Ubuntu
ghostscript package

ubuntu/+source/ghostscript:applied/ubuntu/disco-proposed

  1. Git
  2. lp:ubuntu/+source/ghostscript
  3. applied/ubuntu/disco-proposed
Last commit made on 2019-03-21
Get this branch:
git clone -b applied/ubuntu/disco-proposed https://git.launchpad.net/ubuntu/+source/ghostscript
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/disco-proposed
Repository:
lp:ubuntu/+source/ghostscript

Recent commits

c477d9e... by Marc Deslauriers on 2019-03-21

Import patches-applied version 9.26~dfsg+0-0ubuntu7 to applied/ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: b9ccd2bbc96563f1fe22825171ba7f8af42e3a45
Unapplied parent: 91742d40be9cbee8403d64db71a08681ef164653

New changelog entries:
  * SECURITY UPDATE: superexec operator is available
    - debian/patches/CVE-2019-3835-pre1.patch: Have gs_cet.ps run from
      gs_init.ps in Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps.
    - debian/patches/CVE-2019-3835-pre2.patch: Undef /odef in
      Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps.
    - debian/patches/CVE-2019-3835-1.patch: restrict superexec and remove
      it in Resource/Init/gs_cet.ps, Resource/Init/gs_dps1.ps,
      Resource/Init/gs_fonts.ps, Resource/Init/gs_init.ps,
      Resource/Init/gs_ttf.ps, Resource/Init/gs_type1.ps.
    - debian/patches/CVE-2019-3835-2.patch: obliterate superexec in
      Resource/Init/gs_init.ps, psi/icontext.c, psi/icstate.h,
      psi/zcontrol.c, psi/zdict.c, psi/zgeneric.c.
    - CVE-2019-3835
  * SECURITY UPDATE: forceput in DefineResource is still accessible
    - debian/patches/CVE-2019-3838-1.patch: make a transient proc
      executeonly in Resource/Init/gs_res.ps.
    - debian/patches/CVE-2019-3838-2.patch: an extra transient proc needs
      executeonly in Resource/Init/gs_res.ps.
    - CVE-2019-3838

91742d4... by Marc Deslauriers on 2019-03-21

[PATCH] Bug 700576(redux): an extra transient proc needs

Gbp-Pq: CVE-2019-3838-2.patch.

e6fcac6... by Marc Deslauriers on 2019-03-21

[PATCH] Bug 700576: Make a transient proc executeonly (in

Gbp-Pq: CVE-2019-3838-1.patch.

a69ba3f... by Marc Deslauriers on 2019-03-21

[PATCH] Bug 700585: Obliterate "superexec". We don't need it, nor do

Gbp-Pq: CVE-2019-3835-2.patch.

6a5c4c5... by Marc Deslauriers on 2019-03-21

[PATCH] Fix bug 700585: Restrict superexec and remove it from

Gbp-Pq: CVE-2019-3835-1.patch.

fb632c3... by Marc Deslauriers on 2019-03-21

[PATCH] Undef /odef in gs_init.ps

Gbp-Pq: CVE-2019-3835-pre2.patch.

c257f29... by Marc Deslauriers on 2019-03-21

[PATCH] Have gs_cet.ps run from gs_init.ps

Gbp-Pq: CVE-2019-3835-pre1.patch.

bacdaad... by Marc Deslauriers on 2019-03-21

[PATCH] Bug 700584 Cups device

Gbp-Pq: lp1815339-2.patch.

2ace5c5... by Marc Deslauriers on 2019-03-21

[PATCH] Bug 700584: cups device

Gbp-Pq: lp1815339.patch.

204eb83... by Marc Deslauriers on 2019-03-21

[PATCH] Bug700317: Address .force* operators exposure

Gbp-Pq: CVE-2019-6116.patch.