Bug 25780 - ghostpcl update to be at the same version as ghostscript
Summary: ghostpcl update to be at the same version as ghostscript
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 7
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
Whiteboard: MGA7-64-OK
Keywords: advisory, validated_update
Depends on:
Reported: 2019-11-28 15:35 CET by Nicolas Salguero
Modified: 2019-12-24 13:25 CET (History)
5 users (show)

See Also:
Source RPM: ghostpcl-9.05-9.mga7.src.rpm
Status comment:


Description Nicolas Salguero 2019-11-28 15:35:20 CET

Our version of ghostpcl is 9.05 and dates from 2012 February 8.

Best regards,

Comment 1 Nicolas Salguero 2019-11-28 15:50:11 CET
Suggested advisory:

The updated package updates ghostpcl from 9.05 (which dates from 2012 February 8) to be at the same version as ghostscript, ie. 9.27 with fixes for known CVEs.

Version 9.05 is affected by many security issues, for instance, see: bug 21630 comment 6, bug 21630 comment 8, bug 21630 comment 10 and bug 21630 comment 14.


Updated packages in core/updates_testing:

from SRPMS:

Assignee: bugsquad => qa-bugs
Source RPM: (none) => ghostpcl-9.05-9.mga7.src.rpm

Comment 2 Herman Viaene 2019-12-08 11:41:40 CET
MGA7-64 Plasma on Lenovo B50
This laptop has a HP printer configured, but this package waas not installed, so this is a first.
No wiki, no previous update and
# urpmq --whatrequires ghostpcl

Checked the commands in the package and pcl2pdfwr looks promising, but I need a pcl file to start. I found no obvious way to get such file. Printing to a pcl file or a sample file from http://fileformats.archiveteam.org/wiki/PCL#Sample_files just gets me
$ pcl2pdfwr -h
Usage: pcl2pdfwr [options...] (input.pcl|-) [output.pdf|-]
[tester7@mach5 Documenten]$ pcl2pdfwr sample.pcl pcltest.pdf
Fonts not found

And there I am stuck.

CC: (none) => herman.viaene

Comment 3 Thomas Andrews 2019-12-17 01:40:26 CET
I got a little farther, but not much. There's probably a much better way to do this, but...

Following an online lead, I installed a non-existent LaserJet 4 into my Windows XP vbox guest, setting it to use the "local" port and always print to file. Then I took an old Word document and printed it to that printer. This created a .prn file, which I saved on the shared folder on the host machine. According to online sources, because this .prn file was printed for a LaserJet 4, it's also a pcl file.

Returning to the host machine, I renamed "Kelly.prn" to "Kelly.pcl." Then I installed the present ghostpcl package, and using Herman's suggestion ran the command "pcl2pdfwr /home/tom/Kelly.pcl /home/tom/Kelly.pdf." This worked well, producing a readable pdf of the document.

Then I used qarepo to get the updated ghostpcl, which installed cleanly. But when I tried the command again, I got this:

Fonts not found
Usage: gpcl6 [option* file]+...
Options: -dNOPAUSE -E[#] -h -L<PCL|PCLXL> -K<maxK> -l<PCL5C|PCL5E|RTL> -Z...
         -sDEVICE=<dev> -g<W>x<H> -r<X>[x<Y>] -d{First|Last}Page=<#>
         -H<l>x<b>x<r>x<t> -dNOCACHE
         -sOutputFile=<file> (-s<option>=<string> | -d<option>[=<value>])*
         -J<PJL commands>
Version: 9.27
Build date: Thu Nov 28 14:15:08 2019
Devices: bbox pclm bit bitcmyk bitrgb bitrgbtags bmp16 bmp16m
 bmp256 bmp32b bmpgray bmpmono bmpsep1 bmpsep8 ccr cfax cif
 devicen dfaxhigh dfaxlow display eps2write pdfwrite faxg3 faxg32d faxg4
 fpng gprf inferno ink_cov inkcov jpeg jpegcmyk jpeggray mgr4
 mgr8 mgrgray2 mgrgray4 mgrgray8 mgrmono miff24 pam pamcmyk32 pamcmyk4
 pbm pbmraw pcx16 pcx24b pcx256 pcxcmyk pcxgray pcxmono pdfimage24
 pdfimage32 pdfimage8 pdfwrite pgm pgmraw pgnm pgnmraw pkm pkmraw
 pksm pksmraw plan plan9bm planc plang plank planm plib
 plibc plibg plibk plibm pnm pnmraw ppm ppmraw ps2write
 pdfwrite psdcmyk psdcmyk16 psdcmykog psdrgb psdrgb16 spotcmyk tiff12nc tiff24nc
 tiff32nc tiff48nc tiff64nc tiffcrle tiffg3 tiffg32d tiffg4 tiffgray tifflzw
 tiffpack tiffscaled tiffscaled24 tiffscaled32 tiffscaled4 tiffscaled8 tiffsep tiffsep1 txtwrite
 xcf xpswrite alc1900 alc2000 alc4000 alc4100 alc8500 alc8600 alc9100
 ap3250 atx23 atx24 atx38 bj10e bj10v bj10vh bj200 bjc600
 bjc800 bjc880j bjccmyk bjccolor bjcgray bjcmono cdeskjet cdj1600 cdj500
 cdj550 cdj670 cdj850 cdj880 cdj890 cdj970 cdjcolor cdjmono cdnj500
 chp2200 cljet5 cljet5c cljet5pr coslw2p coslwxl declj250 deskjet dj505j
 djet500 djet500c dl2100 dnj650c epl2050 epl2050p epl2120 epl2500 epl2750
 epl5800 epl5900 epl6100 epl6200 eplcolor eplmono eps9high eps9mid epson
 epsonc escp escpage fmlbp fmpr fs600 gdi hl1240 hl1250
 hl7x0 hpdj1120c hpdj310 hpdj320 hpdj340 hpdj400 hpdj500 hpdj500c hpdj510
 hpdj520 hpdj540 hpdj550c hpdj560c hpdj600 hpdj660c hpdj670c hpdj680c hpdj690c
 hpdj850c hpdj855c hpdj870c hpdj890c hpdjplus hpdjportable ibmpro imagen itk24i
 itk38 jetp3852 jj100 la50 la70 la75 la75plus laserjet lbp310
 lbp320 lbp8 lex2050 lex3200 lex5700 lex7000 lips2p lips3 lips4
 lips4v lj250 lj3100sw lj4dith lj4dithp lj5gray lj5mono ljet2p ljet3
 ljet3d ljet4 ljet4d ljet4pjl ljetplus ln03 lp1800 lp1900 lp2000
 lp2200 lp2400 lp2500 lp2563 lp3000c lp7500 lp7700 lp7900 lp8000
 lp8000c lp8100 lp8200c lp8300c lp8300f lp8400f lp8500c lp8600 lp8600f
 lp8700 lp8800c lp8900 lp9000b lp9000c lp9100 lp9200b lp9200c lp9300
 lp9400 lp9500c lp9600 lp9600s lp9800c lps4500 lps6500 lq850 lxm3200
 lxm5700m m8510 md1xMono md2k md50Eco md50Mono md5k mj500c mj6000c
 mj700v2c mj8000c ml600 necp6 npdl oce9050 oki182 oki4w okiibm
 oprp opvp paintjet pcl3 photoex picty180 pj pjetxl pjxl
 pjxl300 pr1000 pr1000_4 pr150 pr201 pxlcolor pxlmono r4081 rinkj
 rpdl samsunggdi sj48 st800 stcolor t4693d2 t4693d4 t4693d8 tek4696
 uniprint xes cups pwgraster png16 png16m png256 png48 pngalpha
 pnggray pngmono pngmonod nullpage x11 x11alpha x11cmyk x11cmyk2 x11cmyk4
 x11cmyk8 x11gray2 x11gray4 x11mono

Not exactly what I was expecting.

CC: (none) => andrewsfarm

Comment 4 Thomas Andrews 2019-12-17 19:34:08 CET
Installed the current ghostpcl on another machine, so I could compare the two installs.

Read ghostpdl.pdf, which is an explanation of how to compile and use the tools. It can be found at /usr/share/doc/ghostpcl/ if the current version is installed, and at /usr/share/doc/ghostpcl/doc/pclxps/ for the updated version.

Found that on the old version, "pcl6 Kelly.pcl" would display the test file in a Ghostscript window with no problems. The command in the new version has been changed to "gpcl6 Kelly.pcl" and executing it gives me the same output as the other command.

According to the above doc, there are supposed to be 80 URW TrueType fonts included with each version of ghostpcl. From where I sit, it looks like this update was somehow compiled/built without them.
Comment 5 Nicolas Salguero 2019-12-18 13:30:43 CET
The "Fonts not found" issue should be solved with ghostpcl-9.27-2.mga7.

Updated package in core/updates_testing:

from SRPMS:
Comment 6 Thomas Andrews 2019-12-18 16:05:05 CET
Ah, a new dependency, eh? Yes indeed, that made the issue go away. OKing the update, and validating it. Advisory in Comment 1.

It's too bad that this application couldn't make use of the system fonts. The two TrueType fonts involved in my test pcl were already available there, though I suppose not in Postscript format.

Whiteboard: (none) => MGA7-64-OK
Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 7 Nicolas Salguero 2019-12-19 09:17:50 CET
I am so sorry, I made a mistake in the wrapper script /usr/bin/gpcl6: if a path to a pcl file (or if the name of a pcl file) contains at least one space, the script fails. ghostpcl-9.27-3.mga7 fixes that problem.

Updated package in core/updates_testing:

from SRPMS:

Whiteboard: MGA7-64-OK => (none)
Keywords: validated_update => (none)

Comment 8 Thomas Andrews 2019-12-19 16:26:10 CET
No problem. It's always best to find and correct these things before we release an update. This is something I never would have found, except by accident.

Tested the original update, and confirmed the problem with a space in the name, using the same file as the previous test, renamed in Dolphin to insert a space.

Unfortunately, the problem persists with the package from Comment 7. The result of the command executed on a file without a space in the name still works, but with a space in the name the result is much like that of Comment 3. The error message is "Failed to open" with the filename truncated at the space, followed by a dump of all that other nearly useless information.

So, give it another try. In the meantime, let me know if there is anything else I should try to test, and I will do what I can.
Comment 9 Nicolas Salguero 2019-12-19 17:51:19 CET
This time it is good in all my tests.

Updated package in core/updates_testing:

from SRPMS:
Comment 10 Thomas Andrews 2019-12-19 20:27:42 CET
Still no joy here, Nicolas. 

The original pcl file was named "Kelly.pcl." I've renamed a copy to "Ke lly.pcl" for these tests. Both are currently in /home/tom.

Using just the file name in the path, I get this:

$ gpcl6 Ke lly.pcl
Failed to open file 'Ke /home/tom/lly.pcl'

Using the full path in the command, I get this:

$ gpcl6 /home/tom/Ke lly.pcl
Failed to open file '/home/tom/Ke /home/tom/lly.pcl'

And "Kelly.pcl" continues to work as it should.
Comment 11 Frank Griffin 2019-12-19 20:42:21 CET
That's because bash uses blanks as command-line delimiters.  If you have a filename parameter like yours, you have to surround it in either single or double quotes, e. g. 

     gcl6 "Ke lly.pcl"

CC: (none) => ftg

Comment 12 Thomas Andrews 2019-12-19 20:55:02 CET
Thanks, Frank. The command line has never been my forte'.

That does it, Nicolas. Sorry about the extra noise.

Giving it an OK again, but waiting a bit for validating, just in case...

Whiteboard: (none) => MGA7-64-OK

Comment 13 Thomas Andrews 2019-12-20 14:33:16 CET
Validating again. Advisory information still in Comment 1.

Keywords: (none) => validated_update

Thomas Backlund 2019-12-24 12:44:43 CET

Keywords: (none) => advisory
CC: (none) => tmb

Comment 14 Mageia Robot 2019-12-24 13:25:47 CET
An update for this issue has been pushed to the Mageia Updates repository.


Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.