ubuntu/+source/ghostscript:ubuntu/jaunty-security

Last commit made on 2010-07-13
Get this branch:
git clone -b ubuntu/jaunty-security https://git.launchpad.net/ubuntu/+source/ghostscript
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/jaunty-security
Repository:
lp:ubuntu/+source/ghostscript

Recent commits

21e5f46... by Marc Deslauriers on 2010-07-12

Import patches-unapplied version 8.64.dfsg.1-0ubuntu8.1 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: 1519f2333a360fc7a3eeeb0cbff64a247ec6b4d8

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    buffer overflow in errprintf function
    - debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
    - CVE-2009-4270
  * SECURITY UPDATE: arbitrary code execution via unlimited recursive
    procedure invocations (LP: #546009)
    - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
      all allocations were successful in psi/ialloc.c, psi/idosave.h,
      psi/isave.c.
    - CVE-2010-1628
  * SECURITY UPDATE: arbitrary code execution via crafted PostScript file
    (LP: #546009)
    - debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
      psi/int.mak, psi/iscan.c, psi/iscan.h.
    - CVE-2010-1869
  * SECURITY UPDATE: arbitrary code execution via long names
    - debian/patches/security-long-names.dpatch: check against maximum size
      in psi/iscan.c.
    - No CVE number yet.

1519f23... by Marc Deslauriers on 2009-04-09

Import patches-unapplied version 8.64.dfsg.1-0ubuntu8 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 0f2cd610b13677022557c0a2e7d50855e56d78ec

New changelog entries:
  * SECURITY UPDATE: possible arbitrary code execution via JBIG2 symbol
    dictionary segments
    - debian/patches/41_CVE-2009-0196.dpatch: validate size of runlength
      in export symbol table in jbig2dec/jbig2_symbol_dict.c.
    - CVE-2009-0196
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via integer overflows in icclib
    - debian/patches/42_CVE-2009-0792.dpatch: fix numerous overflows in
      icclib/icc.c.
    - CVE-2009-0792

0f2cd61... by Till Kamppeter on 2009-04-05

Import patches-unapplied version 8.64.dfsg.1-0ubuntu7 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: ecfcbfe48132dd6155c380289e7f1f881dc3065b

New changelog entries:
  * debian/patches/40_pdfwrite-numcopies.dpatch: PDF output device of
    Ghostscript did not take into account /#copies or /NumCopies in the
    PostScript input, which made some applications, like OpenOffice.org
    print only one copy also if more than one copy is requested. No
    Ghostscript prints multiple copies with "pdfwrite" if it is called
    with "-dDoNumCopies" (LP: #320391, upstream bug #690355).

ecfcbfe... by Marc Deslauriers on 2009-03-27

Import patches-unapplied version 8.64.dfsg.1-0ubuntu6 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: d27c02a52d3f452553991a9d361b4cab3ca74967

New changelog entries:
  * SECURITY UPDATE: Arbitrary code execution due to integer overflows and
    insufficient upper-bounds checks in the ICC library
    - debian/patches/38_CVE-2009-0583_0584.dpatch: fix multiple integer
      overflows and perform bounds checking in icclib/icc.c.
    - CVE-2009-0583
    - CVE-2009-0584

d27c02a... by Till Kamppeter on 2009-03-25

Import patches-unapplied version 8.64.dfsg.1-0ubuntu5 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 69aa15c43f47bd472cc68ee22ac90e279b178cd6

New changelog entries:
  * debian/patches/00list: Really apply the patch for LP: #333429.
  * debian/patches/37_fix-segfault-in-cups-raster-output-device.dpatch:
    Fixed segfault in the "cups" (CUPS Raster) output device of Ghostscript
    (LP: #333429, upstream bug 690338).
  * debian/ghostscript.postinst: Silenced non-fatal error messages when
    post-install script updates PPDs and there are PPDs not belonging to
    a CUPS queue in /etc/cups/ppd/ (LP: #345866).

69aa15c... by Till Kamppeter on 2009-03-19

Import patches-unapplied version 8.64.dfsg.1-0ubuntu3 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: a5599fd0afea2392f885d8e00a3a1cb21f74a8b1

New changelog entries:
  * debian/local/apport-hook.py, debian/rules: Added apport hook (LP: #338442).

a5599fd... by Till Kamppeter on 2009-02-18

Import patches-unapplied version 8.64.dfsg.1-0ubuntu2 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: a28e2000fdb801cb87be6a2b3f0e5e61aa460308

New changelog entries:
  * debian/patches/35_bitcmyk-blank-output.dpatch: The bitcmyk output device
    produces zero length output (LP: #331127, upstream bug #690287).

a28e200... by Till Kamppeter on 2009-02-03

Import patches-unapplied version 8.64.dfsg.1-0ubuntu1 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 67ef67c2ce2bc0e1b93c0c4c37bb85c294d55b2c

New changelog entries:
  * New upstream release (Ghostscript 8.64 final release)
     o No functional change. This is only to let the final release not
       appear as a release candidate in the help output and documentation.

67ef67c... by Till Kamppeter on 2009-02-02

Import patches-unapplied version 8.64.dfsg.1~svn9432-0ubuntu1 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 8a3bbd5804d21cf4a8778864e42b73bd045856ea

New changelog entries:
  * New upstream release (SVN rev 9432, RC3)
     o Fix regression of X output being broken with large images or other
       cases of the image buffer being used (Upstream bug #690222, #690260).
     o Fixed the bbox output device for example3.ps in LP: #160203.

8a3bbd5... by Till Kamppeter on 2009-01-27

Import patches-unapplied version 8.64.dfsg.1~svn9415-0ubuntu1 to ubuntu/jaunty

Imported using git-ubuntu import.

Changelog parent: 567be139aac22b640538670b5f03c8fc54b549e0

New changelog entries:
  * New upstream release
     o Fix problem of X display not completely clearing the previous page
       before drawing the next page (Upstream bug #690255).