Changelog
gs-esp (8.15.2.dfsg.0ubuntu1-0ubuntu1.2) dapper-security; urgency=low
* SECURITY UPDATE: Arbitrary code execution due to integer overflows and
insufficient upper-bounds checks in the ICC library
- debian/patches/06_CVE-2009-0583_0584.dpatch: fix multiple integer
overflows and perform bounds checking in icclib/icc.c.
- CVE-2009-0583
- CVE-2009-0584
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via buffer underflow in the CCITTFax decoding filter
- debian/patches/07_CVE-2007-6725.dpatch: work around the buffer
underflow in src/scfd.c.
- CVE-2007-6725
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via BaseFont writer module
- debian/patches/08_CVE-2008-6679.dpatch: increase size of buffer in
src/gdevpdtb.c.
- CVE-2008-6679
* SECURITY UPDATE: possible arbitrary code execution via JBIG2 symbol
dictionary segments
- debian/patches/09_CVE-2009-0196.dpatch: validate size of runlength
in export symbol table in jbig2dec/jbig2_symbol_dict.c.
- CVE-2009-0196
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via integer overflows in icclib
- debian/patches/10_CVE-2009-0792.dpatch: fix numerous overflows in
icclib/icc.c.
- CVE-2009-0792
-- Marc Deslauriers <email address hidden> Thu, 09 Apr 2009 13:50:18 -0400