ubuntu/+source/ghostscript:applied/ubuntu/jaunty-updates

Last commit made on 2010-07-13
Get this branch:
git clone -b applied/ubuntu/jaunty-updates https://git.launchpad.net/ubuntu/+source/ghostscript
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/jaunty-updates
Repository:
lp:ubuntu/+source/ghostscript

Recent commits

89bcbe3... by Marc Deslauriers on 2010-07-12

Import patches-applied version 8.64.dfsg.1-0ubuntu8.1 to applied/ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: a2def7f852773ac23c4cd63c90b97e658b31e828
Unapplied parent: 21e5f462ec137f318594510a64b96bf43a543b56

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    buffer overflow in errprintf function
    - debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
    - CVE-2009-4270
  * SECURITY UPDATE: arbitrary code execution via unlimited recursive
    procedure invocations (LP: #546009)
    - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
      all allocations were successful in psi/ialloc.c, psi/idosave.h,
      psi/isave.c.
    - CVE-2010-1628
  * SECURITY UPDATE: arbitrary code execution via crafted PostScript file
    (LP: #546009)
    - debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
      psi/int.mak, psi/iscan.c, psi/iscan.h.
    - CVE-2010-1869
  * SECURITY UPDATE: arbitrary code execution via long names
    - debian/patches/security-long-names.dpatch: check against maximum size
      in psi/iscan.c.
    - No CVE number yet.

21e5f46... by Marc Deslauriers on 2010-07-12

Import patches-unapplied version 8.64.dfsg.1-0ubuntu8.1 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 1519f2333a360fc7a3eeeb0cbff64a247ec6b4d8

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    buffer overflow in errprintf function
    - debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
    - CVE-2009-4270
  * SECURITY UPDATE: arbitrary code execution via unlimited recursive
    procedure invocations (LP: #546009)
    - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
      all allocations were successful in psi/ialloc.c, psi/idosave.h,
      psi/isave.c.
    - CVE-2010-1628
  * SECURITY UPDATE: arbitrary code execution via crafted PostScript file
    (LP: #546009)
    - debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
      psi/int.mak, psi/iscan.c, psi/iscan.h.
    - CVE-2010-1869
  * SECURITY UPDATE: arbitrary code execution via long names
    - debian/patches/security-long-names.dpatch: check against maximum size
      in psi/iscan.c.
    - No CVE number yet.

a2def7f... by Marc Deslauriers on 2009-04-09

Import patches-applied version 8.64.dfsg.1-0ubuntu8 to applied/ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 7a96d8481a179d31855dc6f2c67edd190a6ff65c
Unapplied parent: 1519f2333a360fc7a3eeeb0cbff64a247ec6b4d8

New changelog entries:
  * SECURITY UPDATE: possible arbitrary code execution via JBIG2 symbol
    dictionary segments
    - debian/patches/41_CVE-2009-0196.dpatch: validate size of runlength
      in export symbol table in jbig2dec/jbig2_symbol_dict.c.
    - CVE-2009-0196
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via integer overflows in icclib
    - debian/patches/42_CVE-2009-0792.dpatch: fix numerous overflows in
      icclib/icc.c.
    - CVE-2009-0792

1519f23... by Marc Deslauriers on 2009-04-09

Import patches-unapplied version 8.64.dfsg.1-0ubuntu8 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 0f2cd610b13677022557c0a2e7d50855e56d78ec

New changelog entries:
  * SECURITY UPDATE: possible arbitrary code execution via JBIG2 symbol
    dictionary segments
    - debian/patches/41_CVE-2009-0196.dpatch: validate size of runlength
      in export symbol table in jbig2dec/jbig2_symbol_dict.c.
    - CVE-2009-0196
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via integer overflows in icclib
    - debian/patches/42_CVE-2009-0792.dpatch: fix numerous overflows in
      icclib/icc.c.
    - CVE-2009-0792

7a96d84... by Till Kamppeter on 2009-04-05

Import patches-applied version 8.64.dfsg.1-0ubuntu7 to applied/ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 315fff8523278e09b5c3da142bffcce3f8e57c1e
Unapplied parent: 0f2cd610b13677022557c0a2e7d50855e56d78ec

New changelog entries:
  * debian/patches/40_pdfwrite-numcopies.dpatch: PDF output device of
    Ghostscript did not take into account /#copies or /NumCopies in the
    PostScript input, which made some applications, like OpenOffice.org
    print only one copy also if more than one copy is requested. No
    Ghostscript prints multiple copies with "pdfwrite" if it is called
    with "-dDoNumCopies" (LP: #320391, upstream bug #690355).

0f2cd61... by Till Kamppeter on 2009-04-05

Import patches-unapplied version 8.64.dfsg.1-0ubuntu7 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: ecfcbfe48132dd6155c380289e7f1f881dc3065b

New changelog entries:
  * debian/patches/40_pdfwrite-numcopies.dpatch: PDF output device of
    Ghostscript did not take into account /#copies or /NumCopies in the
    PostScript input, which made some applications, like OpenOffice.org
    print only one copy also if more than one copy is requested. No
    Ghostscript prints multiple copies with "pdfwrite" if it is called
    with "-dDoNumCopies" (LP: #320391, upstream bug #690355).

315fff8... by Marc Deslauriers on 2009-03-27

Import patches-applied version 8.64.dfsg.1-0ubuntu6 to applied/ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: a9efae1acf92c45c798de26452d6bac585b9312e
Unapplied parent: ecfcbfe48132dd6155c380289e7f1f881dc3065b

New changelog entries:
  * SECURITY UPDATE: Arbitrary code execution due to integer overflows and
    insufficient upper-bounds checks in the ICC library
    - debian/patches/38_CVE-2009-0583_0584.dpatch: fix multiple integer
      overflows and perform bounds checking in icclib/icc.c.
    - CVE-2009-0583
    - CVE-2009-0584

ecfcbfe... by Marc Deslauriers on 2009-03-27

Import patches-unapplied version 8.64.dfsg.1-0ubuntu6 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: d27c02a52d3f452553991a9d361b4cab3ca74967

New changelog entries:
  * SECURITY UPDATE: Arbitrary code execution due to integer overflows and
    insufficient upper-bounds checks in the ICC library
    - debian/patches/38_CVE-2009-0583_0584.dpatch: fix multiple integer
      overflows and perform bounds checking in icclib/icc.c.
    - CVE-2009-0583
    - CVE-2009-0584

a9efae1... by Till Kamppeter on 2009-03-25

Import patches-applied version 8.64.dfsg.1-0ubuntu5 to applied/ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: c000fcb0f4fd898de5ffa5afe9caaba639b5b8c1
Unapplied parent: d27c02a52d3f452553991a9d361b4cab3ca74967

New changelog entries:
  * debian/patches/00list: Really apply the patch for LP: #333429.
  * debian/patches/37_fix-segfault-in-cups-raster-output-device.dpatch:
    Fixed segfault in the "cups" (CUPS Raster) output device of Ghostscript
    (LP: #333429, upstream bug 690338).
  * debian/ghostscript.postinst: Silenced non-fatal error messages when
    post-install script updates PPDs and there are PPDs not belonging to
    a CUPS queue in /etc/cups/ppd/ (LP: #345866).

d27c02a... by Till Kamppeter on 2009-03-25

Import patches-unapplied version 8.64.dfsg.1-0ubuntu5 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 69aa15c43f47bd472cc68ee22ac90e279b178cd6

New changelog entries:
  * debian/patches/00list: Really apply the patch for LP: #333429.
  * debian/patches/37_fix-segfault-in-cups-raster-output-device.dpatch:
    Fixed segfault in the "cups" (CUPS Raster) output device of Ghostscript
    (LP: #333429, upstream bug 690338).
  * debian/ghostscript.postinst: Silenced non-fatal error messages when
    post-install script updates PPDs and there are PPDs not belonging to
    a CUPS queue in /etc/cups/ppd/ (LP: #345866).