ubuntu/+source/ghostscript:ubuntu/artful-security

Last commit made on 2018-04-30
Get this branch:
git clone -b ubuntu/artful-security https://git.launchpad.net/ubuntu/+source/ghostscript
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/artful-security
Repository:
lp:ubuntu/+source/ghostscript

Recent commits

db21195... by Leonidas S. Barbosa on 2018-04-24

Import patches-unapplied version 9.21~dfsg+1-0ubuntu3.1 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: cf067dcd26239859eb49f36259917d8d24177b1f

New changelog entries:
  * SECURITY UPDATE: Heap-based buffer overflow and application crash
    - debian/patches/CVE-2016-10317.patch: check max_height bounds in
      base/gxht_thresh.c, base/gxipixel.c.
    - CVE-2016-10317
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-10194.patch: avoid infinite number
      in devices/vector/gdevpdts.c.
    - CVE-2018-10194

cf067dc... by Leonidas S. Barbosa on 2017-09-14

Import patches-unapplied version 9.21~dfsg+1-0ubuntu3 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 7d35ddbba538415fb0b0a0d53890e3aea5f8a878

New changelog entries:
  * SECURITY UPDATE: DoS via crafted files
    - debian/patches/CVE-2017-11714.patch: prevent to reloc
      a freed object in psi/ztoken.c.
    - CVE-2017-11714
  * SECURITY UPDATE: DoS in Artifex Ghostscript
    - debian/patches/CVE-2017-9611.patch: bounds check pointer in
      base/ttinterp.c
    - CVE-2017-9611
  * SECURITY UPDATE: DoS in Artifex Ghostscript
    - debian/patches/CVE-2017-9612.patch: bounds check pointer in
      base/ttinterp.c
    - CVE-2017-9612
  * SECURITY UPDATE: DoS heap-based buffer over-read and crash
    - debian/patches/CVE-2017-9726.patch: bounds check zone pointer
      in base/ttinterp.c.
    - CVE-2017-9726
  * SECURITY UPDATE: DoS heap-based buffer over-read and crash
    - debian/patches/CVE-2017-9727.patch: make bounds check in
      base/gxttfb.c.
    - CVE-2017-9727
  * SECURITY UPDATE: DoS heap-based buffer over-read and crash
    - debian/patches/CVE-2017-9739.patch: bounds check in
      base/ttinterp.c.
    - CVE-2017-9739
  * SECURITY UPDATE: DoS heap-base buffer over-read and crash
    - debian/patches/CVE-2017-9835.patch: bounds check the array
      allocations methods in base/gsalloc.c.
    - CVE-2017-9835

7d35ddb... by Till Kamppeter on 2017-09-01

Import patches-unapplied version 9.21~dfsg+1-0ubuntu2 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 76edb66ed07fbc8f8ca4372702859c0781f38fac

New changelog entries:
  * 020170831-4129543.patch: Backported fix from upstream to make the
    contents of combo boxes in filled PDF forms show (Upstream bug #698461).

76edb66... by Till Kamppeter on 2017-08-04

Import patches-unapplied version 9.21~dfsg+1-0ubuntu1 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 8fc975cfcc89446904bf7ff1f39f028ddb820431

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    + openjpeg library bundled with upstream Ghostscript/GhostPDL used
      instead of the original openjpeg library, as the original library
      is not accepted into Ubuntu Main
      (https://bugs.launchpad.net/bugs/711061).
  * debian/libgs9.symbols: Updated for new upstream source. Applied patch
    which dpkg-gensymbols generated.

8fc975c... by Jonas Smedegaard <email address hidden> on 2017-06-19

Import patches-unapplied version 9.21~dfsg-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 9c0f90f77615fae1acd707e070282ddcab3d8d71

New changelog entries:
  [ upstream ]
  * New release.
    Highlights:
    + pdfwrite preserves annotations from input PDFs where possible.
    + GhostXPS pass required data to pdfwrite to emit a ToUnicode CMap,
      resulting in fully searchable PDFs created from XPS in most cases.
    + Allow default color space for PDF transparency blends.
    + Improved support for cross-compiling in configure script.
    + tiffscaled and tiffscaled4 supports ETS (Even Tone Screening).
    + toolbin/pdf_info.ps utility emits PDF XML metadata.
    + New scan converter, more performant with large and complex paths.
  [ Jonas Smedegaard ]
  * Modernize cdbs:
    + Do copyright-check in maintainer script (not during build).
  * Avoid compressing pdf documentation.
  * Revive git-ignore file, lost importing NMUs.
  * Update watch file: Fix track releases (not tags).
  * Update copyright info:
    + Fix update main Files section to include all directory wildcards
      declared in root LICENSE file.
    + Stop track files no longer shipped upstream.
    + Add copyright holder Raph Levien.
    + Extend coverage for main upstream author.
    + Use https protocol in format string.
  * Update patches:
    + Drop patches applied upstream.
    + Normalize patch names.
    + Tidy DEP3 patch headers.
    + Add patch cherry-picked upstream to fix the shared openjpeg build.
    + Add patch cherry-picked upstream to fix shared lib build with
      openjpeg >= 2.1.1, replacing patch 1001.
  * Update package relations:
    + Relax build-dependency on cdbs.
    + Stop build-depend on licensecheck libregexp-assemble-perl
      libimage-exiftool-perl libfont-ttf-perl.
  * Relax symbols check when targeting experimental.
  * Update symbols: 16 dropped. 37 added.
  * Declare compliance with Debian Policy 4.0.0.

9c0f90f... by Salvatore Bonaccorso on 2017-05-21

Import patches-unapplied version 9.20~dfsg-3.2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 5b3272a23b8ef3dee8e0d85292527c0621122d64

New changelog entries:
  * Non-maintainer upload.
  * Fix regression introduced by CVE-2017-8291 fix.
    When using the "DELAYBIND" feature, it turns out that .eqproc can be
    called with parameters that are not both procedures. In this case, it
    turns out, the expectation is for the operator to return 'false', rather
    than throw an error. (Closes: #862779)

5b3272a... by Salvatore Bonaccorso on 2017-04-28

Import patches-unapplied version 9.20~dfsg-3.1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 72cd44c3765852e11fdb05cb520f4169b81bb248

New changelog entries:
  * Non-maintainer upload.
  * -dSAFER bypass and remote command execution via a "/OutputFile (%pipe%"
    substring (CVE-2017-8291) (Closes: #861295)
  * use the correct param list enumerator (CVE-2017-5951) (Closes: #859696)
  * fix crash with bad data supplied to makeimagedevice (CVE-2016-10220)
    (Closes: #859694)
  * Avoid divide by 0 in scan conversion code (CVE-2016-10219)
    (Closes: #859666)
  * Dont create new ctx when pdf14 device reenabled (CVE-2016-10217)
    (Closes: #859662)

72cd44c... by Jonas Smedegaard <email address hidden> on 2017-03-21

Import patches-unapplied version 9.20~dfsg-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4212796001d83edb54a972f9280bd18271637e40

New changelog entries:
  * Fix NULL pointer dereference in mem_get_bits_rectangle().
    Closes: Bug#697676 (CVE-2017-7207). Thanks to Salvatore Bonaccorso.

4212796... by Jonas Smedegaard <email address hidden> on 2017-01-25

Import patches-unapplied version 9.20~dfsg-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4aa11af9fba4a9ea5a2b78ace9cf89aab87ce92d

New changelog entries:
  * Add patch cherry-picked upstream to always print full PWG Raster
    bitmap.
    Closes: Bug#843095. Thanks to Brian Potkin.
  * Modernize Vcs-Browser field: Use git subdir (not cgit).
  * Stop override lintian for
    package-needs-versioned-debhelper-build-depends: Fixed in lintian.
  * Update watch file: Use github pattern from documentation.
  * Update copyright info: Extend coverage of Debian packaging.
  * Git-ignore quilt .pc subdir.
  * Revert to not have git import-orig use merge-strategy replace.

4aa11af... by Jonas Smedegaard <email address hidden> on 2016-11-29

Import patches-unapplied version 9.20~dfsg-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7f4afa2531cb12d5bf7a925850319663025205c2

New changelog entries:
  * Fix spelling error in chengelog entry for 9.19~dfsg-3.1.
  * Adjust symbols (Fix version. Synv with experimental builds.