Branches for Maverick

Name Status Last Modified Last Commit
lp:ubuntu/maverick/ghostscript bug 2 Mature 2010-09-20 18:57:20 UTC 2010-09-20
77. debian/control: Updated versioned dep...

Author: Till Kamppeter
Revision Date: 2010-09-20 18:57:20 UTC

debian/control: Updated versioned dependency of ghostscript on gsfonts,
we need at least gsfonts 1:8.11+urwcyr1.0.7~pre44-4.1 now due to the
dropping of defoma.

lp:ubuntu/maverick-security/ghostscript 2 Mature 2012-01-04 22:22:53 UTC 2012-01-04
78. * SECURITY UPDATE: integer overflows ...

Author: Marc Deslauriers
Revision Date: 2011-12-20 14:09:50 UTC

* SECURITY UPDATE: integer overflows via integer multiplication for
  memory allocation
  - debian/patches/CVE-2008-352x.dpatch: introduce new size-checked
    allocation functions and use them in:
    * jasper/src/libjasper/base/{jas_cm.c,jas_icc.c,jas_image.c,
      jas_malloc.c,jas_seq.c}
    * jasper/src/libjasper/bmp/bmp_dec.c
    * jasper/src/libjasper/include/jasper/jas_malloc.h
    * jasper/src/libjasper/jp2/{jp2_cod.c,jp2_dec.c,jp2_enc.c}
    * jasper/src/libjasper/jpc/{jpc_cs.c,jpc_dec.c,jpc_enc.c,jpc_mqdec.c,
      jpc_mqenc.c,jpc_qmfb.c,jpc_t1enc.c,jpc_t2cod.c,jpc_t2dec.c,
      jpc_t2enc.c,jpc_tagtree.c,jpc_util.c}
    * jasper/src/libjasper/mif/mif_cod.c
  - CVE-2008-3520
* SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
  - debian/patches/CVE-2008-352x.dpatch: use vsnprintf() in
    jasper/src/libjasper/base/jas_stream.c
  - CVE-2008-3522
* SECURITY UPDATE: denial of service and possible code execution via
  heap-based buffer overflows.
  - debian/patches/CVE-2011-451x.dpatch: validate compparms->numrlvls
    and allocate proper size in jasper/src/libjasper/jpc/jpc_cs.c.
  - CVE-2011-4516
  - CVE-2011-4517

lp:ubuntu/maverick-updates/ghostscript 2 Mature 2012-01-04 22:23:00 UTC 2012-01-04
78. * SECURITY UPDATE: integer overflows ...

Author: Marc Deslauriers
Revision Date: 2011-12-20 14:09:50 UTC

* SECURITY UPDATE: integer overflows via integer multiplication for
  memory allocation
  - debian/patches/CVE-2008-352x.dpatch: introduce new size-checked
    allocation functions and use them in:
    * jasper/src/libjasper/base/{jas_cm.c,jas_icc.c,jas_image.c,
      jas_malloc.c,jas_seq.c}
    * jasper/src/libjasper/bmp/bmp_dec.c
    * jasper/src/libjasper/include/jasper/jas_malloc.h
    * jasper/src/libjasper/jp2/{jp2_cod.c,jp2_dec.c,jp2_enc.c}
    * jasper/src/libjasper/jpc/{jpc_cs.c,jpc_dec.c,jpc_enc.c,jpc_mqdec.c,
      jpc_mqenc.c,jpc_qmfb.c,jpc_t1enc.c,jpc_t2cod.c,jpc_t2dec.c,
      jpc_t2enc.c,jpc_tagtree.c,jpc_util.c}
    * jasper/src/libjasper/mif/mif_cod.c
  - CVE-2008-3520
* SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
  - debian/patches/CVE-2008-352x.dpatch: use vsnprintf() in
    jasper/src/libjasper/base/jas_stream.c
  - CVE-2008-3522
* SECURITY UPDATE: denial of service and possible code execution via
  heap-based buffer overflows.
  - debian/patches/CVE-2011-451x.dpatch: validate compparms->numrlvls
    and allocate proper size in jasper/src/libjasper/jpc/jpc_cs.c.
  - CVE-2011-4516
  - CVE-2011-4517

lp:~ubuntu-branches/ubuntu/maverick/ghostscript/maverick-201005141232 (Has a merge proposal) 1 Development 2010-05-14 12:32:38 UTC 2010-05-14
69. Switch to target lucid.

Author: James Westby
Revision Date: 2010-04-06 14:13:02 UTC

Switch to target lucid.

14 of 4 results