Author: Till Kamppeter
Revision Date: 2015-09-19 13:51:09 UTC

debian/rules: Demote texlive-lang-cjk from Recommends: to Suggests:
as it pulls in a large amount of unneeded packages (LP: #1449875).

Author: Till Kamppeter
Revision Date: 2015-09-19 13:51:09 UTC

debian/rules: Demote texlive-lang-cjk from Recommends: to Suggests:
as it pulls in a large amount of unneeded packages (LP: #1449875).

Author: Marc Deslauriers
Revision Date: 2015-07-29 16:00:29 UTC

* SECURITY UPDATE: integer overflow in gs_heap_alloc_bytes()
  - debian/patches/CVE-2015-3228.patch: added sanity check to
    base/gsmalloc.c.
  - CVE-2015-3228

Author: Marc Deslauriers
Revision Date: 2015-07-29 16:03:46 UTC

* SECURITY UPDATE: integer overflow in gs_heap_alloc_bytes()
  - debian/patches/CVE-2015-3228.patch: added sanity check to
    base/gsmalloc.c.
  - CVE-2015-3228

Author: Marc Deslauriers
Revision Date: 2015-07-29 16:05:11 UTC

* SECURITY UPDATE: integer overflow in gs_heap_alloc_bytes()
  - debian/patches/CVE-2015-3228.patch: added sanity check to
    base/gsmalloc.c.
  - CVE-2015-3228

Author: Marc Deslauriers
Revision Date: 2015-07-29 16:00:29 UTC

* SECURITY UPDATE: integer overflow in gs_heap_alloc_bytes()
  - debian/patches/CVE-2015-3228.patch: added sanity check to
    base/gsmalloc.c.
  - CVE-2015-3228

Author: Marc Deslauriers
Revision Date: 2015-07-29 16:05:11 UTC

* SECURITY UPDATE: integer overflow in gs_heap_alloc_bytes()
  - debian/patches/CVE-2015-3228.patch: added sanity check to
    base/gsmalloc.c.
  - CVE-2015-3228

Author: Marc Deslauriers
Revision Date: 2015-07-29 16:03:46 UTC

* SECURITY UPDATE: integer overflow in gs_heap_alloc_bytes()
  - debian/patches/CVE-2015-3228.patch: added sanity check to
    base/gsmalloc.c.
  - CVE-2015-3228

Author: Till Kamppeter
Revision Date: 2015-04-13 18:37:51 UTC

020150413_3e71154_pdfwrite_optimise_pdf_foget_resource_with_charproc_resources.patch:
Fixed a long delay caused when Ghostscript converts PostScript files to PDF
where the PostScript comes from evince when printing a displayed DjVu file
(LP: #525161, Upstream bug #695778).

Author: Till Kamppeter
Revision Date: 2015-04-13 18:37:51 UTC

020150413_3e71154_pdfwrite_optimise_pdf_foget_resource_with_charproc_resources.patch:
Fixed a long delay caused when Ghostscript converts PostScript files to PDF
where the PostScript comes from evince when printing a displayed DjVu file
(LP: #525161, Upstream bug #695778).

Author: Rolf Leggewie
Revision Date: 2015-03-18 15:40:28 UTC

debian/patches/lp1342312-infinite-loop.patch: backport upstream patch
to fix an infinite loop that can hang the gs program in certain
conditions. (LP: #1342312)

Author: Marc Deslauriers
Revision Date: 2015-01-22 13:09:28 UTC

* SECURITY UPDATE: denial of service via crafted ICC color profile
  - debian/patches/CVE-2014-8137.dpatch: prevent double-free in
    jasper/src/libjasper/base/jas_icc.c, remove assert in
    jasper/src/libjasper/jp2/jp2_dec.c.
  - CVE-2014-8137
* SECURITY UPDATE: denial of service or code execution via invalid
  channel number
  - debian/patches/CVE-2014-8138.dpatch: validate channel number in
    jasper/src/libjasper/jp2/jp2_dec.c.
  - CVE-2014-8138
* SECURITY UPDATE: denial of service or code execution via off-by-one
  - debian/patches/CVE-2014-8157.dpatch: fix off-by-one in
    jasper/src/libjasper/jpc/jpc_dec.c.
  - CVE-2014-8157
* SECURITY UPDATE: denial of service or code execution via memory
  corruption
  - debian/patches/CVE-2014-8158.dpatch: remove HAVE_VLA to use more
    sensible buffer sizes in jasper/src/libjasper/jpc/jpc_qmfb.c.
  - CVE-2014-8158

Author: Marc Deslauriers
Revision Date: 2015-01-22 13:09:28 UTC

* SECURITY UPDATE: denial of service via crafted ICC color profile
  - debian/patches/CVE-2014-8137.dpatch: prevent double-free in
    jasper/src/libjasper/base/jas_icc.c, remove assert in
    jasper/src/libjasper/jp2/jp2_dec.c.
  - CVE-2014-8137
* SECURITY UPDATE: denial of service or code execution via invalid
  channel number
  - debian/patches/CVE-2014-8138.dpatch: validate channel number in
    jasper/src/libjasper/jp2/jp2_dec.c.
  - CVE-2014-8138
* SECURITY UPDATE: denial of service or code execution via off-by-one
  - debian/patches/CVE-2014-8157.dpatch: fix off-by-one in
    jasper/src/libjasper/jpc/jpc_dec.c.
  - CVE-2014-8157
* SECURITY UPDATE: denial of service or code execution via memory
  corruption
  - debian/patches/CVE-2014-8158.dpatch: remove HAVE_VLA to use more
    sensible buffer sizes in jasper/src/libjasper/jpc/jpc_qmfb.c.
  - CVE-2014-8158

Author: Till Kamppeter
Revision Date: 2014-05-15 18:36:44 UTC

debian/patches/1003_gdevcups-fix-cupsrasteropen-pwg-raster.patch:
The CUPS Raster output device generated incorrect PWG Raster output
because it called cupsRasterOpen() without the required
CUPS_RASTER_WRITE_PWG mode setting. Due to the output never being
tested with an IPP Everywhere printer but only with software which
also accepts CUPS Raster, the bug did not get discovered until testing
the output against the mime type recognition of CUPS where it failed.

Author: Till Kamppeter
Revision Date: 2014-05-15 18:36:44 UTC

debian/patches/1003_gdevcups-fix-cupsrasteropen-pwg-raster.patch:
The CUPS Raster output device generated incorrect PWG Raster output
because it called cupsRasterOpen() without the required
CUPS_RASTER_WRITE_PWG mode setting. Due to the output never being
tested with an IPP Everywhere printer but only with software which
also accepts CUPS Raster, the bug did not get discovered until testing
the output against the mime type recognition of CUPS where it failed.

Author: Till Kamppeter
Revision Date: 2014-03-31 18:24:33 UTC

* debian/patches/1001_pxlcolor-support-jpeg-in-output.patch,
  debian/patches/020140331-4b44b41-pxlcolor-support-jpeg-in-output.patch:
  Replaced preliminary patch by what got actually committed upstream
  (Upstream bug #691880).
* debian/patches/020140331-41ab485-pxl-transform-deep-images-with-icc-transform-to-emit-high-level-images.patch,
  debian/patches/020140331-8ae4ee2-fixes-pxl-segfault-with-trying-to-set-up-icc-transform-for-bitmasks.patch:
  Transform deep (24-bit) images with an ICC transform to emit high-level
  images (Upstream bug #691880).
* debian/patches/1002_pxl-make-dicctransform-default.patch: Make deep iamge
  ICC transform default (Upstream bug #695124).

Author: Till Kamppeter
Revision Date: 2013-09-03 17:42:33 UTC

debian/patches/020130903-5ae4180-ps-interpreter-dont-interpolate-imagemask-data-for-high-level-devices.patch:
PS Interpreter: Do not interpolate imagemask data for high level devices.
This accelerates processing files with embedded bitmap images when the
output device is a high-level (vector) device. In this case an explicit
"-dNOINTERPOLATE" on the command line is not needed any more.

Author: Till Kamppeter
Revision Date: 2013-09-03 17:42:33 UTC

debian/patches/020130903-5ae4180-ps-interpreter-dont-interpolate-imagemask-data-for-high-level-devices.patch:
PS Interpreter: Do not interpolate imagemask data for high level devices.
This accelerates processing files with embedded bitmap images when the
output device is a high-level (vector) device. In this case an explicit
"-dNOINTERPOLATE" on the command line is not needed any more.

Author: Jamie Strandboge
Revision Date: 2013-07-30 16:03:01 UTC

* SECURITY UPDATE: incorporate IcedTea fixes for lcms2
  - debian/patches/ojdk-8007925+8007926.patch: Improve
    cmsStageAllocLabV2ToV4curves. Improve cmsPipelineDup.
  - debian/patches/ojdk-8007927.patch: Improve
    cmsAllocProfileSequenceDescription.
  - debian/patches/ojdk-8007929.patch: Improve CurvesAlloc.
  - debian/patches/ojdk-8009654.patch: Improve stability of cmsnamed.

Author: Jamie Strandboge
Revision Date: 2013-07-30 16:03:01 UTC

* SECURITY UPDATE: incorporate IcedTea fixes for lcms2
  - debian/patches/ojdk-8007925+8007926.patch: Improve
    cmsStageAllocLabV2ToV4curves. Improve cmsPipelineDup.
  - debian/patches/ojdk-8007927.patch: Improve
    cmsAllocProfileSequenceDescription.
  - debian/patches/ojdk-8007929.patch: Improve CurvesAlloc.
  - debian/patches/ojdk-8009654.patch: Improve stability of cmsnamed.

Author: Till Kamppeter
Revision Date: 2013-04-01 13:58:30 UTC

debian/patches/020130401-852e545-pxl-xl-driver-produced-drawing-commands-without-setting-color-space.patch:
PCL-XL driver (pxlmono/pxlcolor) could produce drawing commands without
setting the color space.

Author: Till Kamppeter
Revision Date: 2013-04-01 13:58:30 UTC

debian/patches/020130401-852e545-pxl-xl-driver-produced-drawing-commands-without-setting-color-space.patch:
PCL-XL driver (pxlmono/pxlcolor) could produce drawing commands without
setting the color space.

Author: Till Kamppeter
Revision Date: 2012-10-12 12:03:27 UTC

debian/patches/020121012-bfae0b9-fix-bounding-box.patch: Fixed
BoundingBox entry generation (LP: #1035667, Upstream bug #693293).

Author: Till Kamppeter
Revision Date: 2012-10-12 12:03:27 UTC

debian/patches/020121012-bfae0b9-fix-bounding-box.patch: Fixed
BoundingBox entry generation (LP: #1035667, Upstream bug #693293).

Author: Marc Deslauriers
Revision Date: 2012-09-21 08:58:24 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  icclib overflow
  - debian/patches/CVE-2012-4405.dpatch: validate input channels in
    icclib/icc.c.
  - CVE-2012-4405

Author: Marc Deslauriers
Revision Date: 2012-09-21 08:58:24 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  icclib overflow
  - debian/patches/CVE-2012-4405.dpatch: validate input channels in
    icclib/icc.c.
  - CVE-2012-4405

Author: Till Kamppeter
Revision Date: 2012-08-28 21:07:13 UTC

debian/patches/020120828-535d11e-disable-checking-for-the-max-pdf-object-number-during-pdf-linearisation.patch:
Disable checking for the max pdf object number during PDF linearisation,
because linearisation adds a few new objects to the PDF file (LP: #1032366).

Author: Mathieu Trudel-Lapierre
Revision Date: 2012-06-06 18:52:58 UTC

debian/rules: remove the ./Resource/CMap/Identity-UTF16-H files from the
DEB_UPSTREAM_REPACKAGE_EXCLUDES list. Due to an error in the previous
upload it found its way in the source tarball.

Author: Till Kamppeter
Revision Date: 2012-03-29 15:41:13 UTC

debian/patches/020120329-be64563-pdfwrite-when-a-charstring-is-not-found-for-a-glyph-use-the-notdef-width-instead-of-0.patch:
The "pdfwrite" output device uses zero and not the width of /.notdef whn
using /.notdef for a glyph not found in an embedded font. This leads to
wrong spacing in a PostScript file missing a space glyph (LP: #960989,
upstream bug #692944).

Author: Till Kamppeter
Revision Date: 2011-01-26 09:25:59 UTC

debian/patches/020120125-83ce7cf-pattern-clist-improperly-cleared.patch:
Some PDFs where rendered incompletely when using high resolutions.
(LP: #902599).

Author: Marc Deslauriers
Revision Date: 2011-12-20 14:09:50 UTC

* SECURITY UPDATE: integer overflows via integer multiplication for
  memory allocation
  - debian/patches/CVE-2008-352x.dpatch: introduce new size-checked
    allocation functions and use them in:
    * jasper/src/libjasper/base/{jas_cm.c,jas_icc.c,jas_image.c,
      jas_malloc.c,jas_seq.c}
    * jasper/src/libjasper/bmp/bmp_dec.c
    * jasper/src/libjasper/include/jasper/jas_malloc.h
    * jasper/src/libjasper/jp2/{jp2_cod.c,jp2_dec.c,jp2_enc.c}
    * jasper/src/libjasper/jpc/{jpc_cs.c,jpc_dec.c,jpc_enc.c,jpc_mqdec.c,
      jpc_mqenc.c,jpc_qmfb.c,jpc_t1enc.c,jpc_t2cod.c,jpc_t2dec.c,
      jpc_t2enc.c,jpc_tagtree.c,jpc_util.c}
    * jasper/src/libjasper/mif/mif_cod.c
  - CVE-2008-3520
* SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
  - debian/patches/CVE-2008-352x.dpatch: use vsnprintf() in
    jasper/src/libjasper/base/jas_stream.c
  - CVE-2008-3522
* SECURITY UPDATE: denial of service and possible code execution via
  heap-based buffer overflows.
  - debian/patches/CVE-2011-451x.dpatch: validate compparms->numrlvls
    and allocate proper size in jasper/src/libjasper/jpc/jpc_cs.c.
  - CVE-2011-4516
  - CVE-2011-4517

Author: Marc Deslauriers
Revision Date: 2011-12-20 14:09:50 UTC

* SECURITY UPDATE: integer overflows via integer multiplication for
  memory allocation
  - debian/patches/CVE-2008-352x.dpatch: introduce new size-checked
    allocation functions and use them in:
    * jasper/src/libjasper/base/{jas_cm.c,jas_icc.c,jas_image.c,
      jas_malloc.c,jas_seq.c}
    * jasper/src/libjasper/bmp/bmp_dec.c
    * jasper/src/libjasper/include/jasper/jas_malloc.h
    * jasper/src/libjasper/jp2/{jp2_cod.c,jp2_dec.c,jp2_enc.c}
    * jasper/src/libjasper/jpc/{jpc_cs.c,jpc_dec.c,jpc_enc.c,jpc_mqdec.c,
      jpc_mqenc.c,jpc_qmfb.c,jpc_t1enc.c,jpc_t2cod.c,jpc_t2dec.c,
      jpc_t2enc.c,jpc_tagtree.c,jpc_util.c}
    * jasper/src/libjasper/mif/mif_cod.c
  - CVE-2008-3520
* SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
  - debian/patches/CVE-2008-352x.dpatch: use vsnprintf() in
    jasper/src/libjasper/base/jas_stream.c
  - CVE-2008-3522
* SECURITY UPDATE: denial of service and possible code execution via
  heap-based buffer overflows.
  - debian/patches/CVE-2011-451x.dpatch: validate compparms->numrlvls
    and allocate proper size in jasper/src/libjasper/jpc/jpc_cs.c.
  - CVE-2011-4516
  - CVE-2011-4517

Author: Till Kamppeter
Revision Date: 2011-01-26 09:25:59 UTC

debian/patches/020120125-83ce7cf-pattern-clist-improperly-cleared.patch:
Some PDFs where rendered incompletely when using high resolutions.
(LP: #902599).

Author: Steve Langasek
Revision Date: 2011-11-06 18:50:39 UTC

releasing version 9.04~dfsg-2ubuntu1

Author: Till Kamppeter
Revision Date: 2011-10-06 09:00:00 UTC

debian/patches/020111005-d5f1e72-clist-fix-for-rgbw-color-mode.patch:
Fixed color handling in clist (banding) mode to correctly support RGBW
color space (LP: #864509, Upstream bug 692568).

Author: Matthias Klose
Revision Date: 2011-04-01 14:15:37 UTC

gs-common: Reintroduce dependency on ghostscript, still too many packages
assuming gs-common has the binaries.

Author: Till Kamppeter
Revision Date: 2010-09-20 18:57:20 UTC

debian/control: Updated versioned dependency of ghostscript on gsfonts,
we need at least gsfonts 1:8.11+urwcyr1.0.7~pre44-4.1 now due to the
dropping of defoma.

Author: Till Kamppeter
Revision Date: 2010-07-19 19:15:20 UTC

debian/patches/ps2pdf-hyperlinks.dpatch: Let ps2pdf create proper hyperlinks
(LP: #583990, upstream bug #691344).

Author: Marc Deslauriers
Revision Date: 2010-07-09 15:04:05 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in errprintf function
  - debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
  - CVE-2009-4270
* SECURITY UPDATE: arbitrary code execution via unlimited recursive
  procedure invocations (LP: #546009)
  - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
    all allocations were successful in psi/ialloc.c, psi/idosave.h,
    psi/isave.c.
  - CVE-2010-1628
* SECURITY UPDATE: arbitrary code execution via crafted PostScript file
  (LP: #546009)
  - debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
    psi/int.mak, psi/iscan.c, psi/iscan.h.
  - CVE-2010-1869

Author: Marc Deslauriers
Revision Date: 2010-07-12 12:08:54 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in errprintf function
  - debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
  - CVE-2009-4270
* SECURITY UPDATE: arbitrary code execution via unlimited recursive
  procedure invocations (LP: #546009)
  - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
    all allocations were successful in psi/ialloc.c, psi/idosave.h,
    psi/isave.c.
  - CVE-2010-1628
* SECURITY UPDATE: arbitrary code execution via crafted PostScript file
  (LP: #546009)
  - debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
    psi/int.mak, psi/iscan.c, psi/iscan.h.
  - CVE-2010-1869
* SECURITY UPDATE: arbitrary code execution via long names
  - debian/patches/security-long-names.dpatch: check against maximum size
    in psi/iscan.c.
  - No CVE number yet.

Author: Marc Deslauriers
Revision Date: 2010-07-09 15:04:05 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in errprintf function
  - debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
  - CVE-2009-4270
* SECURITY UPDATE: arbitrary code execution via unlimited recursive
  procedure invocations (LP: #546009)
  - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
    all allocations were successful in psi/ialloc.c, psi/idosave.h,
    psi/isave.c.
  - CVE-2010-1628
* SECURITY UPDATE: arbitrary code execution via crafted PostScript file
  (LP: #546009)
  - debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
    psi/int.mak, psi/iscan.c, psi/iscan.h.
  - CVE-2010-1869

Author: Marc Deslauriers
Revision Date: 2010-07-12 12:08:54 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in errprintf function
  - debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
  - CVE-2009-4270
* SECURITY UPDATE: arbitrary code execution via unlimited recursive
  procedure invocations (LP: #546009)
  - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
    all allocations were successful in psi/ialloc.c, psi/idosave.h,
    psi/isave.c.
  - CVE-2010-1628
* SECURITY UPDATE: arbitrary code execution via crafted PostScript file
  (LP: #546009)
  - debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
    psi/int.mak, psi/iscan.c, psi/iscan.h.
  - CVE-2010-1869
* SECURITY UPDATE: arbitrary code execution via long names
  - debian/patches/security-long-names.dpatch: check against maximum size
    in psi/iscan.c.
  - No CVE number yet.

Author: James Westby
Revision Date: 2010-04-06 14:13:02 UTC

Switch to target lucid.

Author: James Westby
Revision Date: 2010-04-06 14:13:02 UTC

Switch to target lucid.

Author: Josh Holland
Revision Date: 2010-04-02 07:33:39 UTC

Add my patch to debian/patches/00list - dpatch-edit-patch didn't for some reason

Author: Till Kamppeter
Revision Date: 2009-10-12 14:57:08 UTC

debian/patches/cljet5-mediasize-fix.dpatch: Upstream fix for the media
size handling of the "cljet5" printer driver.

Author: Marc Deslauriers
Revision Date: 2009-04-09 09:27:31 UTC

* SECURITY UPDATE: possible arbitrary code execution via JBIG2 symbol
  dictionary segments
  - debian/patches/41_CVE-2009-0196.dpatch: validate size of runlength
    in export symbol table in jbig2dec/jbig2_symbol_dict.c.
  - CVE-2009-0196
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via integer overflows in icclib
  - debian/patches/42_CVE-2009-0792.dpatch: fix numerous overflows in
    icclib/icc.c.
  - CVE-2009-0792

Author: Marc Deslauriers
Revision Date: 2009-04-09 10:23:53 UTC

* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via BaseFont writer module
  - debian/patches/74_CVE-2008-6679.dpatch: increase size of buffer in
    src/gdevpdtb.c.
  - CVE-2008-6679
* SECURITY UPDATE: possible arbitrary code execution via JBIG2 symbol
  dictionary segments
  - debian/patches/75_CVE-2009-0196.dpatch: validate size of runlength
    in export symbol table in jbig2dec/jbig2_symbol_dict.c.
  - CVE-2009-0196
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via integer overflows in icclib
  - debian/patches/76_CVE-2009-0792.dpatch: fix numerous overflows in
    icclib/icc.c.
  - CVE-2009-0792

Author: Till Kamppeter
Revision Date: 2008-01-22 16:39:22 UTC

debian/patches/72_gs-setpd-ps-duplex-fix.dpatch: Duplex printing did not
work in some cases (LP: #308817).

Author: Marc Deslauriers
Revision Date: 2009-03-22 19:37:27 UTC

* SECURITY UPDATE: Arbitrary code execution due to integer overflows and
  insufficient upper-bounds checks in the ICC library
  - debian/patches/44_CVE-2009-0583_0584.dpatch: fix multiple integer
    overflows and perform bounds checking in icclib/icc.c.
  - CVE-2009-0583
  - CVE-2009-0584

Author: Marc Deslauriers
Revision Date: 2009-04-09 10:23:53 UTC

* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via BaseFont writer module
  - debian/patches/74_CVE-2008-6679.dpatch: increase size of buffer in
    src/gdevpdtb.c.
  - CVE-2008-6679
* SECURITY UPDATE: possible arbitrary code execution via JBIG2 symbol
  dictionary segments
  - debian/patches/75_CVE-2009-0196.dpatch: validate size of runlength
    in export symbol table in jbig2dec/jbig2_symbol_dict.c.
  - CVE-2009-0196
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via integer overflows in icclib
  - debian/patches/76_CVE-2009-0792.dpatch: fix numerous overflows in
    icclib/icc.c.
  - CVE-2009-0792

Author: Till Kamppeter
Revision Date: 2008-10-19 12:48:22 UTC

* debian/patches/42_gs-init-ps-delaybind-fix.dpatch: Make "ps2ascii" working
  again (LP: #281419, upstream bug #690124).

* debian/patches/45_bjc600-bjc800-pdf-input.dpatch: Fix setting of the
  "DitheringType" option. With PDF input Ghostscript crashes, with
  PostScript input the "DitheringType" option was probably ignored
  (Upstream bug #690032).

* debian/patches/48_cups-output-device-pdf-duplex-uninitialized-memory.patch.dpatch:
  Fixed several bugs in the "cups" (CUPS Raster) output device:
   - Ghostscript crashed with PDF input data
   - The "Duplex" and "MediaWeight" options were ignored
   - There was uninitialized memory and wrong usage of pointers, potential
     cause for segmentation faults or even vulnerabilities
   - There were mismatches in data types, leading to possible breakage
     of the "AdvanceDistance", "MediaWeight", and "cupsStringXX" options.
  (Upstream bug #690101).

Author: Jamie Strandboge
Revision Date: 2008-04-08 11:58:11 UTC

* SECURITY UPDATE: buffer overflow in color space handling code
* debian/patches/31_CVE-2008-0411.dpatch: fix zseticcspace() to perform
  range checks
* References
  CVE-2008-0411

Author: Marc Deslauriers
Revision Date: 2009-03-22 19:37:27 UTC

* SECURITY UPDATE: Arbitrary code execution due to integer overflows and
  insufficient upper-bounds checks in the ICC library
  - debian/patches/44_CVE-2009-0583_0584.dpatch: fix multiple integer
    overflows and perform bounds checking in icclib/icc.c.
  - CVE-2009-0583
  - CVE-2009-0584

Author: Till Kamppeter
Revision Date: 2007-12-12 12:17:43 UTC

debian/patches/42_print_encrypted_PDFs_from_adobe_reader_8.dpatch:
Fixed printing of encrypted PDF files from Adobe Reader 8.1.1. This is
the real fix now and not only a workaround. (Ghostscript bug #689577,
Ubuntu bug LP: #172264).

Author: Martin Pitt
Revision Date: 2007-10-09 23:00:28 UTC

[ Till Kamppeter ]
* debian/rules: Install missing *.upp files (usptream bug, LP: #150985).

[ Martin Pitt ]
* debian/rules: Clean files from package ghostscript which are moved to
  ghostscript-doc on i386 (where arch-all packages are built). On all
  non-i386 platforms the files remained in the main package, which causes
  file conflicts and unnecessary package growth. This is a quick hack for
  Gutsy. In Hardy, this horribly broken build system should be fixed
  properly.