ubuntu/+source/ghostscript:applied/ubuntu/xenial-devel

Last commit made on 2019-08-29
Get this branch:
git clone -b applied/ubuntu/xenial-devel https://git.launchpad.net/ubuntu/+source/ghostscript
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/xenial-devel
Repository:
lp:ubuntu/+source/ghostscript

Recent commits

a44e5fc... by Steve Beattie on 2019-08-28

Import patches-applied version 9.26~dfsg+0-0ubuntu0.16.04.11 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: ff8b7ef98c8c8cc993f93425d81699f29cb528ec
Unapplied parent: bf655b05654d8b53beb657b9a1cc32cfa064156a

New changelog entries:
  * SECURITY UPDATE: '-dSAFER' restrictions bypass by .forceput
    Exposures
    - debian/patches/CVE-2019-14811-CVE-2019-14812-CVE-2019-14813.patch:
      Be more defensive by preventing access to .forceput from
      .setuserparams2.
    - CVE-2019-14811
    - CVE-2019-14812
    - CVE-2019-14813
    - debian/patches/CVE-2019-14817.patch: mark more uses of .forceput
      as execteonly
    - CVE-2019-14817

bf655b0... by Steve Beattie on 2019-08-28

[PATCH] PDF interpreter - review .forceput security

Gbp-Pq: CVE-2019-14817.patch.

1e9e21e... by Steve Beattie on 2019-08-28

[PATCH] make .forceput inaccessible

Gbp-Pq: CVE-2019-14811-CVE-2019-14812-CVE-2019-14813.patch.

c48b04e... by Steve Beattie on 2019-08-28

[PATCH] Bug 701394: protect use of .forceput with executeonly

Gbp-Pq: CVE-2019-10216.patch.

8344194... by Steve Beattie on 2019-08-28

[PATCH] Fix lib/pdf2dsc.ps to use documented Ghostscript pdf

Gbp-Pq: CVE-2019-3839-2.patch.

e0a6829... by Steve Beattie on 2019-08-28

[PATCH] Hide pdfdict and GS_PDF_ProcSet (internal stuff for the PDF

Gbp-Pq: CVE-2019-3839-1.patch.

bae71a8... by Steve Beattie on 2019-08-28

[PATCH] Bug 700576(redux): an extra transient proc needs

Gbp-Pq: CVE-2019-3838-2.patch.

11bebbc... by Steve Beattie on 2019-08-28

[PATCH] Bug 700576: Make a transient proc executeonly (in

Gbp-Pq: CVE-2019-3838-1.patch.

22a5280... by Steve Beattie on 2019-08-28

[PATCH] Bug 700585: Obliterate "superexec". We don't need it, nor do

Gbp-Pq: CVE-2019-3835-2.patch.

6e3ef9f... by Steve Beattie on 2019-08-28

[PATCH] Fix bug 700585: Restrict superexec and remove it from

Gbp-Pq: CVE-2019-3835-1.patch.