ubuntu/+source/ghostscript:applied/ubuntu/precise-security

Last commit made on 2017-04-28
Get this branch:
git clone -b applied/ubuntu/precise-security https://git.launchpad.net/ubuntu/+source/ghostscript
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/precise-security
Repository:
lp:ubuntu/+source/ghostscript

Recent commits

18a37f0... by Steve Beattie on 2017-04-28

Import patches-applied version 9.05~dfsg-0ubuntu4.5 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 8232d42cc6c4146db9f505771400467378378d2d
Unapplied parent: bc5041882b576cf97241b0869e2c7f02ee30444a

New changelog entries:
  * SECURITY UPDATE: invalid handling of parameters to .eqproc and
    .rsdparams allowed disabling -dSAFER and thus code execution
    - debian/patches/CVE-2017-8291-1.patch: check .eqproc parameters
    - debian/patches/CVE-2017-8291-2.patch: check .rsdparams parameters
    - CVE-2017-8291
  * SECURITY UPDATE: use-after-free in color management module.
    - CVE-2016-10217.patch: Don't create new ctx when pdf14 device
      reenabled
    - CVE-2016-10217
  * SECURITY UPDATE: divide-by-zero error denial of service in
    base/gxfill.c
    - CVE-2016-10219.patch: check for 0 in denominator
    - CVE-2016-10219
  * SECURITY UPDATE: null pointer dereference denial of service
    - CVE-2016-10220.patch: initialize device data structure correctly
    - CVE-2016-10220
  * SECURITY UPDATE: null pointer dereference denial of service
    - CVE-2017-5951.patch: use the correct param list enumerator
    - CVE-2017-5951
  * SECURITY UPDATE: null pointer dereference denial of service
    - CVE-2017-7207.patch: ensure a device has raster memory, before
      trying to read it
    - CVE-2017-7207

bc50418... by Steve Beattie on 2017-04-28

[PATCH] Bug 697799: have .rsdparams check its parameters

Gbp-Pq: CVE-2017-8291-2.patch.

6f9ff9e... by Steve Beattie on 2017-04-28

[PATCH] Bug 697799: have .eqproc check its parameters

Gbp-Pq: CVE-2017-8291-1.patch.

e3ca290... by Steve Beattie on 2017-04-28

[PATCH] Ensure a device has raster memory, before trying to read it.

Gbp-Pq: CVE-2017-7207.patch.

dea2912... by Steve Beattie on 2017-04-28

[PATCH] Bug 697548: use the correct param list enumerator

Gbp-Pq: CVE-2017-5951.patch.

683d52e... by Steve Beattie on 2017-04-28

[PATCH] fix crash with bad data supplied to makeimagedevice

Gbp-Pq: CVE-2016-10220.patch.

97e17ef... by Steve Beattie on 2017-04-28

[PATCH] Bug 697453: Avoid divide by 0 in scan conversion code.

Gbp-Pq: CVE-2016-10219.patch.

4a94c5f... by Steve Beattie on 2017-04-28

[PATCH] Bug 697456. Dont create new ctx when pdf14 device reenabled

Gbp-Pq: CVE-2016-10217.patch.

8017695... by Steve Beattie on 2017-04-28

CVE-2016-8602: check for sufficient params in .sethalftone5 and param types

Gbp-Pq: CVE-2016-8602.patch.

42e051e... by Steve Beattie on 2017-04-28

CVE-2016-7979: type confusion in .initialize_dsc_parser allows remote code execution

Gbp-Pq: CVE-2016-7979.patch.