Format: 1.8 Date: Thu, 01 Dec 2016 08:37:22 -0600 Source: ghostscript Binary: ghostscript gs-common ghostscript-cups ghostscript-x ghostscript-doc libgs9 libgs9-common libgs-dev ghostscript-dbg Architecture: amd64 Version: 9.05~dfsg-0ubuntu4.4 Distribution: precise Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Emily Ratliff Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-cups - interpreter for the PostScript language and for PDF - CUPS filter ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati ghostscript-x - interpreter for the PostScript language and for PDF - X11 support gs-common - Transitional dummy package for ghostscript libgs-dev - interpreter for the PostScript language and for PDF - Development libgs9 - interpreter for the PostScript language and for PDF - Library libgs9-common - interpreter for the PostScript language and for PDF - common file Changes: ghostscript (9.05~dfsg-0ubuntu4.4) precise-security; urgency=medium . * SECURITY UPDATE: Information disclosure through getenv, filenameforall - debian/patches/CVE-2013-5653.patch: Have filenameforall and getenv honor SAFER - CVE-2013-5653 * SECURITY UPDATE: userparams with %pipe% in paths allow remote shell exec - debian/patches/CVE-2016-7976.patch: Add a file permissions callback - CVE-2016-7976 * SECURITY UPDATE: use-after-free and remote code execution - debian/patches/CVE-2016-7978.patch: Reference count device icc profile - CVE-2016-7978 * SECURITY UPDATE: type confusion allows remote code execution - debian/patches/CVE-2016-7979.patch: DSC parser - validate parameters - CVE-2016-7979 * SECURITY UPDATE: NULL dereference - debian/patches/CVE-2016-8602.patch: check for sufficient params - CVE-2016-8602 * SECURITY UPDATE: fix SAFER permissions - debian/patches/CVE-2016-7977.patch: Be rigorous with SAFER permissions - CVE-2016-7977 Checksums-Sha1: ec50b9e93c70dff5493e05c06c228ec447900b8c 44610 ghostscript_9.05~dfsg-0ubuntu4.4_amd64.deb e470262ee33cd446c9dc5d67ed055830b5c25558 4160 ghostscript-dbgsym_9.05~dfsg-0ubuntu4.4_amd64.ddeb a282a8b675c987e64435e6e2bf6a6a1e47fe94a8 24674 ghostscript-cups_9.05~dfsg-0ubuntu4.4_amd64.deb 62eff9c39c72e6b795356357f99d29319c699035 17682 ghostscript-cups-dbgsym_9.05~dfsg-0ubuntu4.4_amd64.ddeb 72f78422f141d51f78fa5b74603a67fee6736432 38302 ghostscript-x_9.05~dfsg-0ubuntu4.4_amd64.deb 9bd8953d7b2b52dd7cba8e270f9a576828530bbc 69828 ghostscript-x-dbgsym_9.05~dfsg-0ubuntu4.4_amd64.ddeb 856be15aea41df916bf09bb0dfd89ffcda85d5df 2254738 libgs9_9.05~dfsg-0ubuntu4.4_amd64.deb c2167b9cedecde04cc17cd0fb273643d1ba0f72a 4253916 libgs9-dbgsym_9.05~dfsg-0ubuntu4.4_amd64.ddeb 762918ba9f1e60da459f09bc2ddebc63d1b8cd2e 2866102 libgs-dev_9.05~dfsg-0ubuntu4.4_amd64.deb 9e3da6117ffe52fb5d7c05bc084c47d1b9d3e2cf 8592158 ghostscript-dbg_9.05~dfsg-0ubuntu4.4_amd64.deb Checksums-Sha256: 720b35e248017688e26a914747db1f442c7a085b9c51b20684764d3cd3f3b8d3 44610 ghostscript_9.05~dfsg-0ubuntu4.4_amd64.deb 7b7bab077d8efebd86fcb30ec65e5d18922b4c06eb2171b4b85ec2b0c0fc431c 4160 ghostscript-dbgsym_9.05~dfsg-0ubuntu4.4_amd64.ddeb 29f5414bfaeb7a6fed711f6ee9088bd49135f3b4374ebc66f4dcec00dc06c7cb 24674 ghostscript-cups_9.05~dfsg-0ubuntu4.4_amd64.deb 199fda0d7e7223ba892c618e1a133564ea7e06f1b8b7dd69e062b06a9a18089c 17682 ghostscript-cups-dbgsym_9.05~dfsg-0ubuntu4.4_amd64.ddeb 79045de44cb42530981e9d23a3816c9f313c01d546c20f5c651e28f6db84a01a 38302 ghostscript-x_9.05~dfsg-0ubuntu4.4_amd64.deb a1721095680ac5fc7e747f8499787b15653b7abff28dfd924f82d3cb92bd91ee 69828 ghostscript-x-dbgsym_9.05~dfsg-0ubuntu4.4_amd64.ddeb b3be81c048dcbdef9bad54b2729f29b662a38e0f8efc31aeed4d9ea1e6863621 2254738 libgs9_9.05~dfsg-0ubuntu4.4_amd64.deb c48bf069897ee6dd28dc9ce09d561b7ede16f2ce67ded4c47fdf902431d0cdab 4253916 libgs9-dbgsym_9.05~dfsg-0ubuntu4.4_amd64.ddeb dc79c5b58fe47d820114a9ad15e4570c7bf43eb88e7179b3d59c20e273a83c91 2866102 libgs-dev_9.05~dfsg-0ubuntu4.4_amd64.deb 42a094f2b0d2188a634193204eda908804d68aa1ceea59824406f1aa593ab32b 8592158 ghostscript-dbg_9.05~dfsg-0ubuntu4.4_amd64.deb Files: cba8fa9bd8f73d67d2aa55af41f6f560 44610 text optional ghostscript_9.05~dfsg-0ubuntu4.4_amd64.deb b3cb985cd13e794359e1e62b3b22e6f0 4160 text extra ghostscript-dbgsym_9.05~dfsg-0ubuntu4.4_amd64.ddeb e7c9f78b10558acfe6e510dcbcb56a8a 24674 text optional ghostscript-cups_9.05~dfsg-0ubuntu4.4_amd64.deb c3e2e03f46123554e3de1e7ececb7c90 17682 text extra ghostscript-cups-dbgsym_9.05~dfsg-0ubuntu4.4_amd64.ddeb 95161a1ac1b8194e81ab51ad1b670757 38302 text optional ghostscript-x_9.05~dfsg-0ubuntu4.4_amd64.deb 1a1455dc8518b25cacd9c0a8b6e21c0a 69828 text extra ghostscript-x-dbgsym_9.05~dfsg-0ubuntu4.4_amd64.ddeb 8ba02a8be55e90c1d1ddc7527d4780be 2254738 libs optional libgs9_9.05~dfsg-0ubuntu4.4_amd64.deb 9b3a593c9abb78ebb52e58a608971fb7 4253916 libs extra libgs9-dbgsym_9.05~dfsg-0ubuntu4.4_amd64.ddeb 5f0869f4cef2e8ce870b4a078aa65a9a 2866102 libdevel optional libgs-dev_9.05~dfsg-0ubuntu4.4_amd64.deb 57b731b39bcbdabb2b1348967f220276 8592158 debug extra ghostscript-dbg_9.05~dfsg-0ubuntu4.4_amd64.deb Original-Maintainer: Debian Printing Team