ubuntu/+source/ghostscript:ubuntu/lucid-updates

Last commit made on 2015-01-26
Get this branch:
git clone -b ubuntu/lucid-updates https://git.launchpad.net/ubuntu/+source/ghostscript
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/lucid-updates
Repository:
lp:ubuntu/+source/ghostscript

Recent commits

5ddedb9... by Marc Deslauriers on 2015-01-22

Import patches-unapplied version 8.71.dfsg.1-0ubuntu5.7 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: e786b631ec0db8f34f47dc70a1957273153dc5ec

New changelog entries:
  * SECURITY UPDATE: denial of service via crafted ICC color profile
    - debian/patches/CVE-2014-8137.dpatch: prevent double-free in
      jasper/src/libjasper/base/jas_icc.c, remove assert in
      jasper/src/libjasper/jp2/jp2_dec.c.
    - CVE-2014-8137
  * SECURITY UPDATE: denial of service or code execution via invalid
    channel number
    - debian/patches/CVE-2014-8138.dpatch: validate channel number in
      jasper/src/libjasper/jp2/jp2_dec.c.
    - CVE-2014-8138
  * SECURITY UPDATE: denial of service or code execution via off-by-one
    - debian/patches/CVE-2014-8157.dpatch: fix off-by-one in
      jasper/src/libjasper/jpc/jpc_dec.c.
    - CVE-2014-8157
  * SECURITY UPDATE: denial of service or code execution via memory
    corruption
    - debian/patches/CVE-2014-8158.dpatch: remove HAVE_VLA to use more
      sensible buffer sizes in jasper/src/libjasper/jpc/jpc_qmfb.c.
    - CVE-2014-8158

e786b63... by Marc Deslauriers on 2014-12-05

Import patches-unapplied version 8.71.dfsg.1-0ubuntu5.6 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 8d773195f9ad657ae366d914a2f518f41544878f

New changelog entries:
  * SECURITY UPDATE: heap overflows via crafted jp2 file
    - debian/patches/CVE-2014-9029.dpatch: fix off-by-one in
      jasper/src/libjasper/jpc/jpc_dec.c.
    - CVE-2014-9029

8d77319... by Marc Deslauriers on 2012-09-21

Import patches-unapplied version 8.71.dfsg.1-0ubuntu5.5 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: ad5d8fc9d812dd5208b21c4afa2921964be82f74

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    icclib overflow
    - debian/patches/CVE-2012-4405.dpatch: validate input channels in
      icclib/icc.c.
    - CVE-2012-4405

ad5d8fc... by Marc Deslauriers on 2011-12-20

Import patches-unapplied version 8.71.dfsg.1-0ubuntu5.4 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 0a5ddce63d2833254ab84e31f34b0de4c4861107

New changelog entries:
  * SECURITY UPDATE: integer overflows via integer multiplication for
    memory allocation
    - debian/patches/CVE-2008-352x.dpatch: introduce new size-checked
      allocation functions and use them in:
      * jasper/src/libjasper/base/{jas_cm.c,jas_icc.c,jas_image.c,
        jas_malloc.c,jas_seq.c}
      * jasper/src/libjasper/bmp/bmp_dec.c
      * jasper/src/libjasper/include/jasper/jas_malloc.h
      * jasper/src/libjasper/jp2/{jp2_cod.c,jp2_dec.c,jp2_enc.c}
      * jasper/src/libjasper/jpc/{jpc_cs.c,jpc_dec.c,jpc_enc.c,jpc_mqdec.c,
        jpc_mqenc.c,jpc_qmfb.c,jpc_t1enc.c,jpc_t2cod.c,jpc_t2dec.c,
        jpc_t2enc.c,jpc_tagtree.c,jpc_util.c}
      * jasper/src/libjasper/mif/mif_cod.c
    - CVE-2008-3520
  * SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
    - debian/patches/CVE-2008-352x.dpatch: use vsnprintf() in
      jasper/src/libjasper/base/jas_stream.c
    - CVE-2008-3522
  * SECURITY UPDATE: denial of service and possible code execution via
    heap-based buffer overflows.
    - debian/patches/CVE-2011-451x.dpatch: validate compparms->numrlvls
      and allocate proper size in jasper/src/libjasper/jpc/jpc_cs.c.
    - CVE-2011-4516
    - CVE-2011-4517

0a5ddce... by Till Kamppeter on 2010-07-19

Import patches-unapplied version 8.71.dfsg.1-0ubuntu5.3 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: 175237e5193723a1b704b0b249f325bc3fe5bf2f

New changelog entries:
  * debian/patches/ps2pdf-hyperlinks.dpatch: Let ps2pdf create proper hyperlinks
    (LP: #583990, upstream bug #691344).

175237e... by Marc Deslauriers on 2010-07-09

Import patches-unapplied version 8.71.dfsg.1-0ubuntu5.2 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: fb260d7b7a051d64050cbd2c70aaeac279bc92ec

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via unlimited recursive
    procedure invocations (LP: #546009)
    - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
      all allocations were successful in psi/ialloc.c, psi/idosave.h,
      psi/isave.c.
    - CVE-2010-1628

fb260d7... by Till Kamppeter on 2010-04-29

Import patches-unapplied version 8.71.dfsg.1-0ubuntu5.1 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: 33587c4a823d96fd07716d7767d242d320750d47

New changelog entries:
  * debian/patches/pdf-interpreter-segfault-fixes.dpatch,
    debian/patches/cups-raster-fixes.dpatch,
    debian/patches/fapi-buildchar-object-null-check.dpatch,
    debian/patches/cups-raster-error-out-without-segfault-and-force-banding.dpatch,
    debian/patches/cups-raster-fix-memory-reallocation.dpatch: Fixed several
    problems in the PDF interpreter and the CUPS Raster output device of
    Ghostscript to avoid Ghostscript erroring out or even crashing on many
    input files when printing with a CUPS Raster driver (LP: 539708, upstream
    bug #691014). Joined all changes on cups/gdevcups.c into one patch as
    the patches are overlapping and parts of the old patches are undone.

33587c4... by Josh Holland on 2010-04-02

Import patches-unapplied version 8.71.dfsg.1-0ubuntu5 to ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: 8afd18db9af810ccd06902ae1da9d3de24b63362

New changelog entries:
  * debian/patches/pdf2dsc-fix-for-pdflatex-preview.dpatch:
    Fix pdflatex preview mode using the patch from http://svn.ghostscript.com/viewvc?view=rev&revision=10778
    by William Bader (LP: #543266)

8afd18d... by Till Kamppeter on 2010-03-23

Import patches-unapplied version 8.71.dfsg.1-0ubuntu4 to ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: 84b520ac9a2fcf0e52b0c956b615c719c70001a9

New changelog entries:
  * debian/patches/cups-raster-error-out-without-segfault-and-force-banding.dpatch:
    Make the "cups" output device (CUPS Raster) error out correctly without
    causing segfaults and also force banding mode as some PDFs do not render
    otherwise (LP: #534525).

84b520a... by Till Kamppeter on 2010-03-09

Import patches-unapplied version 8.71.dfsg.1-0ubuntu3 to ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: 9cfe124749b086ff67b064c9b6874874aae657c0

New changelog entries:
  * debian/patches/pdftoraster-wait-for-ghostscript.dpatch: pdftoraster exited
    already before its Ghostscript subprocess finished. Thanks to Tim Waugh
    from Red Hat for the fix.
  * debian/patches/cups-raster-fix-memory-reallocation.dpatch: Fixed bug
    in memory reallocation on bitmap size changes. Color depth was not
    taken into account. This caused black pages to be printed with some
    CUPS Raster drivers, like Turboprint. Fixes upstream bugs #691029 and
    #691108.
  * debian/patches/fix-broken-korean-example.dpatch: Fixed example file for
    rendering Korean text.