ubuntu/+source/ghostscript:applied/ubuntu/hardy-updates

Last commit made on 2012-09-24
Get this branch:
git clone -b applied/ubuntu/hardy-updates https://git.launchpad.net/ubuntu/+source/ghostscript
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/hardy-updates
Repository:
lp:ubuntu/+source/ghostscript

Recent commits

f99c231... by Marc Deslauriers on 2012-09-21

Import patches-applied version 8.61.dfsg.1-1ubuntu3.5 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 660749ee32eee3bffdeb14825c67e1fa04eef001
Unapplied parent: 3eaa4d8ae564e371fb837b9593f447494ce35778

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    icclib overflow
    - debian/patches/CVE-2012-4405.dpatch: validate input channels in
      icclib/icc.c.
    - CVE-2012-4405

3eaa4d8... by Marc Deslauriers on 2012-09-21

Import patches-unapplied version 8.61.dfsg.1-1ubuntu3.5 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 180d296a199a127afcf5c564d6a31a7cf9537607

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    icclib overflow
    - debian/patches/CVE-2012-4405.dpatch: validate input channels in
      icclib/icc.c.
    - CVE-2012-4405

660749e... by Marc Deslauriers on 2011-12-20

Import patches-applied version 8.61.dfsg.1-1ubuntu3.4 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 09266ea955e04433bc90350d4812d5a2febe1533
Unapplied parent: 180d296a199a127afcf5c564d6a31a7cf9537607

New changelog entries:
  * SECURITY UPDATE: integer overflows via integer multiplication for
    memory allocation
    - debian/patches/CVE-2008-352x.dpatch: introduce new size-checked
      allocation functions and use them in:
      * jasper/src/libjasper/base/{jas_cm.c,jas_icc.c,jas_image.c,
        jas_malloc.c,jas_seq.c}
      * jasper/src/libjasper/bmp/bmp_dec.c
      * jasper/src/libjasper/include/jasper/jas_malloc.h
      * jasper/src/libjasper/jp2/{jp2_cod.c,jp2_dec.c,jp2_enc.c}
      * jasper/src/libjasper/jpc/{jpc_cs.c,jpc_dec.c,jpc_enc.c,jpc_mqdec.c,
        jpc_mqenc.c,jpc_qmfb.c,jpc_t1enc.c,jpc_t2cod.c,jpc_t2dec.c,
        jpc_t2enc.c,jpc_tagtree.c,jpc_util.c}
      * jasper/src/libjasper/mif/mif_cod.c
    - CVE-2008-3520
  * SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
    - debian/patches/CVE-2008-352x.dpatch: use vsnprintf() in
      jasper/src/libjasper/base/jas_stream.c
    - CVE-2008-3522
  * SECURITY UPDATE: arbitrary code execution or denial of service via
    off-by-one in TrueType interpreter.
    - debian/patches/CVE-2009-3743.dpatch: check for null in src/ttinterp.c.
    - CVE-2009-3743
  * SECURITY UPDATE: denial of service via crafted font data
    - debian/patches/CVE-2010-4054.dpatch: check for null pointers in
      src/{gsgdata.c,gstype1.c,gstype2.c,gxtype1.c}.
    - CVE-2010-4054
  * SECURITY UPDATE: denial of service and possible code execution via
    heap-based buffer overflows.
    - debian/patches/CVE-2011-451x.dpatch: validate compparms->numrlvls
      and allocate proper size in jasper/src/libjasper/jpc/jpc_cs.c.
    - CVE-2011-4516
    - CVE-2011-4517

180d296... by Marc Deslauriers on 2011-12-20

Import patches-unapplied version 8.61.dfsg.1-1ubuntu3.4 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 770666fa4f770ae6f45ef7dc22d013b801a3d22f

New changelog entries:
  * SECURITY UPDATE: integer overflows via integer multiplication for
    memory allocation
    - debian/patches/CVE-2008-352x.dpatch: introduce new size-checked
      allocation functions and use them in:
      * jasper/src/libjasper/base/{jas_cm.c,jas_icc.c,jas_image.c,
        jas_malloc.c,jas_seq.c}
      * jasper/src/libjasper/bmp/bmp_dec.c
      * jasper/src/libjasper/include/jasper/jas_malloc.h
      * jasper/src/libjasper/jp2/{jp2_cod.c,jp2_dec.c,jp2_enc.c}
      * jasper/src/libjasper/jpc/{jpc_cs.c,jpc_dec.c,jpc_enc.c,jpc_mqdec.c,
        jpc_mqenc.c,jpc_qmfb.c,jpc_t1enc.c,jpc_t2cod.c,jpc_t2dec.c,
        jpc_t2enc.c,jpc_tagtree.c,jpc_util.c}
      * jasper/src/libjasper/mif/mif_cod.c
    - CVE-2008-3520
  * SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
    - debian/patches/CVE-2008-352x.dpatch: use vsnprintf() in
      jasper/src/libjasper/base/jas_stream.c
    - CVE-2008-3522
  * SECURITY UPDATE: arbitrary code execution or denial of service via
    off-by-one in TrueType interpreter.
    - debian/patches/CVE-2009-3743.dpatch: check for null in src/ttinterp.c.
    - CVE-2009-3743
  * SECURITY UPDATE: denial of service via crafted font data
    - debian/patches/CVE-2010-4054.dpatch: check for null pointers in
      src/{gsgdata.c,gstype1.c,gstype2.c,gxtype1.c}.
    - CVE-2010-4054
  * SECURITY UPDATE: denial of service and possible code execution via
    heap-based buffer overflows.
    - debian/patches/CVE-2011-451x.dpatch: validate compparms->numrlvls
      and allocate proper size in jasper/src/libjasper/jpc/jpc_cs.c.
    - CVE-2011-4516
    - CVE-2011-4517

09266ea... by Marc Deslauriers on 2010-07-12

Import patches-applied version 8.61.dfsg.1-1ubuntu3.3 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 7958f09c9bc41262188157d72ac21d509e900d00
Unapplied parent: 770666fa4f770ae6f45ef7dc22d013b801a3d22f

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via unlimited recursive
    procedure invocations (LP: #546009)
    - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
      all allocations were successful in src/ialloc.c, src/idosave.h,
      src/isave.c.
    - CVE-2010-1628
  * SECURITY UPDATE: arbitrary code execution via crafted PostScript file
    (LP: #546009)
    - debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
      src/int.mak, src/iscan.c, src/iscan.h.
    - CVE-2010-1869
  * SECURITY UPDATE: arbitrary code execution via long names
    - debian/patches/security-long-names.dpatch: check against maximum size
      in psi/iscan.c.
    - No CVE number yet.

770666f... by Marc Deslauriers on 2010-07-12

Import patches-unapplied version 8.61.dfsg.1-1ubuntu3.3 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: e900ea617330a2ab07a7ecdab506af2a11b09c50

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via unlimited recursive
    procedure invocations (LP: #546009)
    - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
      all allocations were successful in src/ialloc.c, src/idosave.h,
      src/isave.c.
    - CVE-2010-1628
  * SECURITY UPDATE: arbitrary code execution via crafted PostScript file
    (LP: #546009)
    - debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
      src/int.mak, src/iscan.c, src/iscan.h.
    - CVE-2010-1869
  * SECURITY UPDATE: arbitrary code execution via long names
    - debian/patches/security-long-names.dpatch: check against maximum size
      in psi/iscan.c.
    - No CVE number yet.

7958f09... by Marc Deslauriers on 2009-04-09

Import patches-applied version 8.61.dfsg.1-1ubuntu3.2 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: ed66808aed85f055e4d6eb971f6c27fdaef72c5b
Unapplied parent: e900ea617330a2ab07a7ecdab506af2a11b09c50

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via buffer underflow in the CCITTFax decoding filter
    - debian/patches/33_CVE-2007-6725.dpatch: work around the buffer
      underflow in src/scfd.c.
    - CVE-2007-6725
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via BaseFont writer module
    - debian/patches/34_CVE-2008-6679.dpatch: increase size of buffer in
      src/gdevpdtb.c.
    - CVE-2008-6679
  * SECURITY UPDATE: possible arbitrary code execution via JBIG2 symbol
    dictionary segments
    - debian/patches/35_CVE-2009-0196.dpatch: validate size of runlength
      in export symbol table in jbig2dec/jbig2_symbol_dict.c.
    - CVE-2009-0196
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via integer overflows in icclib
    - debian/patches/36_CVE-2009-0792.dpatch: fix numerous overflows in
      icclib/icc.c.
    - CVE-2009-0792

e900ea6... by Marc Deslauriers on 2009-04-09

Import patches-unapplied version 8.61.dfsg.1-1ubuntu3.2 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 8ad36e7a04f4f35e437f9483e2d4535476280cbb

New changelog entries:
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via buffer underflow in the CCITTFax decoding filter
    - debian/patches/33_CVE-2007-6725.dpatch: work around the buffer
      underflow in src/scfd.c.
    - CVE-2007-6725
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via BaseFont writer module
    - debian/patches/34_CVE-2008-6679.dpatch: increase size of buffer in
      src/gdevpdtb.c.
    - CVE-2008-6679
  * SECURITY UPDATE: possible arbitrary code execution via JBIG2 symbol
    dictionary segments
    - debian/patches/35_CVE-2009-0196.dpatch: validate size of runlength
      in export symbol table in jbig2dec/jbig2_symbol_dict.c.
    - CVE-2009-0196
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via integer overflows in icclib
    - debian/patches/36_CVE-2009-0792.dpatch: fix numerous overflows in
      icclib/icc.c.
    - CVE-2009-0792

ed66808... by Marc Deslauriers on 2009-03-23

Import patches-applied version 8.61.dfsg.1-1ubuntu3.1 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 32921079165e3f2394e0121f516dad6f3c309704
Unapplied parent: 8ad36e7a04f4f35e437f9483e2d4535476280cbb

New changelog entries:
  * SECURITY UPDATE: Arbitrary code execution due to integer overflows and
    insufficient upper-bounds checks in the ICC library
    - debian/patches/32_CVE-2009-0583_0584.dpatch: fix multiple integer
      overflows and perform bounds checking in icclib/icc.c.
    - CVE-2009-0583
    - CVE-2009-0584

8ad36e7... by Marc Deslauriers on 2009-03-23

Import patches-unapplied version 8.61.dfsg.1-1ubuntu3.1 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 5b0ff1de1218f0cecdef453ac32fb09d2cb9d08b

New changelog entries:
  * SECURITY UPDATE: Arbitrary code execution due to integer overflows and
    insufficient upper-bounds checks in the ICC library
    - debian/patches/32_CVE-2009-0583_0584.dpatch: fix multiple integer
      overflows and perform bounds checking in icclib/icc.c.
    - CVE-2009-0583
    - CVE-2009-0584