ubuntu/+source/ghostscript:applied/ubuntu/bionic-security

Last commit made on 2019-08-29
Get this branch:
git clone -b applied/ubuntu/bionic-security https://git.launchpad.net/ubuntu/+source/ghostscript
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/bionic-security
Repository:
lp:ubuntu/+source/ghostscript

Recent commits

28cf669... by Steve Beattie on 2019-08-28

Import patches-applied version 9.26~dfsg+0-0ubuntu0.18.04.11 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 19fd4cd14a455af06ab60d9b5b531f2552cfade4
Unapplied parent: b71050cf22dd232739766f789999762a103e84a1

New changelog entries:
  * SECURITY UPDATE: '-dSAFER' restrictions bypass by .forceput
    Exposures
    - debian/patches/CVE-2019-14811-CVE-2019-14812-CVE-2019-14813.patch:
      Be more defensive by preventing access to .forceput from
      .setuserparams2.
    - CVE-2019-14811
    - CVE-2019-14812
    - CVE-2019-14813
    - debian/patches/CVE-2019-14817.patch: mark more uses of .forceput
      as execteonly
    - CVE-2019-14817

b71050c... by Steve Beattie on 2019-08-28

[PATCH] PDF interpreter - review .forceput security

Gbp-Pq: CVE-2019-14817.patch.

327703b... by Steve Beattie on 2019-08-28

[PATCH] make .forceput inaccessible

Gbp-Pq: CVE-2019-14811-CVE-2019-14812-CVE-2019-14813.patch.

c849820... by Steve Beattie on 2019-08-28

[PATCH] Bug 701394: protect use of .forceput with executeonly

Gbp-Pq: CVE-2019-10216.patch.

d986375... by Steve Beattie on 2019-08-28

[PATCH] Fix lib/pdf2dsc.ps to use documented Ghostscript pdf

Gbp-Pq: CVE-2019-3839-2.patch.

031664b... by Steve Beattie on 2019-08-28

[PATCH] Hide pdfdict and GS_PDF_ProcSet (internal stuff for the PDF

Gbp-Pq: CVE-2019-3839-1.patch.

c039506... by Steve Beattie on 2019-08-28

[PATCH] Bug 700576(redux): an extra transient proc needs

Gbp-Pq: CVE-2019-3838-2.patch.

f7cd605... by Steve Beattie on 2019-08-28

[PATCH] Bug 700576: Make a transient proc executeonly (in

Gbp-Pq: CVE-2019-3838-1.patch.

fc43842... by Steve Beattie on 2019-08-28

[PATCH] Bug 700585: Obliterate "superexec". We don't need it, nor do

Gbp-Pq: CVE-2019-3835-2.patch.

08486aa... by Steve Beattie on 2019-08-28

[PATCH] Fix bug 700585: Restrict superexec and remove it from

Gbp-Pq: CVE-2019-3835-1.patch.