-
ghostscript (8.71.dfsg.1-0ubuntu5.7) lucid-security; urgency=medium
* SECURITY UPDATE: denial of service via crafted ICC color profile
- debian/patches/CVE-2014-8137.dpatch: prevent double-free in
jasper/src/libjasper/base/jas_icc.c, remove assert in
jasper/src/libjasper/jp2/jp2_dec.c.
- CVE-2014-8137
* SECURITY UPDATE: denial of service or code execution via invalid
channel number
- debian/patches/CVE-2014-8138.dpatch: validate channel number in
jasper/src/libjasper/jp2/jp2_dec.c.
- CVE-2014-8138
* SECURITY UPDATE: denial of service or code execution via off-by-one
- debian/patches/CVE-2014-8157.dpatch: fix off-by-one in
jasper/src/libjasper/jpc/jpc_dec.c.
- CVE-2014-8157
* SECURITY UPDATE: denial of service or code execution via memory
corruption
- debian/patches/CVE-2014-8158.dpatch: remove HAVE_VLA to use more
sensible buffer sizes in jasper/src/libjasper/jpc/jpc_qmfb.c.
- CVE-2014-8158
-- Marc Deslauriers <email address hidden> Thu, 22 Jan 2015 13:09:28 -0500
-
ghostscript (8.71.dfsg.1-0ubuntu5.6) lucid-security; urgency=medium
* SECURITY UPDATE: heap overflows via crafted jp2 file
- debian/patches/CVE-2014-9029.dpatch: fix off-by-one in
jasper/src/libjasper/jpc/jpc_dec.c.
- CVE-2014-9029
-- Marc Deslauriers <email address hidden> Fri, 05 Dec 2014 15:47:32 -0500
-
ghostscript (8.71.dfsg.1-0ubuntu5.5) lucid-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
icclib overflow
- debian/patches/CVE-2012-4405.dpatch: validate input channels in
icclib/icc.c.
- CVE-2012-4405
-- Marc Deslauriers <email address hidden> Fri, 21 Sep 2012 08:55:37 -0400
-
ghostscript (8.71.dfsg.1-0ubuntu5.4) lucid-security; urgency=low
* SECURITY UPDATE: integer overflows via integer multiplication for
memory allocation
- debian/patches/CVE-2008-352x.dpatch: introduce new size-checked
allocation functions and use them in:
* jasper/src/libjasper/base/{jas_cm.c,jas_icc.c,jas_image.c,
jas_malloc.c,jas_seq.c}
* jasper/src/libjasper/bmp/bmp_dec.c
* jasper/src/libjasper/include/jasper/jas_malloc.h
* jasper/src/libjasper/jp2/{jp2_cod.c,jp2_dec.c,jp2_enc.c}
* jasper/src/libjasper/jpc/{jpc_cs.c,jpc_dec.c,jpc_enc.c,jpc_mqdec.c,
jpc_mqenc.c,jpc_qmfb.c,jpc_t1enc.c,jpc_t2cod.c,jpc_t2dec.c,
jpc_t2enc.c,jpc_tagtree.c,jpc_util.c}
* jasper/src/libjasper/mif/mif_cod.c
- CVE-2008-3520
* SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
- debian/patches/CVE-2008-352x.dpatch: use vsnprintf() in
jasper/src/libjasper/base/jas_stream.c
- CVE-2008-3522
* SECURITY UPDATE: denial of service and possible code execution via
heap-based buffer overflows.
- debian/patches/CVE-2011-451x.dpatch: validate compparms->numrlvls
and allocate proper size in jasper/src/libjasper/jpc/jpc_cs.c.
- CVE-2011-4516
- CVE-2011-4517
-- Marc Deslauriers <email address hidden> Tue, 20 Dec 2011 15:44:19 -0500
-
ghostscript (8.71.dfsg.1-0ubuntu5.3) lucid-proposed; urgency=low
* debian/patches/ps2pdf-hyperlinks.dpatch: Let ps2pdf create proper hyperlinks
(LP: #583990, upstream bug #691344).
-- Till Kamppeter <email address hidden> Mon, 19 Jul 2010 19:15:20 +0200
-
ghostscript (8.71.dfsg.1-0ubuntu5.2) lucid-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via unlimited recursive
procedure invocations (LP: #546009)
- debian/patches/CVE-2010-1628.dpatch: only initialize structures if
all allocations were successful in psi/ialloc.c, psi/idosave.h,
psi/isave.c.
- CVE-2010-1628
-- Marc Deslauriers <email address hidden> Fri, 09 Jul 2010 08:06:19 -0400
-
ghostscript (8.71.dfsg.1-0ubuntu5.1) lucid-proposed; urgency=low
* debian/patches/pdf-interpreter-segfault-fixes.dpatch,
debian/patches/cups-raster-fixes.dpatch,
debian/patches/fapi-buildchar-object-null-check.dpatch,
debian/patches/cups-raster-error-out-without-segfault-and-force-banding.dpatch,
debian/patches/cups-raster-fix-memory-reallocation.dpatch: Fixed several
problems in the PDF interpreter and the CUPS Raster output device of
Ghostscript to avoid Ghostscript erroring out or even crashing on many
input files when printing with a CUPS Raster driver (LP: 539708, upstream
bug #691014). Joined all changes on cups/gdevcups.c into one patch as
the patches are overlapping and parts of the old patches are undone.
-- Till Kamppeter <email address hidden> Thu, 29 Apr 2010 09:43:23 +0200
-
ghostscript (8.71.dfsg.1-0ubuntu5) lucid; urgency=low
* debian/patches/pdf2dsc-fix-for-pdflatex-preview.dpatch:
Fix pdflatex preview mode using the patch from http://svn.ghostscript.com/viewvc?view=rev&revision=10778
by William Bader (LP: #543266)
-- Josh Holland <email address hidden> Fri, 02 Apr 2010 08:25:31 +0100
-
ghostscript (8.71.dfsg.1-0ubuntu4) lucid; urgency=low
* debian/patches/cups-raster-error-out-without-segfault-and-force-banding.dpatch:
Make the "cups" output device (CUPS Raster) error out correctly without
causing segfaults and also force banding mode as some PDFs do not render
otherwise (LP: #534525).
-- Till Kamppeter <email address hidden> Tue, 23 Mar 2010 10:22:23 +0100
-
ghostscript (8.71.dfsg.1-0ubuntu3) lucid; urgency=low
* debian/patches/pdftoraster-wait-for-ghostscript.dpatch: pdftoraster exited
already before its Ghostscript subprocess finished. Thanks to Tim Waugh
from Red Hat for the fix.
* debian/patches/cups-raster-fix-memory-reallocation.dpatch: Fixed bug
in memory reallocation on bitmap size changes. Color depth was not
taken into account. This caused black pages to be printed with some
CUPS Raster drivers, like Turboprint. Fixes upstream bugs #691029 and
#691108.
* debian/patches/fix-broken-korean-example.dpatch: Fixed example file for
rendering Korean text.
-- Till Kamppeter <email address hidden> Tue, 9 Mar 2010 17:56:23 +0100
-
ghostscript (8.71.dfsg.1-0ubuntu2) lucid; urgency=low
* no-cant-refill-scanner-input-buffer-error.dpatch: Ghostscript errored out
when getting fed with the Ubuntu test page
(/usr/share/system-config-printer/testpage-a4.ps) on stdin giving a
"Can't refill scanner input buffer" error. (Upstream bugs #691137,
#690909).
-- Till Kamppeter <email address hidden> Wed, 24 Feb 2010 10:08:23 +0100
-
ghostscript (8.71.dfsg.1-0ubuntu1) lucid; urgency=low
* New upstream release
o libtiff-based tiff file output
o New "tiffsep1" output device produces halftoned separations at 1 bit
per pixel
o Improved FreeType-based font rasterizing (not yet used as default)
o Improved graphics library for vector graphics conversions
o Many bug fixes on the PCL-XL printer drivers ("pxlmono", "pxlcolor")
o Fixes on back side handling for duplex printing in the CUPS Raster
output device ("cups").
* debian/patches/gs-cups-rgb-gamma.dpatch,
debian/patches/cljet5-mediasize-fix.dpatch,
debian/patches/pxl-driver-fixes.dpatch,
debian/patches/gs-cups-fix-backside-on-duplex-jobs.dpatch: Removed patches
backported from upstream.
* debian/patches/fix-build-of-executables.dpatch: Fix build of the "gs"
executable, it was built as a shared library and not as an executable.
This lead to an immediate segfault even before "main()" got called.
Thanks to Robin Watts from Ghostscript for the quick fix.
* debian/control: Added build dependency on libtiff-dev.
* debian/ghostscript.links: s/8.70/8.71/
-- Till Kamppeter <email address hidden> Thu, 11 Feb 2010 11:31:23 +0100
-
ghostscript (8.70.dfsg.1-0ubuntu5) lucid; urgency=low
* debian/patches/gs-cups-fix-backside-on-duplex-jobs.dpatch: The "cups"
output device (generating input for the CUPS Raster drivers) did not
update the margins and page orientation for the back sides in time and
so the back side was often the wrong way around, especially with printers
which print the back sides backwards, like HP inkjets. The problem occurs
only with PostScript as input and not with PDF, which made the bug not
showing in Ubuntu and Debian. This change is applied to Ubuntu's
Ghostscript so that Lucid users regression-test it before Ghostscript
8.71 gets released in February (HPLIP upstream bug: LP: #484928).
-- Till Kamppeter <email address hidden> Tue, 26 Jan 2010 15:25:23 +0100
-
ghostscript (8.70.dfsg.1-0ubuntu4) lucid; urgency=low
* debian/patches/pxl-driver-fixes.dpatch: Several upstream bug fixes
on the PCL-XL drivers ("pxlcolor"/"pxlmono") in Ghostscript, especially
also for PDF input. Thanks to Hin-Tak Leung on putting all that work
into this driver which stayed nearly untouched for around 10 years.
(LP: #361772).
-- Till Kamppeter <email address hidden> Mon, 7 Dec 2009 20:23:23 +0100
-
ghostscript (8.70.dfsg.1-0ubuntu3) karmic; urgency=low
* debian/patches/cljet5-mediasize-fix.dpatch: Upstream fix for the media
size handling of the "cljet5" printer driver.
-- Till Kamppeter <email address hidden> Mon, 12 oct 2009 15:47:23 +0200