Format: 1.8 Date: Tue, 19 Mar 2019 09:03:50 -0400 Source: ghostscript Binary: ghostscript ghostscript-x ghostscript-doc libgs9 libgs9-common libgs-dev ghostscript-dbg Architecture: armhf Version: 9.26~dfsg+0-0ubuntu0.16.04.8 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati ghostscript-x - interpreter for the PostScript language and for PDF - X11 support libgs-dev - interpreter for the PostScript language and for PDF - Development libgs9 - interpreter for the PostScript language and for PDF - Library libgs9-common - interpreter for the PostScript language and for PDF - common file Changes: ghostscript (9.26~dfsg+0-0ubuntu0.16.04.8) xenial-security; urgency=medium . * SECURITY UPDATE: superexec operator is available - debian/patches/CVE-2019-3835-pre1.patch: Have gs_cet.ps run from gs_init.ps in Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps. - debian/patches/CVE-2019-3835-pre2.patch: Undef /odef in Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps. - debian/patches/CVE-2019-3835-1.patch: restrict superexec and remove it in Resource/Init/gs_cet.ps, Resource/Init/gs_dps1.ps, Resource/Init/gs_fonts.ps, Resource/Init/gs_init.ps, Resource/Init/gs_ttf.ps, Resource/Init/gs_type1.ps. - debian/patches/CVE-2019-3835-2.patch: obliterate superexec in Resource/Init/gs_init.ps, psi/icontext.c, psi/icstate.h, psi/zcontrol.c, psi/zdict.c, psi/zgeneric.c. - CVE-2019-3835 * SECURITY UPDATE: forceput in DefineResource is still accessible - debian/patches/CVE-2019-3838-1.patch: make a transient proc executeonly in Resource/Init/gs_res.ps. - debian/patches/CVE-2019-3838-2.patch: an extra transient proc needs executeonly in Resource/Init/gs_res.ps. - CVE-2019-3838 Checksums-Sha1: 8c279b97c0c5c6eb1e62779f5484ac57367e447c 6055652 ghostscript-dbg_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb 657c71e465cf2760195f3de37ab974ac80c008f4 1008 ghostscript-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.ddeb 74a551ecf2105fe26243336c33418b9482d28e30 944 ghostscript-x-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.ddeb 1bc21b4b19e797fc74b279511d6b3a42eeb2a4e8 39114 ghostscript-x_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb c9a3b7601badec20bd8f4d2e02f495a184652146 47074 ghostscript_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb d23c5bb1fd9ff945ab9be7576dc1289937d7f685 1000 libgs-dev-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.ddeb 969847e41c4dc60c6527d99c7c80e2918c12d325 25448 libgs-dev_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb af7b502a0dc7f9fe5dd071d482b1ae304b66aea4 984 libgs9-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.ddeb 8125ab05a25edd594fa5c9be457c9e661bce61cf 1968052 libgs9_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb Checksums-Sha256: 5509769c067dc834943c48706426e2662815dfd26887fab94be996c942260e8b 6055652 ghostscript-dbg_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb 6bf93518a30dea8602f526db441e4bc63844b211f0187a190bc1061ad92a2df5 1008 ghostscript-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.ddeb b092f61a831fc6e601e238cbbeb58b1f8b9f0b5c9d4af0781497689e76aa30c1 944 ghostscript-x-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.ddeb eef95880dad498e9178732da9a20230e06e8364397a2b99a2cdc96f0666a3a00 39114 ghostscript-x_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb 10abecbc6e315c88f9910995f1aa2ec181772b76fe6c7a42f31f7a6d2b04f537 47074 ghostscript_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb 00226b2c86f01da5d65b492d350e26012833134a6ae9ea18f51ea16642d59510 1000 libgs-dev-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.ddeb 8bd3ab98098a17aa5b5de0d39ec6df80f289bebda7f7b7cded55bd9dc01d90e5 25448 libgs-dev_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb e88b7632dfd5b9f002a102bc347c18d5a1b58d2fc2ead239729a48db1b160090 984 libgs9-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.ddeb 4221acacd36f339869656ea38556f136e7c3b4c15641c0da035c7e9e9665dd39 1968052 libgs9_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb Files: 67f729dfdc3ab736fe3a1733d733d32a 6055652 debug extra ghostscript-dbg_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb 4407ad4885ac7f089be18f45e5b8dab7 1008 text extra ghostscript-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.ddeb e295330f6a852dedb7636c3a02e67c56 944 text extra ghostscript-x-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.ddeb 8a17722023634199a35af4793fd43755 39114 text optional ghostscript-x_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb d7a801371794fa18e5fa79e93a4ff20c 47074 text optional ghostscript_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb ecbd3165c64ca680f187c0af83fabc56 1000 libdevel extra libgs-dev-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.ddeb 1efaf41264e086069f3349d02dcdf7f9 25448 libdevel optional libgs-dev_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb e57a709e74142f314709000e7a9b39f8 984 libs extra libgs9-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.ddeb 96109b5f98fa0068c1c333794b39611e 1968052 libs optional libgs9_9.26~dfsg+0-0ubuntu0.16.04.8_armhf.deb Original-Maintainer: Debian Printing Team