Format: 1.8 Date: Thu, 27 Apr 2017 17:38:59 -0700 Source: ghostscript Binary: ghostscript ghostscript-x ghostscript-doc libgs9 libgs9-common libgs-dev ghostscript-dbg Architecture: armhf Version: 9.18~dfsg~0-0ubuntu2.4 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Steve Beattie Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati ghostscript-x - interpreter for the PostScript language and for PDF - X11 support libgs-dev - interpreter for the PostScript language and for PDF - Development libgs9 - interpreter for the PostScript language and for PDF - Library libgs9-common - interpreter for the PostScript language and for PDF - common file Changes: ghostscript (9.18~dfsg~0-0ubuntu2.4) xenial-security; urgency=medium . * SECURITY UPDATE: invalid handling of parameters to .eqproc and .rsdparams allowed disabling -dSAFER and thus code execution - debian/patches/CVE-2017-8291-1.patch: check .eqproc parameters - debian/patches/CVE-2017-8291-2.patch: check .rsdparams parameters - CVE-2017-8291 * SECURITY UPDATE: use-after-free in color management module. - CVE-2016-10217.patch: Dont create new ctx when pdf14 device reenabled - CVE-2016-10217 * SECURITY UPDATE: divide-by-zero error denial of service in base/gxfill.c - CVE-2016-10219.patch: check for 0 in denominator - CVE-2016-10219 * SECURITY UPDATE: null pointer dereference denial of service - CVE-2016-10220.patch: initialize device data structure correctly - CVE-2016-10220 * SECURITY UPDATE: null pointer dereference denial of service - CVE-2017-5951.patch: use the correct param list enumerator - CVE-2017-5951 * SECURITY UPDATE: null pointer dereference denial of service - CVE-2017-7207.patch: ensure a device has raster memory, before trying to read it - CVE-2017-7207 Checksums-Sha1: 258eac7fec4dcbfe05e0e1092326040250e2043e 5533790 ghostscript-dbg_9.18~dfsg~0-0ubuntu2.4_armhf.deb 97c3e87bb427bff834ea1b2375519dbdf11677ea 1002 ghostscript-dbgsym_9.18~dfsg~0-0ubuntu2.4_armhf.ddeb d6b478b4f0537b6c232175926156eee967bda86a 940 ghostscript-x-dbgsym_9.18~dfsg~0-0ubuntu2.4_armhf.ddeb 2ad7fd7d956dba471764fb0f610afae8361f0cf0 30494 ghostscript-x_9.18~dfsg~0-0ubuntu2.4_armhf.deb 5fb94467b442e5e74872ba0ae2cb54e285d02ccf 40770 ghostscript_9.18~dfsg~0-0ubuntu2.4_armhf.deb ee97e8a726e2fcbee0afc9982cd56235c48c025c 998 libgs-dev-dbgsym_9.18~dfsg~0-0ubuntu2.4_armhf.ddeb b595a35a91b47f02c7f6ce3310be315293c0259d 2094968 libgs-dev_9.18~dfsg~0-0ubuntu2.4_armhf.deb 3b4d243471e3a84953e0019b7ea0b8377f0d1ac9 980 libgs9-dbgsym_9.18~dfsg~0-0ubuntu2.4_armhf.ddeb 0a872e0b1f1081c1e1c8be883403877c8639327c 1774462 libgs9_9.18~dfsg~0-0ubuntu2.4_armhf.deb Checksums-Sha256: acb7ad64ac7345c91a6e116dd164102ce7fe92e401b324262bacb79160d4d90b 5533790 ghostscript-dbg_9.18~dfsg~0-0ubuntu2.4_armhf.deb 3cea2832ebf92f08fe23f2a35f2b4fcc9e5eb6e1ffde509530afe9c1b1bd2a64 1002 ghostscript-dbgsym_9.18~dfsg~0-0ubuntu2.4_armhf.ddeb 068cbf5a86c6bddb647199d6977864b169275fb1d5891dadc57d021b6399d3f9 940 ghostscript-x-dbgsym_9.18~dfsg~0-0ubuntu2.4_armhf.ddeb eabe5bf8453ca042c3cf464779054edbfe85f1312b5237bd650084903948a013 30494 ghostscript-x_9.18~dfsg~0-0ubuntu2.4_armhf.deb ec2ee24709fb23d0249864d42524c12292397825a6df2d8e8accb9dd36cf66f7 40770 ghostscript_9.18~dfsg~0-0ubuntu2.4_armhf.deb e2ed9e489fa65e210eac491bb4eee0680ac5a035c6251d774d0318409255a335 998 libgs-dev-dbgsym_9.18~dfsg~0-0ubuntu2.4_armhf.ddeb 668dc0a63dd9e5fb0ee92734eeaa0c0333e55068ba1a6f7aa338ee2464ab5a18 2094968 libgs-dev_9.18~dfsg~0-0ubuntu2.4_armhf.deb da9729989ed2cec74b5b29976eca2fd3d1f754469aa1465ce650a471ccece7a1 980 libgs9-dbgsym_9.18~dfsg~0-0ubuntu2.4_armhf.ddeb 5d6db6f34d86517f2c93778ed4641f0bfd7590f60175065210367fb958d19a8f 1774462 libgs9_9.18~dfsg~0-0ubuntu2.4_armhf.deb Files: 6c9eff9d79ac9b224e2b854d1ad3e603 5533790 debug extra ghostscript-dbg_9.18~dfsg~0-0ubuntu2.4_armhf.deb 623d92a71dd56b955498ebdd16c4b2d3 1002 text extra ghostscript-dbgsym_9.18~dfsg~0-0ubuntu2.4_armhf.ddeb 7a051d919bf7d81f4048f224438ae554 940 text extra ghostscript-x-dbgsym_9.18~dfsg~0-0ubuntu2.4_armhf.ddeb 1d8583af78b90feaaf966ac3b36dd138 30494 text optional ghostscript-x_9.18~dfsg~0-0ubuntu2.4_armhf.deb 304c8311bbe7e1fc7aee1b0382f62ae0 40770 text optional ghostscript_9.18~dfsg~0-0ubuntu2.4_armhf.deb da11473e3a186df924bb12536a27cc34 998 libdevel extra libgs-dev-dbgsym_9.18~dfsg~0-0ubuntu2.4_armhf.ddeb 6ae1417f78d8f08999e63c8a4378b970 2094968 libdevel optional libgs-dev_9.18~dfsg~0-0ubuntu2.4_armhf.deb 9bdce21803df24f48968d7831ee1b497 980 libs extra libgs9-dbgsym_9.18~dfsg~0-0ubuntu2.4_armhf.ddeb fadd4ec6a73118e2d478a4c4f2c63e34 1774462 libs optional libgs9_9.18~dfsg~0-0ubuntu2.4_armhf.deb Original-Maintainer: Debian Printing Team