Branches for Jaunty

Name Status Last Modified Last Commit
lp:ubuntu/jaunty/ghostscript 2 Mature 2009-07-08 22:07:41 UTC 2009-07-08
50. * SECURITY UPDATE: possible arbitrary...

Author: Marc Deslauriers
Revision Date: 2009-04-09 09:27:31 UTC

* SECURITY UPDATE: possible arbitrary code execution via JBIG2 symbol
  dictionary segments
  - debian/patches/41_CVE-2009-0196.dpatch: validate size of runlength
    in export symbol table in jbig2dec/jbig2_symbol_dict.c.
  - CVE-2009-0196
* SECURITY UPDATE: denial of service and possible arbitrary code
  execution via integer overflows in icclib
  - debian/patches/42_CVE-2009-0792.dpatch: fix numerous overflows in
    icclib/icc.c.
  - CVE-2009-0792

lp:ubuntu/jaunty-security/ghostscript bug 2 Mature 2010-07-13 18:30:43 UTC 2010-07-13
51. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2010-07-12 12:08:54 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in errprintf function
  - debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
  - CVE-2009-4270
* SECURITY UPDATE: arbitrary code execution via unlimited recursive
  procedure invocations (LP: #546009)
  - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
    all allocations were successful in psi/ialloc.c, psi/idosave.h,
    psi/isave.c.
  - CVE-2010-1628
* SECURITY UPDATE: arbitrary code execution via crafted PostScript file
  (LP: #546009)
  - debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
    psi/int.mak, psi/iscan.c, psi/iscan.h.
  - CVE-2010-1869
* SECURITY UPDATE: arbitrary code execution via long names
  - debian/patches/security-long-names.dpatch: check against maximum size
    in psi/iscan.c.
  - No CVE number yet.

lp:ubuntu/jaunty-updates/ghostscript 2 Mature 2010-07-13 19:07:50 UTC 2010-07-13
51. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2010-07-12 12:08:54 UTC

* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in errprintf function
  - debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
  - CVE-2009-4270
* SECURITY UPDATE: arbitrary code execution via unlimited recursive
  procedure invocations (LP: #546009)
  - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
    all allocations were successful in psi/ialloc.c, psi/idosave.h,
    psi/isave.c.
  - CVE-2010-1628
* SECURITY UPDATE: arbitrary code execution via crafted PostScript file
  (LP: #546009)
  - debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
    psi/int.mak, psi/iscan.c, psi/iscan.h.
  - CVE-2010-1869
* SECURITY UPDATE: arbitrary code execution via long names
  - debian/patches/security-long-names.dpatch: check against maximum size
    in psi/iscan.c.
  - No CVE number yet.

13 of 3 results