-
ee8c0c3...
by
Steve Beattie
on 2017-04-28
-
Import patches-unapplied version 9.05~dfsg-0ubuntu4.5 to ubuntu/precise-security
Imported using git-ubuntu import.
Changelog parent: e1004d3edcbb2565d0cdf6d9d114a1315ffc1186
New changelog entries:
* SECURITY UPDATE: invalid handling of parameters to .eqproc and
.rsdparams allowed disabling -dSAFER and thus code execution
- debian/patches/CVE-2017-8291-1.patch: check .eqproc parameters
- debian/patches/CVE-2017-8291-2.patch: check .rsdparams parameters
- CVE-2017-8291
* SECURITY UPDATE: use-after-free in color management module.
- CVE-2016-10217.patch: Don't create new ctx when pdf14 device
reenabled
- CVE-2016-10217
* SECURITY UPDATE: divide-by-zero error denial of service in
base/gxfill.c
- CVE-2016-10219.patch: check for 0 in denominator
- CVE-2016-10219
* SECURITY UPDATE: null pointer dereference denial of service
- CVE-2016-10220.patch: initialize device data structure correctly
- CVE-2016-10220
* SECURITY UPDATE: null pointer dereference denial of service
- CVE-2017-5951.patch: use the correct param list enumerator
- CVE-2017-5951
* SECURITY UPDATE: null pointer dereference denial of service
- CVE-2017-7207.patch: ensure a device has raster memory, before
trying to read it
- CVE-2017-7207
-
e1004d3...
by
Emily Ratliff
on 2016-12-01
-
Import patches-unapplied version 9.05~dfsg-0ubuntu4.4 to ubuntu/precise-security
Imported using git-ubuntu import.
Changelog parent: 6275743cc66ee42ed61c163d71f7c8457b2f5c61
New changelog entries:
* SECURITY UPDATE: Information disclosure through getenv, filenameforall
- debian/patches/CVE-2013-5653.patch: Have filenameforall and getenv
honor SAFER
- CVE-2013-5653
* SECURITY UPDATE: userparams with %pipe% in paths allow remote shell exec
- debian/patches/CVE-2016-7976.patch: Add a file permissions callback
- CVE-2016-7976
* SECURITY UPDATE: use-after-free and remote code execution
- debian/patches/CVE-2016-7978.patch: Reference count device icc profile
- CVE-2016-7978
* SECURITY UPDATE: type confusion allows remote code execution
- debian/patches/CVE-2016-7979.patch: DSC parser - validate parameters
- CVE-2016-7979
* SECURITY UPDATE: NULL dereference
- debian/patches/CVE-2016-8602.patch: check for sufficient params
- CVE-2016-8602
* SECURITY UPDATE: fix SAFER permissions
- debian/patches/CVE-2016-7977.patch: Be rigorous with SAFER permissions
- CVE-2016-7977
-
6275743...
by
Marc Deslauriers
on 2015-07-29
-
Import patches-unapplied version 9.05~dfsg-0ubuntu4.3 to ubuntu/precise-security
Imported using git-ubuntu import.
Changelog parent: 3715b2795d4a8c53095c4e7c4e4e41574c00bc08
New changelog entries:
* SECURITY UPDATE: integer overflow in gs_heap_alloc_bytes()
- debian/patches/CVE-2015-3228.patch: added sanity check to
base/gsmalloc.c.
- CVE-2015-3228
-
3715b27...
by
Till Kamppeter
on 2012-08-28
-
Import patches-unapplied version 9.05~dfsg-0ubuntu4.2 to ubuntu/precise-proposed
Imported using git-ubuntu import.
Changelog parent: df3cca1ff1ee5c15b7439d7c402c4f826815087c
New changelog entries:
* debian/patches/020120828-535d11e-disable-checking-for-the-max-pdf-object-number-during-pdf-linearisation.patch:
Disable checking for the max pdf object number during PDF linearisation,
because linearisation adds a few new objects to the PDF file (LP: #1032366).
-
df3cca1...
by
Till Kamppeter
on 2012-07-11
-
Import patches-unapplied version 9.05~dfsg-0ubuntu4.1 to ubuntu/precise-proposed
Imported using git-ubuntu import.
Changelog parent: 4c742bdc8e383be6d29d64cba11c277f00b3ac84
New changelog entries:
* debian/patches/020120711-4f6b985-write-transparent-type2-pattern-color-to-clist.patch:
When using a clist, ensure that all the color space data for the
pattern gets written to the clist, *and* that the clist correctly
records all the relevant transparency data (LP: #1022516, upstream bug
#693176).
-
4c742bd...
by
Till Kamppeter
on 2012-03-29
-
Import patches-unapplied version 9.05~dfsg-0ubuntu4 to ubuntu/precise
Imported using git-ubuntu import.
Changelog parent: 6d8ba3a82580035d4b584a5a20ffaf775927df43
New changelog entries:
* debian/patches/020120329-be64563-pdfwrite-when-a-charstring-is-not-found-for-a-glyph-use-the-notdef-width-instead-of-0.patch:
The "pdfwrite" output device uses zero and not the width of /.notdef whn
using /.notdef for a glyph not found in an embedded font. This leads to
wrong spacing in a PostScript file missing a space glyph (LP: #960989,
upstream bug #692944).
-
6d8ba3a...
by
Till Kamppeter
on 2012-03-19
-
Import patches-unapplied version 9.05~dfsg-0ubuntu3 to ubuntu/precise
Imported using git-ubuntu import.
Changelog parent: 4a915ad6b9bda053873e8235a5727e86533b7ca9
New changelog entries:
* debian/patches/020120319-d6f83df-ps2write-not3ccitt-option.patch: Added
option to let Ghostscript's "ps2write" output device not compress images
and bitmap glyphs with CCITTFax filter. The CCITTFax decoder in Brother's
PostScript printers is broken (LP: #955553).
-
4a915ad...
by
Till Kamppeter
on 2012-03-07
-
Import patches-unapplied version 9.05~dfsg-0ubuntu2 to ubuntu/precise
Imported using git-ubuntu import.
Changelog parent: 13220f21605c86784395f3822369d10802958fa2
New changelog entries:
* debian/ghostscript-doc.install, debian/ghostscript-doc.doc-base: Install
the Ghostscript documentation into /usr/share/doc/ghostscript-doc instead
of /usr/share/doc/ghostscript (LP: #789235).
* debian/libgs__VER__-common.postinst.in,
debian/libgs__VER__-common.prerm.in: Create a symlink
/usr/share/ghostscript/current to the /usr/share/ghostscript/<version>
directory of the newest installed libgs<version>-common package, to have
version-independent access to the Ghostscript files (LP: #327244).
-
13220f2...
by
Till Kamppeter
on 2012-02-09
-
Import patches-unapplied version 9.05~dfsg-0ubuntu1 to ubuntu/precise
Imported using git-ubuntu import.
Changelog parent: f6d7a31ce23a1fa03fe74f634f9855f14fc07c4e
New changelog entries:
* New upstream release
- Ghostscript 9.05 release, February, 8 2012
- Ghostscript's PDF interpreter is now able to make use of the
DroidSansFallback TrueType font to automatically substitute for
missing CIDFonts. Whilst it is always best to ensure the original
CIDFont is available for the best and most accurate output, the
ability to make an automatic substitution will be valuable for
those merely viewing or proofing such files.
- This release includes support for a proofing ICC profile. The
command option is specified using -sProofProfile=filename. With
this option, the color output will emulate what would be obtained
had the source file been rendered on a device defined by the
proofing profile. (See GS9_Color_Management.pdf for details.)
- This release includes support for a device link ICC profile. The
command option is specified using -sDeviceLinkProfile=filename.
With this option, the device link profile is added to the end of
the link transform from source to destination. In this case, one
can include a command line option like "-sDevice=tiff32nc
-sOutputICCProfile=srgb.icc -sDeviceLinkProfile=linkRGBtoCMYK.icc"
and source colors will be mapped through sRGB and through the
device link profile to CMYK values for the device. (See
GS9_Color_Management.pdf for details.)
- Ghostscript now supports "unmanaged color transformations" for
source DeviceXXX colors (in other words, they use a simplistic
conversion, rather than the ICC profile based color workflow). This
is beneficial in uses where performance takes precedence over
ultimate color fidelity (the command line parameter -dUseFastColor
enables this).
- The font set distributed with Ghostscript has been changed to the
standard 35 Postscript-compatible fonts distributed by URW.
- Ghostscript now includes a simple ink-coverage device, contributed
by Sebastian Kapfer (inkcov).
- The TIFF, JPEG and PNG output devices now support embedding of the
device ICC profile in the output file.
- jbig2dec now has simple halftone region support.
- The ps2write device has had a large number of output quality and
stability improvements.
- The txtwrite output was modified so that it more closely matches
the output from MuPDF, if requested. Note that the algorithms used
by the two products are not identical and may return slightly
differing results (See Devices.htm for details).
* debian/rules: Updated MD5 sum for original source tarball
* debian/symbols.common: Updated for new upstream source. Applied patch
which dpkg-gensymbols generated for debian/libgs9.symbols to this file.
-
f6d7a31...
by
Till Kamppeter
on 2012-02-03
-
Import patches-unapplied version 9.05~dfsg~20120203-0ubuntu1 to ubuntu/precise
Imported using git-ubuntu import.
Changelog parent: 30e3614cee367642d9dab6334dcb334a9668d73d
New changelog entries:
* New upstream release
- GIT snapshot from February, 2 2012.
- Upstream fix for X11 display output device (LP: #925950).
- Additional fix for paper size matching of CUPS Raster output device.
* debian/rules: Reverted changes of last package, problem fixed upstresm.