broken ghostscript with 9.18~dfsg~0-0ubuntu2.3 to 9.18~dfsg~0-0ubuntu2.4 update

Bug #1687614 reported by Johannes Schmitz on 2017-05-02
28
This bug affects 5 people
Affects Status Importance Assigned to Milestone
GS-GPL
Unknown
Unknown
ghostscript (Ubuntu)
Critical
Steve Beattie

Bug Description

After the last ghostscript udpate I have problems with the textext inkscape plugin that uses pstoedit that uses ghostscript.

The command looks like this:

pstoedit -f plot-svg tmp.pdf tmp.svg -dt -ssp -psarg -r9600x9600 -pta

The error (short version):

Error: /invalidaccess in --run--
Current allocation mode is global
Last OS error: No such file or directory
Current file position is 87896
GPL Ghostscript 9.18: Unrecoverable error, exit code 1
PostScript/PDF Interpreter finished. Return status 256 executed command : /usr/bin/gs -q -dDELAYBIND -dWRITESYSTEMDICT -dNODISPLAY -dNOEPS -r9600x9600 "/tmp/psinsRrD8m"
The interpreter seems to have failed, cannot proceed !

See the attached log for the full text.

I tried to downgrade to circumvent the issue but unsuccessfully.

CVE References

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in ghostscript (Ubuntu):
status: New → Confirmed
Eric Gourgoulhon (egourgoulhon) wrote :

The bug has also been reported in
https://askubuntu.com/questions/910341/inkscape-error-with-textext
Downgrading to ghostscript 9.18~dfsg~0-0ubuntu2 circumvented it for me (Ubuntu 16.04).

Can you please tell me how to downgrade?

Am 02.05.2017 21:55 schrieb "Eric Gourgoulhon" <email address hidden>:

> The bug has also been reported in
> https://askubuntu.com/questions/910341/inkscape-error-with-textext
> Downgrading to ghostscript 9.18~dfsg~0-0ubuntu2 circumvented it for me
> (Ubuntu 16.04).
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1687614
>
> Title:
> broken ghostscript with 9.18~dfsg~0-0ubuntu2.3 to
> 9.18~dfsg~0-0ubuntu2.4 update
>
> Status in ghostscript package in Ubuntu:
> Confirmed
>
> Bug description:
> After the last ghostscript udpate I have problems with the textext
> inkscape plugin that uses pstoedit that uses ghostscript.
>
> The command looks like this:
>
> pstoedit -f plot-svg tmp.pdf tmp.svg -dt -ssp -psarg -r9600x9600 -pta
>
> The error (short version):
>
> Error: /invalidaccess in --run--
> Current allocation mode is global
> Last OS error: No such file or directory
> Current file position is 87896
> GPL Ghostscript 9.18: Unrecoverable error, exit code 1
> PostScript/PDF Interpreter finished. Return status 256 executed command
> : /usr/bin/gs -q -dDELAYBIND -dWRITESYSTEMDICT -dNODISPLAY -dNOEPS
> -r9600x9600 "/tmp/psinsRrD8m"
> The interpreter seems to have failed, cannot proceed !
>
> See the attached log for the full text.
>
> I tried to downgrade to circumvent the issue but unsuccessfully.
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/ubuntu/+source/ghostscript/+
> bug/1687614/+subscriptions
>

Pere (pere-pala) wrote :

I have tried

sudo apt install ghostscript=9.18~dfsg~0-0ubuntu2

but I get the following error

The following packages have unmet dependencies:
 ghostscript : Depends: libgs9 (= 9.18~dfsg~0-0ubuntu2) but 9.18~dfsg~0-0ubuntu2.4 is to be installed
E: Unable to correct problems, you have held broken packages.

Any suggestion?

Eric Gourgoulhon (egourgoulhon) wrote :

You have to follow these steps:
1/ downgrade libgs9 to 9.18~dfsg~0-0ubuntu2
2/ downgrade ghostscript to 9.18~dfsg~0-0ubuntu2
3/ reinstall pstoedit

Till Kamppeter (till-kamppeter) wrote :

the upstream bug got fixed now, it is a very small and simple patch. So I recommend to the uploader of the security update to apply this patch and issue an updated security update.

Changed in ghostscript (Ubuntu):
status: Confirmed → Triaged

How, long till the patch? This is effectively stopping people from work, why not to deploy the patch ASAP?

Steve Beattie (sbeattie) on 2017-05-15
Changed in ghostscript (Ubuntu):
importance: Undecided → Critical
assignee: nobody → Steve Beattie (sbeattie)
Steve Beattie (sbeattie) wrote :

Hi, sorry for the inconvenience. I've prepared fixed packages in the ubuntu-security-proposed ppa https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/ for all supported releases, though I need to test them further before publishing. It would be great if people could confirm that these packages address the issue they're seeing.

Thanks!

I installed the package and can confirm that it solves the issue.

From my side feel free to go ahead and publish it.

Thank you!

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ghostscript - 9.19~dfsg+1-0ubuntu6.6

---------------
ghostscript (9.19~dfsg+1-0ubuntu6.6) yakkety-security; urgency=medium

  * REGRESSION UPDATE: Fix for CVE-2017-8291 broke pstoedit when using
    DELAYBIND feature (LP: #1687614).
    - debian/patches/CVE-2017-8291-regression.patch: return false rather
      than raise error when .eqproc is called with parameters that are
      not both procedures; correct stack underflow detection.

 -- Steve Beattie <email address hidden> Mon, 15 May 2017 14:41:00 -0700

Changed in ghostscript (Ubuntu):
status: Triaged → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ghostscript - 9.19~dfsg+1-0ubuntu7.4

---------------
ghostscript (9.19~dfsg+1-0ubuntu7.4) zesty-security; urgency=medium

  * REGRESSION UPDATE: Fix for CVE-2017-8291 broke pstoedit when using
    DELAYBIND feature (LP: #1687614).
    - debian/patches/CVE-2017-8291-regression.patch: return false rather
      than raise error when .eqproc is called with parameters that are
      not both procedures; correct stack underflow detection.

 -- Steve Beattie <email address hidden> Mon, 15 May 2017 11:46:44 -0700

Changed in ghostscript (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.