ubuntu/+source/ghostscript:ubuntu/maverick-security

Last commit made on 2012-01-04
Get this branch:
git clone -b ubuntu/maverick-security https://git.launchpad.net/ubuntu/+source/ghostscript
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/maverick-security
Repository:
lp:ubuntu/+source/ghostscript

Recent commits

45cb2be... by Marc Deslauriers on 2011-12-20

Import patches-unapplied version 8.71.dfsg.2-0ubuntu7.1 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: b5e4e5a6e1628ba65dd340590c1decf0401438a6

New changelog entries:
  * SECURITY UPDATE: integer overflows via integer multiplication for
    memory allocation
    - debian/patches/CVE-2008-352x.dpatch: introduce new size-checked
      allocation functions and use them in:
      * jasper/src/libjasper/base/{jas_cm.c,jas_icc.c,jas_image.c,
        jas_malloc.c,jas_seq.c}
      * jasper/src/libjasper/bmp/bmp_dec.c
      * jasper/src/libjasper/include/jasper/jas_malloc.h
      * jasper/src/libjasper/jp2/{jp2_cod.c,jp2_dec.c,jp2_enc.c}
      * jasper/src/libjasper/jpc/{jpc_cs.c,jpc_dec.c,jpc_enc.c,jpc_mqdec.c,
        jpc_mqenc.c,jpc_qmfb.c,jpc_t1enc.c,jpc_t2cod.c,jpc_t2dec.c,
        jpc_t2enc.c,jpc_tagtree.c,jpc_util.c}
      * jasper/src/libjasper/mif/mif_cod.c
    - CVE-2008-3520
  * SECURITY UPDATE: buffer overflow via vsprintf in jas_stream_printf()
    - debian/patches/CVE-2008-352x.dpatch: use vsnprintf() in
      jasper/src/libjasper/base/jas_stream.c
    - CVE-2008-3522
  * SECURITY UPDATE: denial of service and possible code execution via
    heap-based buffer overflows.
    - debian/patches/CVE-2011-451x.dpatch: validate compparms->numrlvls
      and allocate proper size in jasper/src/libjasper/jpc/jpc_cs.c.
    - CVE-2011-4516
    - CVE-2011-4517

b5e4e5a... by Till Kamppeter on 2010-09-20

Import patches-unapplied version 8.71.dfsg.2-0ubuntu7 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 35a4c5cef93bb584dd958356ab62c987883c895f

New changelog entries:
  * debian/control: Updated versioned dependency of ghostscript on gsfonts,
    we need at least gsfonts 1:8.11+urwcyr1.0.7~pre44-4.1 now due to the
    dropping of defoma.

35a4c5c... by Till Kamppeter on 2010-09-01

Import patches-unapplied version 8.71.dfsg.2-0ubuntu6 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: f24122d8dbeb47279940079a544a9d4e95432f76

New changelog entries:
  * debian/patches/substractive-gray-fix: Fixed the handling of substractive
    monochrome/grayscale color spaces by the PDF interpreter. Such color
    space is often used by the CUPS Raster output device, especially by
    Gutenprint on monochrome laser printers.

f24122d... by Till Kamppeter on 2010-08-12

Import patches-unapplied version 8.71.dfsg.2-0ubuntu5 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 78cdfb6006534acdeff2c42ea962330eb804a858

New changelog entries:
  * debian/patches/cups-raster-fixes.dpatch: Do not do over-verbose debug
    logging. This made rendering sigificantly slower and also made it more
    difficult to read the CUPS error_log file (Upstream bug #690581).

78cdfb6... by Till Kamppeter on 2010-07-19

Import patches-unapplied version 8.71.dfsg.2-0ubuntu4 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: d5fb75784dfd1ed2890734da651b16ed14272b8e

New changelog entries:
  * debian/patches/cups-raster-fixes.dpatch: Added following fixes to the
    patch:
     o Eliminated compiler warning appearing after the recent memory
       reallocation fixes.
     o Support CUPS Raster level 2 (compressed) output (Upstream bug #689885).
     o Improved memory management: Automatic buffer size determination if
       RIP_MAX_CACHE variable is not set or not a non-zero number, BufferSpace
       size is same as MaxBitmap, not 1/10 (Upstream bug #691499).
     o Reallocate memory also if color depth changes during the job (Upstream
       bug #690435).
  * debian/patches/x11-device-do-not-create-huge-windows.dpatch: Some input
    files made Ghostscript opening a huge window, much bigger than the usual
    desktop, and sometimes using up all the computer's memory and making the
    computer crash (Upstream bug #690444).
  * debian/patches/check-all-pdfs-for-transparency.dpatch: Transparency in
    PDFs is was only introduced in PDF 1.4 according to the Adobe specs, but
    there are PDFs claiming to be of an older standard but they contain
    transparency. With this patch all PDFs are checked for transparency
    (Upstream bug #691273).
  * debian/patches/pdf-rendering-performance.dpatch: Improved PDF rendering
    performance by replacing the standard C floor() function by a simple macro
    (Upstream bug #691504).
  * debian/patches/x11-device-modularization-fixes.dpatch: Assorted fixes in
    the modularization of the X11 output devices (Upstream bug #691510).
  * debian/patches/device-n-init-variables-to-avoid-segfault.dpatch: Added
    some missing initializations in DeviceN to avoid possible segmentation
    faults (Upstream bug #690428).
  * debian/patches/fix-imagem-output-device.dpatch: Fixed double-free
    corruption of "imagen" output device (Upstream bug #690561).

d5fb757... by Marc Deslauriers on 2010-07-22

Import patches-unapplied version 8.71.dfsg.2-0ubuntu3 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: ead0f41e1bed36303c091f07cdcf515573a945c0

New changelog entries:
  * SECURITY UPDATE: arbitrary code execution via unlimited recursive
    procedure invocations (LP: #546009)
    - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
      all allocations were successful in psi/ialloc.c, psi/idosave.h,
      psi/isave.c.
    - CVE-2010-1628

ead0f41... by Till Kamppeter on 2010-07-19

Import patches-unapplied version 8.71.dfsg.2-0ubuntu2 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: 308bfe40122171df4ece9d8035170cd91c9e2e27

New changelog entries:
  * debian/patches/ps2pdf-hyperlinks.dpatch: Let ps2pdf create proper hyperlinks
    (LP: #583990, upstream bug #691344).

308bfe4... by Till Kamppeter on 2010-06-04

Import patches-unapplied version 8.71.dfsg.2-0ubuntu1 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: c26ba6f00b03bea20df7387c63870ad253eafe5c

New changelog entries:
  * New source tarball, still based on Ghostscript 8.71, but with less files
    removed. As for most files in Resource/CMap/ Adobe has changed the license
    we do not remove the files in Resource/CMap/ entirely but only the files
    which have still a non-free license. As these files are only needed for
    old CJK PDF files (of the Adobe Acrobat Reader 3-6 generation) for most
    users this will reintroduce the same PDF and font compatibility as
    upstream Ghostscript. See Ghostscript upstream bug 691212. This should fix
    upstream bug 691345 and the Ghostscript part of LP: #321932. Used the
    command line "grep -li 'not altered' Resource/CMap/* | xargs rm" to
    remove these files.
  * debian/README.Debian: Updated for the change in the removal of non-free
    files from the upstream source tarball.
  * debian/ghostscript.links: Removed links which got obsolete from defoma
    removal.
  * debian/dirs: Removed directories which got obsolete from defomo removal.
  * debian/rules: Removed "fail-if-cmaps-exist" rule, as we do not remove
    the entire Resource/CMap/ any more.

c26ba6f... by Stefano Rivera on 2010-05-23

Import patches-unapplied version 8.71.dfsg.1-0ubuntu6 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: fb260d7b7a051d64050cbd2c70aaeac279bc92ec

New changelog entries:
  * debian/ghostscript.prerm, debian/gs.defoma, debian/ghostscript.postrm,
    debian/dirs, debian/ghostscript.links, debian/control, debian/rules,
    debian/ghostscript.postinst, debian/ghostscript.preinst,
    debian/update-gsfontmap: Merge changes from 8.71~dfsg2-1.1 (LP: #584597):
    - Drop defoma.
    - Add update-gsfontmap to provide cidfmap and Fontmap.

fb260d7... by Till Kamppeter on 2010-04-29

Import patches-unapplied version 8.71.dfsg.1-0ubuntu5.1 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: 33587c4a823d96fd07716d7767d242d320750d47

New changelog entries:
  * debian/patches/pdf-interpreter-segfault-fixes.dpatch,
    debian/patches/cups-raster-fixes.dpatch,
    debian/patches/fapi-buildchar-object-null-check.dpatch,
    debian/patches/cups-raster-error-out-without-segfault-and-force-banding.dpatch,
    debian/patches/cups-raster-fix-memory-reallocation.dpatch: Fixed several
    problems in the PDF interpreter and the CUPS Raster output device of
    Ghostscript to avoid Ghostscript erroring out or even crashing on many
    input files when printing with a CUPS Raster driver (LP: 539708, upstream
    bug #691014). Joined all changes on cups/gdevcups.c into one patch as
    the patches are overlapping and parts of the old patches are undone.