ubuntu/+source/ghostscript:debian/jessie

Last commit made on 2018-06-23
Get this branch:
git clone -b debian/jessie https://git.launchpad.net/ubuntu/+source/ghostscript
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/jessie
Repository:
lp:ubuntu/+source/ghostscript

Recent commits

50d4e58... by Salvatore Bonaccorso on 2018-04-29

Import patches-unapplied version 9.06~dfsg-2+deb8u7 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 917507a4c9a20532b0dea730759d702f3ae1114b

New changelog entries:
  * Non-maintainer upload.
  * Segfault with fuzzing file in gxht_thresh_image_init
  * Buffer overflow in fill_threshold_buffer (CVE-2016-10317)
    (Closes: #860869)
  * pdfwrite - Guard against trying to output an infinite number
    (CVE-2018-10194) (Closes: #896069)

917507a... by Salvatore Bonaccorso on 2017-09-28

Import patches-unapplied version 9.06~dfsg-2+deb8u6 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: f07a6e0675170bc43a1d2c4a69f206c3168e26e5

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Bounds check the array allocations methods (CVE-2017-9835)
    (Closes: #869907)
  * Bounds check zone pointer in Ins_MIRP() (CVE-2017-9611) (Closes: #869917)
  * Bounds check zone pointers in Ins_IP() (CVE-2017-9612) (Closes: #869916)
  * Bounds check zone pointer in Ins_MDRP (CVE-2017-9726) (Closes: #869915)
  * Make bounds check in gx_ttfReader__Read more robust (CVE-2017-9727)
    (Closes: #869913)
  * Bounds check Ins_JMPR (CVE-2017-9739) (Closes: #869910)
  * Prevent trying to reloc a freed object (CVE-2017-11714) (Closes: #869977)

f07a6e0... by Salvatore Bonaccorso on 2017-04-28

Import patches-unapplied version 9.06~dfsg-2+deb8u5 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 3e1f5d61a7cb70d5f7a7dc37078e8c6d273afc94

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Avoid divide by 0 in scan conversion code (CVE-2016-10219) (Closes:
    #859666)
  * fix crash with bad data supplied to makeimagedevice (CVE-2016-10220)
    (Closes: #859694)
  * use the correct param list enumerator (CVE-2017-5951) (Closes: #859696)
  * Ensure a device has raster memory, before trying to read it
    (CVE-2017-7207) (Closes: #858350)
  * -dSAFER bypass and remote command execution via a "/OutputFile (%pipe%"
    substring (CVE-2017-8291) (Closes: #861295)

3e1f5d6... by Salvatore Bonaccorso on 2016-10-27

Import patches-unapplied version 9.06~dfsg-2+deb8u4 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 0e272c18f97fb2ce0e43ea02ee4dc4085ca0074a

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Add 840691-Fix-.locksafe.patch patch.
    Fixes regression seen with zathura and evince. Fix .locksafe. We need to
    .forceput the defintion of getenv into systemdict.
    Thanks to Edgar Fuß <email address hidden> (Closes: #840691)
  * Non-maintainer upload by the Security Team.
  * CVE-2016-8602: check for sufficient params in .sethalftone5 and param
    types (Closes: #840451)
  * Non-maintainer upload by the Security Team.
  * CVE-2013-5653: Information disclosure through getenv, filenameforall
    (Closes: #839118)
  * CVE-2016-7976: Various userparams allow %pipe% in paths, allowing remote
    shell command execution (Closes: #839260)
  * CVE-2016-7977: .libfile doesn't check PermitFileReading array, allowing
    remote file disclosure (Closes: #839841)
  * CVE-2016-7978: reference leak in .setdevice allows use-after-free and
    remote code execution (Closes: #839845)
  * CVE-2016-7979: type confusion in .initialize_dsc_parser allows remote code
    execution (Closes: #839846)

0e272c1... by Salvatore Bonaccorso on 2015-07-26

Import patches-unapplied version 9.06~dfsg-2+deb8u1 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 1d60b0087a2afef4e2ea20a0b7f40b25c0766232

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Add CVE-2015-3228.patch patch.
    CVE-2015-3228: Integer overflow in gs_heap_alloc_bytes() (Closes: #793489)

1d60b00... by Didier Raboud on 2015-01-09

Import patches-unapplied version 9.06~dfsg-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 31595b7669dad3f752d820dc619b8a8d6b8762d5

New changelog entries:
  * Add patch cherry-picked from Ghostscript 9.14 (AGPL) to fix /typecheck error in
    /findfont. Mention the explicit agreement to include that patch in a GPL
    Ghostscript in the patch description from the original author.
    (Closes: #732440)
  * Ack NMU, thanks!

31595b7... by YunQiang Su <email address hidden> on 2014-10-14

Import patches-unapplied version 9.06~dfsg-1.1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a665f92f1591d6bc14b8aefb4a4e4d3ddf71a7ed

New changelog entries:
  * Non-maintainer upload.
  * Symbols file: add mips64 and mips64el to 64bit list;
     mips64el and mipsn32el to le arch list to file. (Closes: 727179)

a665f92... by Didier Raboud on 2014-08-27

Import patches-unapplied version 9.06~dfsg-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 64c9ddfbffb518efa225ea7ea044065983d4a352

New changelog entries:
  * Team upload
  [ upstream ]
  * New release.
    Highlights:
    + PDF/A-2 - pdfwrite now supports the creation of PDF/A-2 files.
    + pdfwrite "Server mode" - pdfwrite can now be run in "server mode".
    + pdfwrite now supports the "%d" format in the OutputFile switch.
    + ps2write now emits PostScript in slightly different ways in order
      to produce output on a wider variety of devices.
    + Ghostscript can now use output intents defined in PDFs.
    + tiffsep/tiffsep1: support for large numbers of separations
      improved.
    + tiffsep, psdcmyk and psdrgb now support the "downscaler"
      functionality.
    + clist storage, for rendering pages in bands, is now a run-time
      option.
  [ Jonas Smedegaard ]
  * Update copyright file:
    + Fix merge some Files entries.
    + Tidy copyright holders to match new upstream release.
    + List upstream develpment mailinglist as preferred upstream
      contact.
  * Update repackaging:
    + Strip icclib.
      Drop corresponding entries in copyright file.
      Drop patch for CVE-2012-4405.
    + Stop strip CMap file Identity-UTF16-H: Explicitly declared in
      LICENSE (with a double negative) as GPL-3+~Artifex licensed.
    + Stop strip CMap files: not shipped since 9.06.
  * Drop patches 0* now included upstream and 1* adopted upstream.
  * Unfuzz all patches, and update patch 2003.
  * Update package relations:
    + Build-depend on recent libopenjpeg-dev (not libjasper-dev):
      JasPer support deprecated (will be dropped in 9.07).
    + Build-depend on libregexp-assemble-perl, libfont-ttf-perl and
      libimage-exiftool-perl: Needed for extracting metadata from ICC,
      PDF, and fonts.
    + Stop build-depending on liblcms1-dev: icc34.h now included
      upstream (outside of the convenience code copy of lcms1 project).
      Closes: Bug#745529. Thanks to Moritz Muehlenhoff.
    + Stop build-depending on libdbus-1-dev: CUPS filters no longer
      built.
    + Stop suggesting hpijs: Correct would be for said package (or
      rather its successor printer-driver-hpijs - or any add-on driver)
      to declare "Enhances: ghostscript" instead.
  * Disable broken omni driver.
  * Use canonical hostname (anonscm.debian.org) in Vcs-Git URI.
  * Add patch 1001 to document inkcov device.
  * Extract metadata from ICC, PDF, and truetype files before copyright
    check.
  * Stop building CUPS filters, and drop binary package
    ghostscript-cups: Ghostscript-based CUPS filters obsolete (will be
    dropped upstream in 9.09).
    Closes: bug#735612. Thanks to Adrian Bunk and Didier 'OdyX' Raboud.
  * Avoid building CUPS driver or checking symbols file when
    bootstrapping an architecture.
    Closes: bug#717827. Thanks to Matthias Klose and Daniel Schepler.
  * Update Vcs-* fields: Packaging git moved to printing area of Alioth.
  * Stop explicitly xz-compressing binary packages: Done by default now.
  * Fix avoid hardcoded (and broken, by now) ABI in fallback font path.
  * Document in README.Debian linkage against unpatched OpenJPEG (i.e.
    lacking JPEG2000 color calibration) in README.Debian.
  * Move ICC profiles to shared dir, to allow reuse by others.
  * Bump standards-version to 3.9.5.
  * Update symbols file (79 new, 29 dropped).
  * Add patch cherry-picked upstream, to avoid icclib.
    Closes: Bug#531624. Thanks to Moritz Muehlenhoff.
  [ Didier Raboud ]
  * Add libjasper-dev as Build-Depend, let the two symbols back in
  * Ack NMU, thanks!

64c9ddf... by Andreas Barth <email address hidden> on 2014-08-17

Import patches-unapplied version 9.05~dfsg-9.1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8700050d608e45d25a8e42f4be85299b28276fbc

New changelog entries:
  * Non-maintainer upload.
  * Add ppc64el to symbols file. Closes: #751917

8700050... by Michael Gilbert <email address hidden> on 2014-08-08

Import patches-unapplied version 9.05~dfsg-9 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f31c7b3b3a6414367b829b83958d4347ef0a47b5

New changelog entries:
  * Update my email address.
  * Build against lcms2 (closes: #745529).