-
ghostscript (9.55.0~dfsg1-0ubuntu5.7) jammy-security; urgency=medium
* SECURITY UPDATE: Policy bypass via improperly checked eexec seed
- debian/patches/CVE-2023-52722.patch: Prevent eexec seeds other than
Type 1 standard when SAFER mode is used in zmisc1.c.
- CVE-2023-52722
* SECURITY UPDATE: Arbitrary code execution via uniprint device
- debian/patches/CVE-2024-29510.patch: Prevent changes to uniprint device
argument strings after SAFER is activated in gdevupd.c.
- CVE-2024-29510
* SECURITY UPDATE: Path traversal and arbitrary code execution via improperly
checked path arguments
- debian/patches/CVE-2024-33869-part1.patch: Check that a current working
directory specifier is valid before stripping it from gpmisc.c.
- debian/patches/CVE-2024-33869-part2.patch: Check that a current working
directory specifier is valid before stripping it from gpmisc.c.
- CVE-2024-33869
* SECURITY UPDATE: Path traversal via improperly checked path arguments
- debian/patches/CVE-2024-33870.patch: Add a check for parent directory
prefixes when handling relative paths in gpmisc.c.
- CVE-2024-33870
* SECURITY UPDATE: Arbitrary code execution via custom driver library
- debian/patches/CVE-2024-33871.patch: Prevent changes to parameter that
specifies the names of dynamic libraries to be loaded by the opvp/oprp
device in gdevopvp.c
- CVE-2024-33871
-- Chris Kim <email address hidden> Mon, 03 Jun 2024 21:54:57 -0700
-
ghostscript (9.55.0~dfsg1-0ubuntu5.6) jammy-security; urgency=medium
* SECURITY UPDATE: DoS via dangling pointer
- debian/patches/CVE-2023-46751.patch: fix tiffsep(1) requirement for
seekable output files in base/gdevprn.c, devices/gdevtsep.c.
- CVE-2023-46751
-- Marc Deslauriers <email address hidden> Mon, 11 Dec 2023 14:25:45 -0500
-
ghostscript (9.55.0~dfsg1-0ubuntu5.5) jammy-security; urgency=medium
* SECURITY UPDATE: code execution via PS documents and IJS device
- debian/patches/CVE-2023-43115.patch: prevent PostScript programs
switching to the IJS device after SAFER has been activated in
devices/gdevijs.c.
- CVE-2023-43115
-- Marc Deslauriers <email address hidden> Thu, 12 Oct 2023 09:02:58 -0400
-
ghostscript (9.55.0~dfsg1-0ubuntu5.4) jammy-security; urgency=medium
* SECURITY UPDATE: buffer overflow
- debian/patches/CVE-2023-38559.patch: bounds check the buffer prior to
deferencing the pointer in devn_pcx_write_rle() in base/gdevdevn.c.
- CVE-2023-38559
-- Allen Huang <email address hidden> Tue, 15 Aug 2023 11:40:49 +0100
-
ghostscript (9.55.0~dfsg1-0ubuntu5.3) jammy-security; urgency=medium
* SECURITY UPDATE: incorrect permission validation for pipe devices
- debian/patches/CVE-2023-36664-1.patch: don't reduce pipe file names
for permission validation in base/gpmisc.c, base/gslibctx.c.
- debian/patches/CVE-2023-36664-2.patch: fix logic and add extra test
in base/gpmisc.c, base/gslibctx.c.
- CVE-2023-36664
-- Marc Deslauriers <email address hidden> Wed, 05 Jul 2023 12:49:52 -0400
-
ghostscript (9.55.0~dfsg1-0ubuntu5.2) jammy-security; urgency=medium
* SECURITY UPDATE: Buffer Overflow
- debian/patches/CVE-2023-28879.patch: add check to make sure that the
buffer has space for two characters in s_xBCPE_process() in base/sbcp.c.
- CVE-2023-28879
-- Rodrigo Figueiredo Zaiden <email address hidden> Thu, 13 Apr 2023 11:15:40 -0300
-
ghostscript (9.55.0~dfsg1-0ubuntu5.1) jammy-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference issue
- debian/patches/CVE-2022-2085.patch: add init_device_procs entry for
mem_x_device in base/gdevmx.c.
- CVE-2022-2085
-- Marc Deslauriers <email address hidden> Mon, 26 Sep 2022 10:05:05 -0400
-
ghostscript (9.55.0~dfsg1-0ubuntu5) jammy; urgency=medium
* No-change rebuild for ppc64el baseline bump.
-- Łukasz 'sil2100' Zemczak <email address hidden> Wed, 23 Mar 2022 14:54:34 +0100
-
ghostscript (9.55.0~dfsg1-0ubuntu4) jammy; urgency=medium
* Just mark all libtesseract symbols optional and be done with it.
-- Steve Langasek <email address hidden> Tue, 07 Dec 2021 21:21:02 +0000
-
ghostscript (9.55.0~dfsg1-0ubuntu3) jammy; urgency=medium
* Mark as optional various symbols which are leaked from the embedded
tesseract library and are not part of the public API, and which are also
arch-specific so causing build failures on non-x86.
-- Steve Langasek <email address hidden> Tue, 07 Dec 2021 20:27:02 +0000
-
ghostscript (9.55.0~dfsg1-0ubuntu2) jammy; urgency=medium
* Merge with Debian unstable. Remaining changes:
- New re-packaging of Ghostscript 9.54.0, keeping the leptonica and
tesseract convenience copies in as they are not in Ubuntu Main. Added
appropriate remark to debian/copyright.
- Updated debian/libgs9.symbols.
ghostscript (9.55.0~dfsg-3) unstable; urgency=medium
* add patch cherry-picked upstream
to fix the logic for freeing X pixmap;
really closes: bug#998888, thanks again to Florian Lindemann
ghostscript (9.55.0~dfsg-2) unstable; urgency=medium
* add patch cherry-picked upstream
to fix gx_default_copy_alpha calling get_bits_rectangle;
closes: bug#1000710, thanks to Hilmar Preuße
-- Paride Legovini <email address hidden> Thu, 02 Dec 2021 12:39:37 +0100
-
ghostscript (9.55.0~dfsg1-0ubuntu1) jammy; urgency=low
* Merge from Debian unstable. Remaining changes:
- New re-packaging of Ghostscript 9.54.0, keeping the leptonica and
tesseract convenience copies in as they are not in Ubuntu Main. Added
appropriate remark to debian/copyright.
* Updated debian/libgs9.symbols.
-- Till Kamppeter <email address hidden> Mon, 22 Nov 2021 18:24:56 +0100
-
ghostscript (9.54.0~dfsg1-0ubuntu3) jammy; urgency=medium
* No-change rebuild against libidn12
-- Steve Langasek <email address hidden> Sun, 07 Nov 2021 05:32:06 +0000
-
ghostscript (9.54.0~dfsg1-0ubuntu2) impish; urgency=medium
* SECURITY UPDATE: Trivial -dSAFER bypass
- debian/patches/CVE-2021-3781.patch: include device specifier strings
in access validation in base/gdevpipe.c, base/gp_mshdl.c,
base/gp_msprn.c, base/gp_os2pr.c, base/gslibctx.c.
- CVE-2021-3781
-- Marc Deslauriers <email address hidden> Fri, 10 Sep 2021 07:59:00 -0400