ghostscript 9.26~dfsg+0-0ubuntu0.18.04.14 source package in Ubuntu

Changelog

ghostscript (9.26~dfsg+0-0ubuntu0.18.04.14) bionic-security; urgency=medium

  * SECURITY UPDATE: integer overflow in opj_t1_encode_cblks
    - debian/patches/CVE-2018-5727.patch: fix UBSAN signed integer overflow
      in openjpeg/src/lib/openjp2/t1.c.
    - CVE-2018-5727
  * SECURITY UPDATE: heap overflow in opj_t1_clbl_decode_processor
    - debian/patches/CVE-2020-6851.patch: reject images whose
      coordinates are beyond INT_MAX in openjpeg/src/lib/openjp2/j2k.c.
    - CVE-2020-6851
  * SECURITY UPDATE: another heap overflow in opj_t1_clbl_decode_processor
    - debian/patches/CVE-2020-8112.patch: avoid integer overflow in
      openjpeg/src/lib/openjp2/tcd.c.
    - CVE-2020-8112
  * SECURITY UPDATE: heap-buffer-overflow
    - debian/patches/CVE-2020-27814-1.patch: grow buffer size in
      openjpeg/src/lib/openjp2/tcd.c.
    - debian/patches/CVE-2020-27814-2.patch: grow it again
    - debian/patches/CVE-2020-27814-3.patch: and some more
    - debian/patches/CVE-2020-27814-4.patch: bigger, BIGGER!!!
    - CVE-2020-27814
  * SECURITY UPDATE: global-buffer-overflow
    - debian/patches/CVE-2020-27824.patch: avoid global buffer overflow on
      irreversible conversion when too many decomposition levels are
      specified in openjpeg/src/lib/openjp2/dwt.c.
    - CVE-2020-27824
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2020-27841.patch: add extra checks to
      openjpeg/src/lib/openjp2/pi.c, openjpeg/src/lib/openjp2/pi.h,
      openjpeg/src/lib/openjp2/t2.c.
    - CVE-2020-27841
  * SECURITY UPDATE: null pointer dereference
    - debian/patches/CVE-2020-27842.patch: add check to
      openjpeg/src/lib/openjp2/t2.c.
    - CVE-2020-27842
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2020-27843.patch: add check to
      openjpeg/src/lib/openjp2/t2.c.
    - CVE-2020-27843
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2020-27845.patch: add extra checks to
      openjpeg/src/lib/openjp2/pi.c.
    - CVE-2020-27845

 -- Marc Deslauriers <email address hidden>  Wed, 06 Jan 2021 12:44:08 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2021-01-06
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
text
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Bionic updates on 2021-01-07 main text
Bionic security on 2021-01-07 main text

Downloads

File Size SHA-256 Checksum
ghostscript_9.26~dfsg+0.orig.tar.xz 25.8 MiB f13dd2be0499ae47f508d66be4f7a61056674c2ee6ff53d954e84bc634986bd7
ghostscript_9.26~dfsg+0-0ubuntu0.18.04.14.debian.tar.xz 143.4 KiB d8788af4d78a08630fc5bdd23d2ba36ab1abde2307bf89537c16172afe3b7e1d
ghostscript_9.26~dfsg+0-0ubuntu0.18.04.14.dsc 2.8 KiB 0faeb8224a33e56e29e80e22eb5705c70c2d5257cf35e9608c9dbbc0f1215904

View changes file

Binary packages built by this source

ghostscript: interpreter for the PostScript language and for PDF

 GPL Ghostscript is used for PostScript/PDF preview and printing.
 Usually as a back-end to a program such as ghostview, it can display
 PostScript and PDF documents in an X11 environment.
 .
 Furthermore, it can render PostScript and PDF files as graphics to be
 printed on non-PostScript printers. Supported printers include common
 dot-matrix, inkjet and laser models.

ghostscript-dbg: interpreter for the PostScript language and for PDF - Debug symbols

 GPL Ghostscript is used for PostScript/PDF preview and printing.
 Usually as a back-end to a program such as ghostview, it can display
 PostScript and PDF documents in an X11 environment.
 .
 This package contains the debugging symbols for ghostscript,
 ghostscript-x, and libgs9.

ghostscript-doc: interpreter for the PostScript language and for PDF - Documentation

 GPL Ghostscript is used for PostScript/PDF preview and printing.
 Usually as a back-end to a program such as ghostview, it can display
 PostScript and PDF documents in an X11 environment.
 .
 This package contains documentation for GPL Ghostscript, mainly
 targeted developers and advanced users.

ghostscript-x: interpreter for the PostScript language and for PDF - X11 support

 GPL Ghostscript is used for PostScript/PDF preview and printing.
 Usually as a back-end to a program such as ghostview, it can display
 PostScript and PDF documents in an X11 environment.
 .
 This package contains the GPL Ghostscript output device for X11.

libgs-dev: interpreter for the PostScript language and for PDF - Development Files

 GPL Ghostscript is used for PostScript/PDF preview and printing.
 Usually as a back-end to a program such as ghostview, it can display
 PostScript and PDF documents in an X11 environment.
 .
 This package provides the development files for the GPL Ghostscript
 library which makes the facilities of GPL Ghostscript available to
 applications.

libgs9: interpreter for the PostScript language and for PDF - Library

 GPL Ghostscript is used for PostScript/PDF preview and printing.
 Usually as a back-end to a program such as ghostview, it can display
 PostScript and PDF documents in an X11 environment.
 .
 This package provides the Ghostscript library which makes the
 facilities of GPL Ghostscript available to applications.

libgs9-common: interpreter for the PostScript language and for PDF - common files

 GPL Ghostscript is used for PostScript/PDF preview and printing.
 Usually as a back-end to a program such as ghostview, it can display
 PostScript and PDF documents in an X11 environment.
 .
 This package provides common architecture-independent files needed by
 the GPL Ghostscript library.
 .
 By default, GPL Ghostscript uses a font from the fonts-droid package to
 approximate glyphs in PDFs for which the requested CJK TrueType font
 is missing. If the fonts-droid package is not installed, these glyphs
 will be rendered as bullets.