ubuntu/+source/ghostscript:applied/ubuntu/maverick-security

Last commit made on 2012-01-04
Get this branch:
git clone -b applied/ubuntu/maverick-security https://git.launchpad.net/ubuntu/+source/ghostscript
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/maverick-security
Repository:
lp:ubuntu/+source/ghostscript

Recent commits

80f2870... by Marc Deslauriers on 2011-12-20

Import patches-applied version 8.71.dfsg.2-0ubuntu7.1 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: faf4d19f8313ac04905db9e5f0594b50674fc73f
Unapplied parent: 45cb2be53b005e9c26f1460d5c5336c22560fc3f

New changelog entries:
  * SECURITY UPDATE: integer overflows via integer multiplication for
    memory allocation
    - debian/patches/CVE-2008-352x.dpatch: introduce new size-checked
      allocation functions and use them in:
      * jasper/src/libjasper/base/{jas_cm.c,jas_icc.c,jas_image.c,
        jas_malloc.c,jas_seq.c}
      * jasper/src/libjasper/bmp/bmp_dec.c
      * jasper/src/libjasper/include/jasper/jas_malloc.h
      * jasper/src/libjasper/jp2/{jp2_cod.c,jp2_dec.c,jp2_enc.c}
      * jasper/src/libjasper/jpc/{jpc_cs.c,jpc_dec.c,jpc_enc.c,jpc_mqdec.c,
        jpc_mqenc.c,jpc_qmfb.c,jpc_t1enc.c,jpc_t2cod.c,jpc_t2dec.c,
        jpc_t2enc.c,jpc_tagtree.c,jpc_util.c}
      * jasper/src/libjasper/mif/mif_cod.c
    - CVE-2008-3520
  * SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
    - debian/patches/CVE-2008-352x.dpatch: use vsnprintf() in
      jasper/src/libjasper/base/jas_stream.c
    - CVE-2008-3522
  * SECURITY UPDATE: denial of service and possible code execution via
    heap-based buffer overflows.
    - debian/patches/CVE-2011-451x.dpatch: validate compparms->numrlvls
      and allocate proper size in jasper/src/libjasper/jpc/jpc_cs.c.
    - CVE-2011-4516
    - CVE-2011-4517

45cb2be... by Marc Deslauriers on 2011-12-20

Import patches-unapplied version 8.71.dfsg.2-0ubuntu7.1 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: b5e4e5a6e1628ba65dd340590c1decf0401438a6

New changelog entries:
  * SECURITY UPDATE: integer overflows via integer multiplication for
    memory allocation
    - debian/patches/CVE-2008-352x.dpatch: introduce new size-checked
      allocation functions and use them in:
      * jasper/src/libjasper/base/{jas_cm.c,jas_icc.c,jas_image.c,
        jas_malloc.c,jas_seq.c}
      * jasper/src/libjasper/bmp/bmp_dec.c
      * jasper/src/libjasper/include/jasper/jas_malloc.h
      * jasper/src/libjasper/jp2/{jp2_cod.c,jp2_dec.c,jp2_enc.c}
      * jasper/src/libjasper/jpc/{jpc_cs.c,jpc_dec.c,jpc_enc.c,jpc_mqdec.c,
        jpc_mqenc.c,jpc_qmfb.c,jpc_t1enc.c,jpc_t2cod.c,jpc_t2dec.c,
        jpc_t2enc.c,jpc_tagtree.c,jpc_util.c}
      * jasper/src/libjasper/mif/mif_cod.c
    - CVE-2008-3520
  * SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
    - debian/patches/CVE-2008-352x.dpatch: use vsnprintf() in
      jasper/src/libjasper/base/jas_stream.c
    - CVE-2008-3522
  * SECURITY UPDATE: denial of service and possible code execution via
    heap-based buffer overflows.
    - debian/patches/CVE-2011-451x.dpatch: validate compparms->numrlvls
      and allocate proper size in jasper/src/libjasper/jpc/jpc_cs.c.
    - CVE-2011-4516
    - CVE-2011-4517

faf4d19... by Till Kamppeter on 2010-09-20

Import patches-applied version 8.71.dfsg.2-0ubuntu7 to applied/ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 80f3a3a9768a51690c3a13d4bff358726767d94e
Unapplied parent: b5e4e5a6e1628ba65dd340590c1decf0401438a6

New changelog entries:
  * debian/control: Updated versioned dependency of ghostscript on gsfonts,
    we need at least gsfonts 1:8.11+urwcyr1.0.7~pre44-4.1 now due to the
    dropping of defoma.

b5e4e5a... by Till Kamppeter on 2010-09-20

Import patches-unapplied version 8.71.dfsg.2-0ubuntu7 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 35a4c5cef93bb584dd958356ab62c987883c895f

New changelog entries:
  * debian/control: Updated versioned dependency of ghostscript on gsfonts,
    we need at least gsfonts 1:8.11+urwcyr1.0.7~pre44-4.1 now due to the
    dropping of defoma.

80f3a3a... by Till Kamppeter on 2010-09-01

Import patches-applied version 8.71.dfsg.2-0ubuntu6 to applied/ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 38dc4bf3a062f916b113d5aced2654065c2ac0c2
Unapplied parent: 35a4c5cef93bb584dd958356ab62c987883c895f

New changelog entries:
  * debian/patches/substractive-gray-fix: Fixed the handling of substractive
    monochrome/grayscale color spaces by the PDF interpreter. Such color
    space is often used by the CUPS Raster output device, especially by
    Gutenprint on monochrome laser printers.

35a4c5c... by Till Kamppeter on 2010-09-01

Import patches-unapplied version 8.71.dfsg.2-0ubuntu6 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: f24122d8dbeb47279940079a544a9d4e95432f76

New changelog entries:
  * debian/patches/substractive-gray-fix: Fixed the handling of substractive
    monochrome/grayscale color spaces by the PDF interpreter. Such color
    space is often used by the CUPS Raster output device, especially by
    Gutenprint on monochrome laser printers.

38dc4bf... by Till Kamppeter on 2010-08-12

Import patches-applied version 8.71.dfsg.2-0ubuntu5 to applied/ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: d8ce7dc07490685a3d78b24dc424176b6a747b7d
Unapplied parent: f24122d8dbeb47279940079a544a9d4e95432f76

New changelog entries:
  * debian/patches/cups-raster-fixes.dpatch: Do not do over-verbose debug
    logging. This made rendering sigificantly slower and also made it more
    difficult to read the CUPS error_log file (Upstream bug #690581).

f24122d... by Till Kamppeter on 2010-08-12

Import patches-unapplied version 8.71.dfsg.2-0ubuntu5 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 78cdfb6006534acdeff2c42ea962330eb804a858

New changelog entries:
  * debian/patches/cups-raster-fixes.dpatch: Do not do over-verbose debug
    logging. This made rendering sigificantly slower and also made it more
    difficult to read the CUPS error_log file (Upstream bug #690581).

d8ce7dc... by Till Kamppeter on 2010-07-19

Import patches-applied version 8.71.dfsg.2-0ubuntu4 to applied/ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 80ee804601e2a946056dde866ee4ff4f6a2f4954
Unapplied parent: 78cdfb6006534acdeff2c42ea962330eb804a858

New changelog entries:
  * debian/patches/cups-raster-fixes.dpatch: Added following fixes to the
    patch:
     o Eliminated compiler warning appearing after the recent memory
       reallocation fixes.
     o Support CUPS Raster level 2 (compressed) output (Upstream bug #689885).
     o Improved memory management: Automatic buffer size determination if
       RIP_MAX_CACHE variable is not set or not a non-zero number, BufferSpace
       size is same as MaxBitmap, not 1/10 (Upstream bug #691499).
     o Reallocate memory also if color depth changes during the job (Upstream
       bug #690435).
  * debian/patches/x11-device-do-not-create-huge-windows.dpatch: Some input
    files made Ghostscript opening a huge window, much bigger than the usual
    desktop, and sometimes using up all the computer's memory and making the
    computer crash (Upstream bug #690444).
  * debian/patches/check-all-pdfs-for-transparency.dpatch: Transparency in
    PDFs is was only introduced in PDF 1.4 according to the Adobe specs, but
    there are PDFs claiming to be of an older standard but they contain
    transparency. With this patch all PDFs are checked for transparency
    (Upstream bug #691273).
  * debian/patches/pdf-rendering-performance.dpatch: Improved PDF rendering
    performance by replacing the standard C floor() function by a simple macro
    (Upstream bug #691504).
  * debian/patches/x11-device-modularization-fixes.dpatch: Assorted fixes in
    the modularization of the X11 output devices (Upstream bug #691510).
  * debian/patches/device-n-init-variables-to-avoid-segfault.dpatch: Added
    some missing initializations in DeviceN to avoid possible segmentation
    faults (Upstream bug #690428).
  * debian/patches/fix-imagem-output-device.dpatch: Fixed double-free
    corruption of "imagen" output device (Upstream bug #690561).

78cdfb6... by Till Kamppeter on 2010-07-19

Import patches-unapplied version 8.71.dfsg.2-0ubuntu4 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: d5fb75784dfd1ed2890734da651b16ed14272b8e

New changelog entries:
  * debian/patches/cups-raster-fixes.dpatch: Added following fixes to the
    patch:
     o Eliminated compiler warning appearing after the recent memory
       reallocation fixes.
     o Support CUPS Raster level 2 (compressed) output (Upstream bug #689885).
     o Improved memory management: Automatic buffer size determination if
       RIP_MAX_CACHE variable is not set or not a non-zero number, BufferSpace
       size is same as MaxBitmap, not 1/10 (Upstream bug #691499).
     o Reallocate memory also if color depth changes during the job (Upstream
       bug #690435).
  * debian/patches/x11-device-do-not-create-huge-windows.dpatch: Some input
    files made Ghostscript opening a huge window, much bigger than the usual
    desktop, and sometimes using up all the computer's memory and making the
    computer crash (Upstream bug #690444).
  * debian/patches/check-all-pdfs-for-transparency.dpatch: Transparency in
    PDFs is was only introduced in PDF 1.4 according to the Adobe specs, but
    there are PDFs claiming to be of an older standard but they contain
    transparency. With this patch all PDFs are checked for transparency
    (Upstream bug #691273).
  * debian/patches/pdf-rendering-performance.dpatch: Improved PDF rendering
    performance by replacing the standard C floor() function by a simple macro
    (Upstream bug #691504).
  * debian/patches/x11-device-modularization-fixes.dpatch: Assorted fixes in
    the modularization of the X11 output devices (Upstream bug #691510).
  * debian/patches/device-n-init-variables-to-avoid-segfault.dpatch: Added
    some missing initializations in DeviceN to avoid possible segmentation
    faults (Upstream bug #690428).
  * debian/patches/fix-imagem-output-device.dpatch: Fixed double-free
    corruption of "imagen" output device (Upstream bug #690561).