ubuntu/+source/ghostscript:ubuntu/devel

Last commit made on 2019-09-12
Get this branch:
git clone -b ubuntu/devel https://git.launchpad.net/ubuntu/+source/ghostscript
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/devel
Repository:
lp:ubuntu/+source/ghostscript

Recent commits

d6fb9b9... by Steve Beattie on 2019-09-11

Import patches-unapplied version 9.27~dfsg+0-0ubuntu3 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 19f02de84f2ddbed86bb64e8511b2f296137ad59

New changelog entries:
  * SECURITY UPDATE: '-dSAFER' restrictions bypass by .forceput
    Exposures
    - debian/patches/CVE-2019-14811-CVE-2019-14812-CVE-2019-14813.patch:
      Be more defensive by preventing access to .forceput from
      .setuserparams2.
    - CVE-2019-14811
    - CVE-2019-14812
    - CVE-2019-14813
    - debian/patches/CVE-2019-14817.patch: mark more uses of .forceput
      as execteonly
    - CVE-2019-14817

19f02de... by Till Kamppeter on 2019-08-30

Import patches-unapplied version 9.27~dfsg+0-0ubuntu2 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: fa91c1361fb6db4a7d7a5409eb2594ea69a9b123

New changelog entries:
  * Backported fixes on the "cups" (CUPS Raster/PWG Raster) output
    device to improve the matching of the geometry of the incoming
    page with the page sizes of the PPD file and also respecting
    special page size variants (like borderless) requested by the
    user. These changes should be included upstream from Ghostscript
    9.29 on.

fa91c13... by Till Kamppeter on 2019-08-15

Import patches-unapplied version 9.27~dfsg+0-0ubuntu1 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: a0af6cdfdfee00341f6a53d1802dea4d81c36846

New changelog entries:
  * New upstream release
    Highlights:
    - We have extensively cleaned up the Postscript name space: removing
      access to internal and/or undocumented Postscript operators, procedures
      and data. This has benefits for security and maintainability.
    - Fontmap can now reference invidual fonts in a TrueType Collection for
      font subsitution. Previously, a Fontmap entry could only reference a
      TrueType collection and use the default (first) font. Now, the Fontmap
      syntax allows for specifying a specific index in a TTC. See the comments
      at the top of (the default) Fontmap.GS for details.
  * Improvements on HTML documentation (Use local JavaScript, avoid remote
    fonts, avoid Google Tag Manager) by overtaking the appropriate patches
    from the Debian package.
  * Backported upstream patch to fix regression resolving bounding box of
    font glyphs and re-introduce over/underflow workaround.
  * Backported upstream patch to protect use of .forceput with
    executeonly.
  * Removed patches 02018*, lp1815339*, CVE-2019-* which are already included
    upstream.
  * Refreshed patch 2007_suggest_install_ghostscript-doc_in_code.patch with
    quilt.
  * debian/libgs9.symbols: Updated for new upstream source. Applied patch
    which dpkg-gensymbols generated.

a0af6cd... by Steve Beattie on 2019-08-08

Import patches-unapplied version 9.26~dfsg+0-0ubuntu9 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 207371025327a3b058ecbdfe1b92275e96537ca2

New changelog entries:
  * SECURITY UPDATE: `-dSAFER` restrictions bypass
    - debian/patches/CVE-2019-10216.patch: protect use of .forceput
      with executeonly
    - CVE-2019-10216

2073710... by Marc Deslauriers on 2019-05-07

Import patches-unapplied version 9.26~dfsg+0-0ubuntu8 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 56b280e8095ad7f7387cc9b4803275f2f85757f3

New changelog entries:
  * SECURITY UPDATE: code execution vulnerability
    - debian/patches/CVE-2019-3839-1.patch: hide pdfdict and GS_PDF_ProcSet
      in Resource/Init/pdf_base.ps, Resource/Init/pdf_draw.ps,
      Resource/Init/pdf_font.ps, Resource/Init/pdf_main.ps,
      Resource/Init/pdf_ops.ps, Resource/Init/pdf_sec.ps.
    - debian/patches/CVE-2019-3839-2.patch: fix lib/pdf2dsc.ps to use
      documented Ghostscript pdf procedures in lib/pdf2dsc.ps.
    - CVE-2019-3839

56b280e... by Marc Deslauriers on 2019-03-21

Import patches-unapplied version 9.26~dfsg+0-0ubuntu7 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 34810fcdc24441d6176a62c966cdb35382ca1c99

New changelog entries:
  * SECURITY UPDATE: superexec operator is available
    - debian/patches/CVE-2019-3835-pre1.patch: Have gs_cet.ps run from
      gs_init.ps in Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps.
    - debian/patches/CVE-2019-3835-pre2.patch: Undef /odef in
      Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps.
    - debian/patches/CVE-2019-3835-1.patch: restrict superexec and remove
      it in Resource/Init/gs_cet.ps, Resource/Init/gs_dps1.ps,
      Resource/Init/gs_fonts.ps, Resource/Init/gs_init.ps,
      Resource/Init/gs_ttf.ps, Resource/Init/gs_type1.ps.
    - debian/patches/CVE-2019-3835-2.patch: obliterate superexec in
      Resource/Init/gs_init.ps, psi/icontext.c, psi/icstate.h,
      psi/zcontrol.c, psi/zdict.c, psi/zgeneric.c.
    - CVE-2019-3835
  * SECURITY UPDATE: forceput in DefineResource is still accessible
    - debian/patches/CVE-2019-3838-1.patch: make a transient proc
      executeonly in Resource/Init/gs_res.ps.
    - debian/patches/CVE-2019-3838-2.patch: an extra transient proc needs
      executeonly in Resource/Init/gs_res.ps.
    - CVE-2019-3838

34810fc... by Marc Deslauriers on 2019-02-25

Import patches-unapplied version 9.26~dfsg+0-0ubuntu6 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: a386c42ad4d256021eaa83911c548da9ac291e48

New changelog entries:
  * SECURITY REGRESSION: Previous regression fix causes blue background
    (LP: #1817308)
    - debian/patches/lp1815339-2.patch: properly map RGBW color space in
      cups/gdevcups.c.

a386c42... by Marc Deslauriers on 2019-02-20

Import patches-unapplied version 9.26~dfsg+0-0ubuntu5 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: ff6345037c5d8e2814b8e78daa7d72cab3be049e

New changelog entries:
  * SECURITY REGRESSION: High RIP_MAX_CACHE makes cups output device fail
    (LP: #1815339)
    - debian/patches/lp1815339.patch: fix logic in cups/gdevcups.c.

ff63450... by Marc Deslauriers on 2019-01-23

Import patches-unapplied version 9.26~dfsg+0-0ubuntu4 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: d42bb47076550d884d39e88c68b166b25c1f0ae0

New changelog entries:
  * SECURITY UPDATE: code execution vulnerability
    - debian/patches/CVE-2019-6116.patch: address .force* operators
      exposure in Resource/Init/gs_diskn.ps, Resource/Init/gs_dps1.ps,
      Resource/Init/gs_fntem.ps, Resource/Init/gs_fonts.ps,
      Resource/Init/gs_init.ps, Resource/Init/gs_lev2.ps,
      Resource/Init/gs_pdfwr.ps, Resource/Init/gs_res.ps,
      Resource/Init/gs_setpd.ps, Resource/Init/pdf_base.ps,
      Resource/Init/pdf_draw.ps, Resource/Init/pdf_font.ps,
      Resource/Init/pdf_main.ps, Resource/Init/pdf_ops.ps,
      psi/int.mak, psi/interp.c, psi/istack.c, psi/istack.h.
    - CVE-2019-6116
  * debian/libgs9.symbols: added new symbol.

d42bb47... by Till Kamppeter on 2018-12-05

Import patches-unapplied version 9.26~dfsg+0-0ubuntu3 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 079ae94f13baa4120ecb0385ae3bff72274ca588

New changelog entries:
  * Backported upstream patch to prevent crashes when calling Ghostscript
    with a PDF file and "-dLastPage=1" (LP: #1806517, upstream bug #700315).