-
50d4e58...
by
Salvatore Bonaccorso
on 2018-04-29
-
Import patches-unapplied version 9.06~dfsg-2+deb8u7 to debian/jessie
Imported using git-ubuntu import.
Changelog parent: 917507a4c9a20532b0dea730759d702f3ae1114b
New changelog entries:
* Non-maintainer upload.
* Segfault with fuzzing file in gxht_thresh_image_init
* Buffer overflow in fill_threshold_buffer (CVE-2016-10317)
(Closes: #860869)
* pdfwrite - Guard against trying to output an infinite number
(CVE-2018-10194) (Closes: #896069)
-
917507a...
by
Salvatore Bonaccorso
on 2017-09-28
-
Import patches-unapplied version 9.06~dfsg-2+deb8u6 to debian/jessie
Imported using git-ubuntu import.
Changelog parent: f07a6e0675170bc43a1d2c4a69f206c3168e26e5
New changelog entries:
* Non-maintainer upload by the Security Team.
* Bounds check the array allocations methods (CVE-2017-9835)
(Closes: #869907)
* Bounds check zone pointer in Ins_MIRP() (CVE-2017-9611) (Closes: #869917)
* Bounds check zone pointers in Ins_IP() (CVE-2017-9612) (Closes: #869916)
* Bounds check zone pointer in Ins_MDRP (CVE-2017-9726) (Closes: #869915)
* Make bounds check in gx_ttfReader__Read more robust (CVE-2017-9727)
(Closes: #869913)
* Bounds check Ins_JMPR (CVE-2017-9739) (Closes: #869910)
* Prevent trying to reloc a freed object (CVE-2017-11714) (Closes: #869977)
-
f07a6e0...
by
Salvatore Bonaccorso
on 2017-04-28
-
Import patches-unapplied version 9.06~dfsg-2+deb8u5 to debian/jessie
Imported using git-ubuntu import.
Changelog parent: 3e1f5d61a7cb70d5f7a7dc37078e8c6d273afc94
New changelog entries:
* Non-maintainer upload by the Security Team.
* Avoid divide by 0 in scan conversion code (CVE-2016-10219) (Closes:
#859666)
* fix crash with bad data supplied to makeimagedevice (CVE-2016-10220)
(Closes: #859694)
* use the correct param list enumerator (CVE-2017-5951) (Closes: #859696)
* Ensure a device has raster memory, before trying to read it
(CVE-2017-7207) (Closes: #858350)
* -dSAFER bypass and remote command execution via a "/OutputFile (%pipe%"
substring (CVE-2017-8291) (Closes: #861295)
-
3e1f5d6...
by
Salvatore Bonaccorso
on 2016-10-27
-
Import patches-unapplied version 9.06~dfsg-2+deb8u4 to debian/jessie
Imported using git-ubuntu import.
Changelog parent: 0e272c18f97fb2ce0e43ea02ee4dc4085ca0074a
New changelog entries:
* Non-maintainer upload by the Security Team.
* Add 840691-Fix-.locksafe.patch patch.
Fixes regression seen with zathura and evince. Fix .locksafe. We need to
.forceput the defintion of getenv into systemdict.
Thanks to Edgar Fuß <email address hidden> (Closes: #840691)
* Non-maintainer upload by the Security Team.
* CVE-2016-8602: check for sufficient params in .sethalftone5 and param
types (Closes: #840451)
* Non-maintainer upload by the Security Team.
* CVE-2013-5653: Information disclosure through getenv, filenameforall
(Closes: #839118)
* CVE-2016-7976: Various userparams allow %pipe% in paths, allowing remote
shell command execution (Closes: #839260)
* CVE-2016-7977: .libfile doesn't check PermitFileReading array, allowing
remote file disclosure (Closes: #839841)
* CVE-2016-7978: reference leak in .setdevice allows use-after-free and
remote code execution (Closes: #839845)
* CVE-2016-7979: type confusion in .initialize_dsc_parser allows remote code
execution (Closes: #839846)
-
0e272c1...
by
Salvatore Bonaccorso
on 2015-07-26
-
Import patches-unapplied version 9.06~dfsg-2+deb8u1 to debian/jessie
Imported using git-ubuntu import.
Changelog parent: 1d60b0087a2afef4e2ea20a0b7f40b25c0766232
New changelog entries:
* Non-maintainer upload by the Security Team.
* Add CVE-2015-3228.patch patch.
CVE-2015-3228: Integer overflow in gs_heap_alloc_bytes() (Closes: #793489)
-
1d60b00...
by
Didier Raboud
on 2015-01-09
-
Import patches-unapplied version 9.06~dfsg-2 to debian/sid
Imported using git-ubuntu import.
Changelog parent: 31595b7669dad3f752d820dc619b8a8d6b8762d5
New changelog entries:
* Add patch cherry-picked from Ghostscript 9.14 (AGPL) to fix /typecheck error in
/findfont. Mention the explicit agreement to include that patch in a GPL
Ghostscript in the patch description from the original author.
(Closes: #732440)
* Ack NMU, thanks!
-
31595b7...
by
YunQiang Su <email address hidden>
on 2014-10-14
-
Import patches-unapplied version 9.06~dfsg-1.1 to debian/sid
Imported using git-ubuntu import.
Changelog parent: a665f92f1591d6bc14b8aefb4a4e4d3ddf71a7ed
New changelog entries:
* Non-maintainer upload.
* Symbols file: add mips64 and mips64el to 64bit list;
mips64el and mipsn32el to le arch list to file. (Closes: 727179)
-
a665f92...
by
Didier Raboud
on 2014-08-27
-
Import patches-unapplied version 9.06~dfsg-1 to debian/sid
Imported using git-ubuntu import.
Changelog parent: 64c9ddfbffb518efa225ea7ea044065983d4a352
New changelog entries:
* Team upload
[ upstream ]
* New release.
Highlights:
+ PDF/A-2 - pdfwrite now supports the creation of PDF/A-2 files.
+ pdfwrite "Server mode" - pdfwrite can now be run in "server mode".
+ pdfwrite now supports the "%d" format in the OutputFile switch.
+ ps2write now emits PostScript in slightly different ways in order
to produce output on a wider variety of devices.
+ Ghostscript can now use output intents defined in PDFs.
+ tiffsep/tiffsep1: support for large numbers of separations
improved.
+ tiffsep, psdcmyk and psdrgb now support the "downscaler"
functionality.
+ clist storage, for rendering pages in bands, is now a run-time
option.
[ Jonas Smedegaard ]
* Update copyright file:
+ Fix merge some Files entries.
+ Tidy copyright holders to match new upstream release.
+ List upstream develpment mailinglist as preferred upstream
contact.
* Update repackaging:
+ Strip icclib.
Drop corresponding entries in copyright file.
Drop patch for CVE-2012-4405.
+ Stop strip CMap file Identity-UTF16-H: Explicitly declared in
LICENSE (with a double negative) as GPL-3+~Artifex licensed.
+ Stop strip CMap files: not shipped since 9.06.
* Drop patches 0* now included upstream and 1* adopted upstream.
* Unfuzz all patches, and update patch 2003.
* Update package relations:
+ Build-depend on recent libopenjpeg-dev (not libjasper-dev):
JasPer support deprecated (will be dropped in 9.07).
+ Build-depend on libregexp-assemble-perl, libfont-ttf-perl and
libimage-exiftool-perl: Needed for extracting metadata from ICC,
PDF, and fonts.
+ Stop build-depending on liblcms1-dev: icc34.h now included
upstream (outside of the convenience code copy of lcms1 project).
Closes: Bug#745529. Thanks to Moritz Muehlenhoff.
+ Stop build-depending on libdbus-1-dev: CUPS filters no longer
built.
+ Stop suggesting hpijs: Correct would be for said package (or
rather its successor printer-driver-hpijs - or any add-on driver)
to declare "Enhances: ghostscript" instead.
* Disable broken omni driver.
* Use canonical hostname (anonscm.debian.org) in Vcs-Git URI.
* Add patch 1001 to document inkcov device.
* Extract metadata from ICC, PDF, and truetype files before copyright
check.
* Stop building CUPS filters, and drop binary package
ghostscript-cups: Ghostscript-based CUPS filters obsolete (will be
dropped upstream in 9.09).
Closes: bug#735612. Thanks to Adrian Bunk and Didier 'OdyX' Raboud.
* Avoid building CUPS driver or checking symbols file when
bootstrapping an architecture.
Closes: bug#717827. Thanks to Matthias Klose and Daniel Schepler.
* Update Vcs-* fields: Packaging git moved to printing area of Alioth.
* Stop explicitly xz-compressing binary packages: Done by default now.
* Fix avoid hardcoded (and broken, by now) ABI in fallback font path.
* Document in README.Debian linkage against unpatched OpenJPEG (i.e.
lacking JPEG2000 color calibration) in README.Debian.
* Move ICC profiles to shared dir, to allow reuse by others.
* Bump standards-version to 3.9.5.
* Update symbols file (79 new, 29 dropped).
* Add patch cherry-picked upstream, to avoid icclib.
Closes: Bug#531624. Thanks to Moritz Muehlenhoff.
[ Didier Raboud ]
* Add libjasper-dev as Build-Depend, let the two symbols back in
* Ack NMU, thanks!
-
64c9ddf...
by
Andreas Barth <email address hidden>
on 2014-08-17
-
Import patches-unapplied version 9.05~dfsg-9.1 to debian/sid
Imported using git-ubuntu import.
Changelog parent: 8700050d608e45d25a8e42f4be85299b28276fbc
New changelog entries:
* Non-maintainer upload.
* Add ppc64el to symbols file. Closes: #751917
-
8700050...
by
Michael Gilbert <email address hidden>
on 2014-08-08
-
Import patches-unapplied version 9.05~dfsg-9 to debian/sid
Imported using git-ubuntu import.
Changelog parent: f31c7b3b3a6414367b829b83958d4347ef0a47b5
New changelog entries:
* Update my email address.
* Build against lcms2 (closes: #745529).