Update to 9.25.

This release fixes problems with argument handling, some unintended results
of the security fixes to the SAFER file access restrictions (specifically
accessing ICC profile files), and some additional security issues over the
recent 9.24 release.

PR:		231547
Exp-run by:	antoine
MFH:		2018Q3

7 files changed, 5 insertions, 280 deletions

diff --git a/print/ghostscript9-agpl-base/Makefile b/print/ghostscript9-agpl-base/Makefile
index 9311bd4ae3ed..9c459f5016b2 100644
--- a/print/ghostscript9-agpl-base/Makefile
+++ b/print/ghostscript9-agpl-base/Makefile
@@ -1,8 +1,7 @@
 # $FreeBSD$
 
 PORTNAME=	ghostscript
-PORTVERSION=	9.24
-PORTREVISION=	2
+PORTVERSION=	9.25
 CATEGORIES=	print
 MASTER_SITES=	https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${PORTVERSION:S/.//}/
 PKGNAMESUFFIX=	9-agpl-base
diff --git a/print/ghostscript9-agpl-base/distinfo b/print/ghostscript9-agpl-base/distinfo
index 46025f836714..f88a694a9f2e 100644
--- a/print/ghostscript9-agpl-base/distinfo
+++ b/print/ghostscript9-agpl-base/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1536049976
-SHA256 (ghostscript-9.24.tar.xz) = d44917df24979a05e0cb3916531928cc2adc91f5b17b419ee023d16ab31069d6
-SIZE (ghostscript-9.24.tar.xz) = 33015704
+TIMESTAMP = 1537537103
+SHA256 (ghostscript-9.25.tar.xz) = a2971a23bf15bbd9ddcd173141b15504e51ddc1d5a0a0144b00a6a8b14a62fed
+SIZE (ghostscript-9.25.tar.xz) = 33027708
diff --git a/print/ghostscript9-agpl-base/files/patch-010-bc3df07 b/print/ghostscript9-agpl-base/files/patch-010-bc3df07
deleted file mode 100644
index d927b74ce2f2..000000000000
--- a/print/ghostscript9-agpl-base/files/patch-010-bc3df07
+++ /dev/null
@@ -1,75 +0,0 @@
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Tue, 4 Sep 2018 16:01:08 +0000 (+0100)
-Subject: For ICC profile validation, have cups id iteself as DeviceN
-X-Git-Url: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff_plain;h=bc3df0773fccf4b4906a3e59652ad646ea0fee91
-
-For ICC profile validation, have cups id iteself as DeviceN
-
-Give the range of color spaces and models that cups supports, we can't
-reasonably provide (or expect others to provide) output ICC profiles for all
-cases.
-
-For the purpose of profile validation, have it claim to be DeviceN and benefit
-from the extra tolerance in profiles allowed for that class of device.
----
-
-diff --git a/cups/gdevcups.c b/cups/gdevcups.c
-index c1574f8..decd8eb 100644
---- cups/gdevcups.c
-+++ cups/gdevcups.c
-@@ -70,6 +70,7 @@
- #include "std.h"                /* to stop stdlib.h redefining types */
- #include "gdevprn.h"
- #include "gsparam.h"
-+#include "gxdevsop.h"
- #include "arch.h"
- #include "gsicc_manage.h"
- 
-@@ -252,6 +253,7 @@ private int cups_put_params(gx_device *, gs_param_list *);
- private int cups_set_color_info(gx_device *);
- private dev_proc_sync_output(cups_sync_output);
- private prn_dev_proc_get_space_params(cups_get_space_params);
-+private int cups_spec_op(gx_device *dev_, int op, void *data, int datasize);
- 
- #ifdef dev_t_proc_encode_color
- private cm_map_proc_gray(cups_map_gray);
-@@ -392,7 +394,7 @@ private gx_device_procs	cups_procs =
-    NULL,				/* push_transparency_state */
-    NULL,				/* pop_transparency_state */
-    NULL,                                /* put_image */
--
-+   cups_spec_op
- };
- 
- #define prn_device_body_copies(dtype, procs, dname, w10, h10, xdpi, ydpi, lo, to, lm, bm, rm, tm, ncomp, depth, mg, mc, dg, dc, print_pages)\
-@@ -5927,6 +5929,17 @@ cups_print_planar(gx_device_printer *pdev,
-   return (0);
- }
- 
-+private int
-+cups_spec_op(gx_device *dev_, int op, void *data, int datasize)
-+{
-+    /* Although not strictly DeviceN, the range of color models
-+       this device supports presets similar issues.
-+     */
-+    if (op == gxdso_supports_devn) {
-+        return true;
-+    }
-+    return gx_default_dev_spec_op(dev_, op, data, datasize);
-+}
- 
- /*
-  */
-diff --git a/devices/devs.mak b/devices/devs.mak
-index c85604c..e8654e5 100644
---- devices/devs.mak
-+++ devices/devs.mak
-@@ -1860,7 +1860,7 @@ $(DD)pwgraster.dev : $(lcups_dev) $(lcupsi_dev) $(cups_) $(GDEV) \
- 	$(ADDMOD) $(DD)pwgraster -include $(lcups_dev)
- 	$(ADDMOD) $(DD)pwgraster -include $(lcupsi_dev)
- 
--$(DEVOBJ)gdevcups.$(OBJ) : $(LCUPSSRCDIR)$(D)gdevcups.c $(std_h) $(DEVS_MAK) $(MAKEDIRS)
-+$(DEVOBJ)gdevcups.$(OBJ) : $(LCUPSSRCDIR)$(D)gdevcups.c $(std_h) $(gxdevsop_h) $(DEVS_MAK) $(MAKEDIRS)
- 	$(CUPS_CC) $(DEVO_)gdevcups.$(OBJ) $(C_) $(CFLAGS) $(CUPSCFLAGS) \
- 	    $(I_)$(GLSRC) \
- 	    $(I_)$(DEVSRC) \
diff --git a/print/ghostscript9-agpl-base/files/patch-020-c8c01f8 b/print/ghostscript9-agpl-base/files/patch-020-c8c01f8
deleted file mode 100644
index 6afafd02d800..000000000000
--- a/print/ghostscript9-agpl-base/files/patch-020-c8c01f8
+++ /dev/null
@@ -1,42 +0,0 @@
-From c8c01f8c4164bc10281d9e8f87cf96314d93104b Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Thu, 6 Sep 2018 14:08:41 +0100
-Subject: [PATCH] Bug 699722: Add the ICCProfilesDir to the PermitReading list
-
-There was also an issue that the string being returned from the graphics
-library was null terminated, and Postscript strings are not (and Ghostscript
-strings are not necessarily). We leave the null termination in place, but
-reduce the length returned by 1.
----
- Resource/Init/gs_init.ps | 1 +
- base/gsicc_manage.c      | 2 +-
- 2 files changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps
-index bc8b795..83918a9 100644
---- Resource/Init/gs_init.ps
-+++ Resource/Init/gs_init.ps
-@@ -2049,6 +2049,7 @@ readonly def
-           [ currentsystemparams /GenericResourceDir get] (*) .file_name_separator (*)
-             concatstrings concatstrings .generate_dir_list_templates
-         } if
-+        currentuserparams /ICCProfilesDir known {currentuserparams /ICCProfilesDir get} if
-       ]
-       /PermitFileWriting [
-           currentuserparams /PermitFileWriting get aload pop
-diff --git a/base/gsicc_manage.c b/base/gsicc_manage.c
-index 69f05c4..ff685e7 100644
---- base/gsicc_manage.c
-+++ base/gsicc_manage.c
-@@ -2972,7 +2972,7 @@ gs_currenticcdirectory(const gs_gstate * pgs, gs_param_string * pval)
-         pval->persistent = true;
-     } else {
-         pval->data = (const byte *)(lib_ctx->profiledir);
--        pval->size = lib_ctx->profiledir_len;
-+        pval->size = lib_ctx->profiledir_len - 1;
-         pval->persistent = false;
-     }
- }
--- 
-2.9.1
-
diff --git a/print/ghostscript9-agpl-base/files/patch-030-1341854 b/print/ghostscript9-agpl-base/files/patch-030-1341854
deleted file mode 100644
index d2f67aa7e8c7..000000000000
--- a/print/ghostscript9-agpl-base/files/patch-030-1341854
+++ /dev/null
@@ -1,54 +0,0 @@
-From 13418541a5ae19b15f51cbb87faf344902f5af98 Mon Sep 17 00:00:00 2001
-From: Chris Liddell <chris.liddell@artifex.com>
-Date: Thu, 6 Sep 2018 18:40:05 +0100
-Subject: [PATCH] Bug 699722 (2): add wildcards to the permissions paths.
-
-The temp and ICC profile paths need to finish with wildcards to work correctly.
----
- Resource/Init/gs_init.ps | 10 +++++-----
- 1 file changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps
-index 83918a9..5ff9f63 100644
---- Resource/Init/gs_init.ps
-+++ Resource/Init/gs_init.ps
-@@ -2034,7 +2034,7 @@ readonly def
-     <<
-       /PermitFileReading [
-         currentuserparams /PermitFileReading get aload pop
--        //tempfilepaths aload pop
-+        [//tempfilepaths aload pop] (*) .generate_dir_list_templates
-         /FONTPATH .systemvar (*) .generate_dir_list_templates
-           % Library files :
-         /LIBPATH  .systemvar (*) .generate_dir_list_templates
-@@ -2049,15 +2049,15 @@ readonly def
-           [ currentsystemparams /GenericResourceDir get] (*) .file_name_separator (*)
-             concatstrings concatstrings .generate_dir_list_templates
-         } if
--        currentuserparams /ICCProfilesDir known {currentuserparams /ICCProfilesDir get} if
-+        currentuserparams /ICCProfilesDir known {[currentuserparams /ICCProfilesDir get] (*) .generate_dir_list_templates} if
-       ]
-       /PermitFileWriting [
-           currentuserparams /PermitFileWriting get aload pop
--          //tempfilepaths aload pop
-+          [//tempfilepaths aload pop] (*) .generate_dir_list_templates
-       ]
-       /PermitFileControl [
-           currentuserparams /PermitFileControl get aload pop
--          //tempfilepaths aload pop
-+          [//tempfilepaths aload pop] (*) .generate_dir_list_templates
-       ]
-       /LockFilePermissions //true
-     >> setuserparams
-@@ -2140,7 +2140,7 @@ SAFER { .setsafeglobal } if
-   /.setshapealpha            % transparency-example.ps
-   /.endtransparencygroup     % transparency-example.ps
-   /.setdotlength             % Bug687720.ps
--  /.sort /.setdebug /.mementolistnewblocks /getenv
-+  /.sort /.mementolistnewblocks /getenv
- 
-   /.makeoperator /.setCPSImode              % gs_cet.ps, this won't work on cluster with -dSAFER
- 
--- 
-2.9.1
-
diff --git a/print/ghostscript9-agpl-base/files/patch-040-9528102 b/print/ghostscript9-agpl-base/files/patch-040-9528102
deleted file mode 100644
index 508145114401..000000000000
--- a/print/ghostscript9-agpl-base/files/patch-040-9528102
+++ /dev/null
@@ -1,103 +0,0 @@
-From 95281026d983bff8f72e431c7f620a0e8d07c2af Mon Sep 17 00:00:00 2001
-From: Ken Sharp <ken.sharp@artifex.com>
-Date: Sat, 8 Sep 2018 09:47:19 +0100
-Subject: [PATCH] Bug 699744 "ps2epsi fails with Error: /undefined in
- --setpagedevice--"
-
-Recent changes required to harden SAFER mode mean that it is no longer
-possible to run this script in SAFER mode, because it relies upon
-unsafe Ghostscript non-standard extension operators.
-
-Removing SAFER and DELAYSAFER, and the code to reset SAFER, allow the
-program to run as well as it ever did (ie badly). This program should
-now be considered unsafe, you should not use it on untrusted PostScript
-programs.
-
-I think its likely we will deprecate and remove this program in future.
----
- lib/ps2epsi     | 4 ++--
- lib/ps2epsi.bat | 6 +++---
- lib/ps2epsi.cmd | 4 ++--
- lib/ps2epsi.ps  | 1 -
- 4 files changed, 7 insertions(+), 8 deletions(-)
-
-diff --git a/lib/ps2epsi b/lib/ps2epsi
-index 5e1c173..d992180 100755
---- lib/ps2epsi
-+++ lib/ps2epsi
-@@ -49,7 +49,7 @@ else
- 	outfile=$2
- fi
- 
--"$GS_EXECUTABLE" -q -dBATCH -dNOPAUSE -P- -dSAFER -dDELAYSAFER -sDEVICE=bbox -sOutputFile=/dev/null "${infile}" 2>${outfile}
-+"$GS_EXECUTABLE" -q -dBATCH -dNOPAUSE -P- -sDEVICE=bbox -sOutputFile=/dev/null "${infile}" 2>${outfile}
- 
- ls -l "${infile}" |
- awk 'F==1	{
-@@ -91,7 +91,7 @@ awk 'F==1	{
- 		}
- 	' F=1 - F=2 "${outfile}" >>"$tmpfile"
- 
--"$GS_EXECUTABLE" -q -dNOPAUSE -P- -dSAFER -dDELAYSAFER -r72 -sDEVICE=bit -sOutputFile=/dev/null "$tmpfile" ps2epsi.ps "$tmpfile" <"${infile}" 1>&2
-+"$GS_EXECUTABLE" -q -dNOPAUSE -P- -r72 -sDEVICE=bit -sOutputFile=/dev/null "$tmpfile" ps2epsi.ps "$tmpfile" <"${infile}" 1>&2
- rm -f "$tmpfile"
- rm -rf "$tmpdir"
- 
-diff --git a/lib/ps2epsi.bat b/lib/ps2epsi.bat
-index 3c40aef..f5e7b3e 100755
---- lib/ps2epsi.bat
-+++ lib/ps2epsi.bat
-@@ -9,10 +9,10 @@ set outfile=%~2
- 
- rem First we need to determine the bounding box. ps2epsi.ps below will pick
- rem the result up from %outfile%
--%GSC% -q -dNOPAUSE -dBATCH -P- -dSAFER -dDELAYSAFER -sDEVICE=bbox -sOutputFile=NUL %1 2> %2
-+%GSC% -q -dNOPAUSE -dBATCH -P- -sDEVICE=bbox -sOutputFile=NUL %1 2> %2
- 
- rem Ghostscript uses %outfile% to define the output file
--%GSC% -q -dNOPAUSE -P- -dSAFER -dDELAYSAFER -sDEVICE=bit -sOutputFile=NUL ps2epsi.ps < %1
-+%GSC% -q -dNOPAUSE -P- -sDEVICE=bit -sOutputFile=NUL ps2epsi.ps < %1
- 
- rem We bracket the actual file with a few commands to help encapsulation
- echo %%%%Page: 1 1 >> %2
-@@ -22,7 +22,7 @@ echo userdict /setpagedevice /pop load put >> %2
- 
- rem Append the original onto the preview header
- rem cat.ps uses the %infile% and %outfile% environment variables for the filenames
--%GSC% -q -dNOPAUSE -dBATCH -P- -dSAFER -dDELAYSAFER -sDEVICE=bit -sOutputFile=NUL cat.ps
-+%GSC% -q -dNOPAUSE -dBATCH -P- -sDEVICE=bit -sOutputFile=NUL cat.ps
- 
- 
- echo %%%%EndDocument >> %2
-diff --git a/lib/ps2epsi.cmd b/lib/ps2epsi.cmd
-index abbe8a8..9eafdbd 100755
---- lib/ps2epsi.cmd
-+++ lib/ps2epsi.cmd
-@@ -12,10 +12,10 @@ set outfile=%2
- 
- rem First we need to determine the bounding box. ps2epsi.ps below will pick
- rem the result up from %outfile%
--gsos2 -q -dNOPAUSE -dBATCH -P- -dSAFER -dDELAYSAFER -sDEVICE=bbox -sOutputFile=NUL %infile% 2> %outfile%
-+gsos2 -q -dNOPAUSE -dBATCH -P- -sDEVICE=bbox -sOutputFile=NUL %infile% 2> %outfile%
- 
- rem Ghostscript uses %outfile% to define the output file
--gsos2 -q -dNOPAUSE -P- -dSAFER -dDELAYSAFER -sDEVICE=bit -sOutputFile=NUL ps2epsi.ps < %infile%
-+gsos2 -q -dNOPAUSE -P- -sDEVICE=bit -sOutputFile=NUL ps2epsi.ps < %infile%
- 
- rem We bracket the actual file with a few commands to help encapsulation
- echo %%%%Page: 1 1 >> %outfile%
-diff --git a/lib/ps2epsi.ps b/lib/ps2epsi.ps
-index 3cd970a..4bc5217 100644
---- lib/ps2epsi.ps
-+++ lib/ps2epsi.ps
-@@ -84,7 +84,6 @@ ps2edict begin
-      userdict /showpage { ps2edict begin epsipage end } bind put
-      userdict /setfont { ps2edict begin epsisetfont end } bind put
-      userdict /setpagedevice /pop load put
--     //systemdict /.setsafe known { .setsafe } if
-    } bind def
- 
-  /epsifontdict 100 dict def
--- 
-2.9.1
-
diff --git a/print/ghostscript9-agpl-x11/Makefile b/print/ghostscript9-agpl-x11/Makefile
index f094ec9463a5..6b21985b3596 100644
--- a/print/ghostscript9-agpl-x11/Makefile
+++ b/print/ghostscript9-agpl-x11/Makefile
@@ -1,7 +1,7 @@
 # $FreeBSD$
 
 PORTNAME=	ghostscript
-PORTVERSION=	9.24
+PORTVERSION=	9.25
 CATEGORIES=	print
 MASTER_SITES=	https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${PORTVERSION:S/.//}/
 PKGNAMESUFFIX=	9-agpl-x11