilds the original file name string, and validates it complete. The
-slight complication for "%pipe%" is it can be reached implicitly using
-"|" so we have to check both prefixes.
-
-Addresses CVE-2021-3781
----
- base/gdevpipe.c | 22 +++++++++++++++-
- base/gp_mshdl.c | 11 +++++++-
- base/gp_msprn.c | 10 ++++++-
- base/gp_os2pr.c | 13 +++++++++-
- base/gslibctx.c | 69 ++++++++++---------------------------------------
- 5 files changed, 65 insertions(+), 60 deletions(-)
-
-diff --git a/base/gdevpipe.c b/base/gdevpipe.c
-index 96d71f5d8..5bdc485be 100644
---- a/base/gdevpipe.c
-+++ b/base/gdevpipe.c
-@@ -72,8 +72,28 @@ pipe_fopen(gx_io_device * iodev, const char *fname, const char *access,
- #else
-     gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
-     gs_fs_list_t *fs = ctx->core->fs;
-+    /* The pipe device can be reached in two ways, explicltly with %pipe%
-+       or implicitly with "|", so we have to check for both
-+     */
-+    char f[gp_file_name_sizeof];
-+    const char *pipestr = "|";
-+    const size_t pipestrlen = strlen(pipestr);
-+    const size_t preflen = strlen(iodev->dname);
-+    const size_t nlen = strlen(fname);
-+    int code1;
-+
-+    if (preflen + nlen >= gp_file_name_sizeof)
-+        return_error(gs_error_invalidaccess);
-+
-+    memcpy(f, iodev->dname, preflen);
-+    memcpy(f + preflen, fname, nlen + 1);
-+
-+    code1 = gp_validate_path(mem, f, access);
-+
-+    memcpy(f, pipestr, pipestrlen);
-+    memcpy(f + pipestrlen, fname, nlen + 1);
- 
--    if (gp_validate_path(mem, fname, access) != 0)
-+    if (code1 != 0 && gp_validate_path(mem, f, access) != 0 )
-         return gs_error_invalidfileaccess;
- 
-     /*
-diff --git a/base/gp_mshdl.c b/base/gp_mshdl.c
-index 2b964ed74..8d87ceadc 100644
---- a/base/gp_mshdl.c
-+++ b/base/gp_mshdl.c
-@@ -95,8 +95,17 @@ mswin_handle_fopen(gx_io_device * iodev, const char *fname, const char *access,
-     long hfile;	/* Correct for Win32, may be wrong for Win64 */
-     gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
-     gs_fs_list_t *fs = ctx->core->fs;
-+    char f[gp_file_name_sizeof];
-+    const size_t preflen = strlen(iodev->dname);
-+    const size_t nlen = strlen(fname);
- 
--    if (gp_validate_path(mem, fname, access) != 0)
-+    if (preflen + nlen >= gp_file_name_sizeof)
-+        return_error(gs_error_invalidaccess);
-+
-+    memcpy(f, iodev->dname, preflen);
-+    memcpy(f + preflen, fname, nlen + 1);
-+
-+    if (gp_validate_path(mem, f, access) != 0)
-         return gs_error_invalidfileaccess;
- 
-     /* First we try the open_handle method. */
-diff --git a/base/gp_msprn.c b/base/gp_msprn.c
-index ed4827968..746a974f7 100644
---- a/base/gp_msprn.c
-+++ b/base/gp_msprn.c
-@@ -168,8 +168,16 @@ mswin_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
-     uintptr_t *ptid = &((tid_t *)(iodev->state))->tid;
-     gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
-     gs_fs_list_t *fs = ctx->core->fs;
-+    const size_t preflen = strlen(iodev->dname);
-+    const size_t nlen = strlen(fname);
- 
--    if (gp_validate_path(mem, fname, access) != 0)
-+    if (preflen + nlen >= gp_file_name_sizeof)
-+        return_error(gs_error_invalidaccess);
-+
-+    memcpy(pname, iodev->dname, preflen);
-+    memcpy(pname + preflen, fname, nlen + 1);
-+
-+    if (gp_validate_path(mem, pname, access) != 0)
-         return gs_error_invalidfileaccess;
- 
-     /* First we try the open_printer method. */
-diff --git a/base/gp_os2pr.c b/base/gp_os2pr.c
-index f852c71fc..ba54cde66 100644
---- a/base/gp_os2pr.c
-+++ b/base/gp_os2pr.c
-@@ -107,9 +107,20 @@ os2_printer_fopen(gx_io_device * iodev, const char *fname, const char *access,
-            FILE ** pfile, char *rfname, uint rnamelen)
- {
-     os2_printer_t *pr = (os2_printer_t *)iodev->state;
--    char driver_name[256];
-+    char driver_name[gp_file_name_sizeof];
-     gs_lib_ctx_t *ctx = mem->gs_lib_ctx;
-     gs_fs_list_t *fs = ctx->core->fs;
-+    const size_t preflen = strlen(iodev->dname);
-+    const int size_t = strlen(fname);
-+
-+    if (preflen + nlen >= gp_file_name_sizeof)
-+        return_error(gs_error_invalidaccess);
-+
-+    memcpy(driver_name, iodev->dname, preflen);
-+    memcpy(driver_name + preflen, fname, nlen + 1);
-+
-+    if (gp_validate_path(mem, driver_name, access) != 0)
-+        return gs_error_invalidfileaccess;
- 
-     /* First we try the open_printer method. */
-     /* Note that the loop condition here ensures we don't
-diff --git a/base/gslibctx.c b/base/gslibctx.c
-index 6dfed6cd5..318039fad 100644
---- a/base/gslibctx.c
-+++ b/base/gslibctx.c
-@@ -655,82 +655,39 @@ rewrite_percent_specifiers(char *s)
- int
- gs_add_outputfile_control_path(gs_memory_t *mem, const char *fname)
- {
--    char *fp, f[gp_file_name_sizeof];
--    const int pipe = 124; /* ASCII code for '|' */
--    const int len = strlen(fname);
--    int i, code;
-+    char f[gp_file_name_sizeof];
-+    int code;
- 
-     /* Be sure the string copy will fit */
--    if (len >= gp_file_name_sizeof)
-+    if (strlen(fname) >= gp_file_name_sizeof)
-         return gs_error_rangecheck;
-     strcpy(f, fname);
--    fp = f;
-     /* Try to rewrite any %d (or similar) in the string */
-     rewrite_percent_specifiers(f);
--    for (i = 0; i < len; i++) {
--        if (f[i] == pipe) {
--           fp = &f[i + 1];
--           /* Because we potentially have to check file permissions at two levels
--              for the output file (gx_device_open_output_file and the low level
--              fopen API, if we're using a pipe, we have to add both the full string,
--              (including the '|', and just the command to which we pipe - since at
--              the pipe_fopen(), the leading '|' has been stripped.
--            */
--           code = gs_add_control_path(mem, gs_permit_file_writing, f);
--           if (code < 0)
--               return code;
--           code = gs_add_control_path(mem, gs_permit_file_control, f);
--           if (code < 0)
--               return code;
--           break;
--        }
--        if (!IS_WHITESPACE(f[i]))
--            break;
--    }
--    code = gs_add_control_path(mem, gs_permit_file_control, fp);
-+
-+    code = gs_add_control_path(mem, gs_permit_file_control, f);
-     if (code < 0)
-         return code;
--    return gs_add_control_path(mem, gs_permit_file_writing, fp);
-+    return gs_add_control_path(mem, gs_permit_file_writing, f);
- }
- 
- int
- gs_remove_outputfile_control_path(gs_memory_t *mem, const char *fname)
- {
--    char *fp, f[gp_file_name_sizeof];
--    const int pipe = 124; /* ASCII code for '|' */
--    const int len = strlen(fname);
--    int i, code;
-+    char f[gp_file_name_sizeof];
-+    int code;
- 
-     /* Be sure the string copy will fit */
--    if (len >= gp_file_name_sizeof)
-+    if (strlen(fname) >= gp_file_name_sizeof)
-         return gs_error_rangecheck;
-     strcpy(f, fname);
--    fp = f;
-     /* Try to rewrite any %d (or similar) in the string */
--    for (i = 0; i < len; i++) {
--        if (f[i] == pipe) {
--           fp = &f[i + 1];
--           /* Because we potentially have to check file permissions at two levels
--              for the output file (gx_device_open_output_file and the low level
--              fopen API, if we're using a pipe, we have to add both the full string,
--              (including the '|', and just the command to which we pipe - since at
--              the pipe_fopen(), the leading '|' has been stripped.
--            */
--           code = gs_remove_control_path(mem, gs_permit_file_writing, f);
--           if (code < 0)
--               return code;
--           code = gs_remove_control_path(mem, gs_permit_file_control, f);
--           if (code < 0)
--               return code;
--           break;
--        }
--        if (!IS_WHITESPACE(f[i]))
--            break;
--    }
--    code = gs_remove_control_path(mem, gs_permit_file_control, fp);
-+    rewrite_percent_specifiers(f);
-+
-+    code = gs_remove_control_path(mem, gs_permit_file_control, f);
-     if (code < 0)
-         return code;
--    return gs_remove_control_path(mem, gs_permit_file_writing, fp);
-+    return gs_remove_control_path(mem, gs_permit_file_writing, f);
- }
- 
- int
--- 
-2.17.1
diff --git a/srcpkgs/ghostscript/patches/fix_gscms_transform_color_typo.patch b/srcpkgs/ghostscript/patches/fix_gscms_transform_color_typo.patch
new file mode 100644
index 000000000000..9ffa2e09ba66
--- /dev/null
+++ b/srcpkgs/ghostscript/patches/fix_gscms_transform_color_typo.patch
@@ -0,0 +1,11 @@
+--- ./base/gsicc_lcms2.c.jlg	2021-09-27 03:44:02.000000000 -0400
++++ ./base/gsicc_lcms2.c	2021-10-05 10:50:03.428000000 -0400
+@@ -462,7 +462,7 @@
+ gscms_transform_color(gx_device *dev, gsicc_link_t *icclink, void *inputcolor,
+                              void *outputcolor, int num_bytes)
+ {
+-    return gscms_transformm_color_const(dev, icclink, inputcolor, outputcolor, num_bytes);
++    return gscms_transform_color_const(dev, icclink, inputcolor, outputcolor, num_bytes);
+ }
+ 
+ int
diff --git a/srcpkgs/ghostscript/template b/srcpkgs/ghostscript/template
index 5d9e1aa9d410..8bce83846ad8 100644
--- a/srcpkgs/ghostscript/template
+++ b/srcpkgs/ghostscript/template
@@ -1,7 +1,7 @@
 # Template file for 'ghostscript'
 pkgname=ghostscript
-version=9.54.0
-revision=2
+version=9.55.0
+revision=1
 hostmakedepends="automake libtool pkg-config"
 makedepends="$(vopt_if cups cups-devel) dbus-devel fontconfig-devel jasper-devel jbig2dec-devel
  lcms2-devel libXext-devel libXt-devel libopenjpeg2-devel libpaper-devel"
@@ -10,8 +10,9 @@ short_desc="Interpreter for the PostScript language"
 maintainer="Orphaned <orphan@voidlinux.org>"
 license="AGPL-3.0-or-later, CPL-1.0"
 homepage="https://www.ghostscript.com/"
+changelog="https://www.ghostscript.com/doc/${version}/News.htm"
 distfiles="https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${version//./}/ghostscript-${version}.tar.xz"
-checksum=c2b7b43cde600f4e70efb2cd95865f6d884a67315c3de235914697d8ccde6e3b
+checksum=6ee3057773646d6a2c6d117eb53a17d6752feadc513828e4322f68b7b7789ff6
 
 build_options="cups"
 build_options_default="cups"

Re: [PR REVIEW] ghostscript: update to 9.55.0.

[chili-b]

[-- Attachment #1: Type: text/plain, Size: 151 bytes --]

New review comment by chili-b on void-packages repository

https://github.com/void-linux/void-packages/pull/36057#discussion_r823157896

Comment:
Done

Re: [PR PATCH] [Merged]: ghostscript: update to 9.55.0.

[leahneukirchen]

[-- Attachment #1: Type: text/plain, Size: 1110 bytes --]

There's a merged pull request on the void-packages repository

ghostscript: update to 9.55.0.
https://github.com/void-linux/void-packages/pull/36057

Description:
Remove patch for CVE-2021-3781 as it is included in the current release.

Include a patch for a typo in the current release:
https://bugs.ghostscript.com/show_bug.cgi?id=704501

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **briefly**

<!--
#### New package
- This new package conforms to the [quality requirements](https://github.com/void-linux/void-packages/blob/master/Manual.md#quality-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please [skip CI](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration)
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
#### Local build testing
- I built this PR locally for my native architecture, (x86_64-glibc)