Format: 1.8 Date: Thu, 21 Mar 2019 13:15:30 -0400 Source: ghostscript Binary: ghostscript ghostscript-dbg ghostscript-x libgs-dev libgs9 Architecture: armhf Version: 9.26~dfsg+0-0ubuntu7 Distribution: disco-proposed Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo ghostscript-x - interpreter for the PostScript language and for PDF - X11 support libgs-dev - interpreter for the PostScript language and for PDF - Development libgs9 - interpreter for the PostScript language and for PDF - Library Changes: ghostscript (9.26~dfsg+0-0ubuntu7) disco; urgency=medium . * SECURITY UPDATE: superexec operator is available - debian/patches/CVE-2019-3835-pre1.patch: Have gs_cet.ps run from gs_init.ps in Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps. - debian/patches/CVE-2019-3835-pre2.patch: Undef /odef in Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps. - debian/patches/CVE-2019-3835-1.patch: restrict superexec and remove it in Resource/Init/gs_cet.ps, Resource/Init/gs_dps1.ps, Resource/Init/gs_fonts.ps, Resource/Init/gs_init.ps, Resource/Init/gs_ttf.ps, Resource/Init/gs_type1.ps. - debian/patches/CVE-2019-3835-2.patch: obliterate superexec in Resource/Init/gs_init.ps, psi/icontext.c, psi/icstate.h, psi/zcontrol.c, psi/zdict.c, psi/zgeneric.c. - CVE-2019-3835 * SECURITY UPDATE: forceput in DefineResource is still accessible - debian/patches/CVE-2019-3838-1.patch: make a transient proc executeonly in Resource/Init/gs_res.ps. - debian/patches/CVE-2019-3838-2.patch: an extra transient proc needs executeonly in Resource/Init/gs_res.ps. - CVE-2019-3838 Checksums-Sha1: 53ce80468274ad3047253eb8722b1da8fb866852 14838272 ghostscript-dbg_9.26~dfsg+0-0ubuntu7_armhf.deb 5a7e3686802068f98a567254ae7b3097d220a06f 38852 ghostscript-x_9.26~dfsg+0-0ubuntu7_armhf.deb 1852c074f32672622a187ca54123b8eecd8d45b5 12219 ghostscript_9.26~dfsg+0-0ubuntu7_armhf.buildinfo 2aeee4ac09b6d1ba34bdff46e03974cf1549675e 51432 ghostscript_9.26~dfsg+0-0ubuntu7_armhf.deb cbd32294b6f6856bca8e8fb070ff6d96dcffc411 25520 libgs-dev_9.26~dfsg+0-0ubuntu7_armhf.deb 5621b4d8c57f06ca2fac6984144e4010b66a3197 2059004 libgs9_9.26~dfsg+0-0ubuntu7_armhf.deb Checksums-Sha256: 01eb0a14a83b05ed5ed66bea7e892e9e2387e7ed9771344e0f5ebee745f37844 14838272 ghostscript-dbg_9.26~dfsg+0-0ubuntu7_armhf.deb 73c4bf8c60a2c7b226754b3e80318aaca180b6d7535ab6cf03d4d7762adfee9b 38852 ghostscript-x_9.26~dfsg+0-0ubuntu7_armhf.deb 17c82afe660193f7cf8f41b5312d880e14c065bf3302bc6df57eadaeb5b03288 12219 ghostscript_9.26~dfsg+0-0ubuntu7_armhf.buildinfo cfca470c2884ee931e9988578c9478fa865b2a72aafd9b10f55ed83ef651a653 51432 ghostscript_9.26~dfsg+0-0ubuntu7_armhf.deb b73558b38b7cda5bc8dc84d46d8f474ffe6f0bba6b357723d8edfae1df0f576c 25520 libgs-dev_9.26~dfsg+0-0ubuntu7_armhf.deb b35c97dd10120466accde239598d8c5228f3e66034ddfe156202c1e2340060ef 2059004 libgs9_9.26~dfsg+0-0ubuntu7_armhf.deb Files: 4632088eaf6a44bc13fecb8e23d2478f 14838272 debug extra ghostscript-dbg_9.26~dfsg+0-0ubuntu7_armhf.deb afc832e53c9019b3fc7f76eba7422ed6 38852 text optional ghostscript-x_9.26~dfsg+0-0ubuntu7_armhf.deb 438f2146362fd0071210aa309ced42de 12219 text optional ghostscript_9.26~dfsg+0-0ubuntu7_armhf.buildinfo 3ccae4a17789f519db6a33de89530b37 51432 text optional ghostscript_9.26~dfsg+0-0ubuntu7_armhf.deb fa3a8ac47973d24791100f67f47cff3b 25520 libdevel optional libgs-dev_9.26~dfsg+0-0ubuntu7_armhf.deb b559ef6c17c5c518558e56da27361e72 2059004 libs optional libgs9_9.26~dfsg+0-0ubuntu7_armhf.deb Original-Maintainer: Debian Printing Team