ubuntu/+source/ghostscript:ubuntu/xenial-proposed

Last commit made on 2018-11-13
Get this branch:
git clone -b ubuntu/xenial-proposed https://git.launchpad.net/ubuntu/+source/ghostscript
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/xenial-proposed
Repository:
lp:ubuntu/+source/ghostscript

Recent commits

7e7ddf4... by Ioanna Alifieraki on 2018-11-12

Import patches-unapplied version 9.25~dfsg+1-0ubuntu0.16.04.3 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 45d6bab34d179fe22199809edeeaef96f35b1b19

New changelog entries:
  * Fix dependency for libgs9-common (LP: #1802958)

45d6bab... by Marc Deslauriers on 2018-10-30

Import patches-unapplied version 9.25~dfsg+1-0ubuntu0.16.04.2 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 3134fe890a3ed4b59974891ac599771c25bc32ed

New changelog entries:
  * SECURITY UPDATE: Multiple security issues
    - debian/patches/0218*.patch: multiple cherry-picked upstream commits
      to fix security issues. Thanks to Jonas Smedegaard for cherry-picking
      these for Debian's 9.25~dfsg-3 package.
    - debian/symbols.common: added new symbol.
    - CVE-2018-17961
    - CVE-2018-18073
    - CVE-2018-18284
  * Fix LeadingEdge regression introduced in 9.22. (LP: #1800062)
    - debian/patches/lp1800062.patch: fix cups get/put_params LeadingEdge
      logic in cups/gdevcups.c.

3134fe8... by Marc Deslauriers on 2018-09-27

Import patches-unapplied version 9.25~dfsg+1-0ubuntu0.16.04.1 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 18afd64d8fa4f5a8f04b850285118051830f69d3

New changelog entries:
  * SECURITY UPDATE: updated to 9.25 to fix multiple security issues
    - Previous security release contained an incomplete fix for
      CVE-2018-16510, and there are many other security fixes and
      improvements that went into the new upstream version without getting
      CVE numbers assigned.
    - CVE-2018-16510
    - CVE-2018-17183
  * Packages changes required for new version:
    - debian/patches/CVE*: removed, included in new version.
    - debian/patches/*: updated from cosmic package.
    - debian/copyright*: updated from cosmic package.
    - debian/rules, debian/libgs-dev.install: remove static library.
    - debian/symbols.common: updated for new version.

18afd64... by Marc Deslauriers on 2018-09-12

Import patches-unapplied version 9.18~dfsg~0-0ubuntu2.9 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 2f6d498271eb322097bdb874a31d97a193235459

New changelog entries:
  * SECURITY UPDATE: Multiple security issues
    - debian/patches/CVE-2018-1*.patch: backport large number of
      upstream security fixes.
    - CVE-2018-11645, CVE-2018-15908, CVE-2018-15909, CVE-2018-15910,
      CVE-2018-15911, CVE-2018-16509, CVE-2018-16511, CVE-2018-16513,
      CVE-2018-16539, CVE-2018-16540, CVE-2018-16541, CVE-2018-16542,
      CVE-2018-16543, CVE-2018-16585, CVE-2018-16802

2f6d498... by Leonidas S. Barbosa on 2018-04-23

Import patches-unapplied version 9.18~dfsg~0-0ubuntu2.8 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: a1e68ff464c4ea8e8aea1e3f7d975819183e8979

New changelog entries:
  * SECURITY UPDATE: Heap-based buffer overflow and application crash
    - debian/patches/CVE-2016-10317.patch: check max_height bounds in
      base/gxht_thresh.c, base/gxipixel.c.
    - CVE-2016-10317
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-10194.patch: avoid infinite number
      in devices/vector/gdevpdts.c.
    - CVE-2018-10194

a1e68ff... by Leonidas S. Barbosa on 2017-08-24

Import patches-unapplied version 9.18~dfsg~0-0ubuntu2.7 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 724b31303b18b2bcb4452dee1d72805d0a15cc05

New changelog entries:
  * SECURITY UPDATE: DoS via crafted files
    - debian/patches/CVE-2017-11714.patch: prevent to reloc
      a freed object in psi/ztoken.c.
    - CVE-2017-11714
  * SECURITY UPDATE: DoS in Artifex Ghostscript
    - debian/patches/CVE-2017-9611.patch: bounds check pointer in
      base/ttinterp.c
    - CVE-2017-9611
  * SECURITY UPDATE: DoS in Artifex Ghostscript
    - debian/patches/CVE-2017-9612.patch: bounds check pointer in
      base/ttinterp.c
    - CVE-2017-9612
  * SECURITY UPDATE: DoS heap-based buffer over-read and crash
    - debian/patches/CVE-2017-9726.patch: bounds check zone pointer
      in base/ttinterp.c.
    - CVE-2017-9726
  * SECURITY UPDATE: DoS heap-based buffer over-read and crash
    - debian/patches/CVE-2017-9727.patch: make bounds check in
      base/gxttfb.c.
    - CVE-2017-9727
  * SECURITY UPDATE: DoS heap-based buffer over-read and crash
    - debian/patches/CVE-2017-9739.patch: bounds check in
      base/ttinterp.c.
    - CVE-2017-9739
  * SECURITY UPDATE: DoS heap-base buffer over-read and crash
    - debian/patches/CVE-2017-9835.patch: bounds check the array
      allocations methods in base/gsalloc.c.
    - CVE-2017-9835

724b313... by Steve Beattie on 2017-05-15

Import patches-unapplied version 9.18~dfsg~0-0ubuntu2.6 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: d7fcb4e02ed9240d68720c0c05be38caad3a79cc

New changelog entries:
  * REGRESSION UPDATE: Fix for CVE-2017-8291 broke pstoedit when using
    DELAYBIND feature (LP: #1687614).
    - debian/patches/CVE-2017-8291-regression.patch: return false rather
      than raise error when .eqproc is called with parameters that are
      not both procedures; correct stack underflow detection.

d7fcb4e... by Steve Beattie on 2017-04-28

Import patches-unapplied version 9.18~dfsg~0-0ubuntu2.4 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 7341439b482b0732836f7bbc11a8be1c4a8821e3

New changelog entries:
  * SECURITY UPDATE: invalid handling of parameters to .eqproc and
    .rsdparams allowed disabling -dSAFER and thus code execution
    - debian/patches/CVE-2017-8291-1.patch: check .eqproc parameters
    - debian/patches/CVE-2017-8291-2.patch: check .rsdparams parameters
    - CVE-2017-8291
  * SECURITY UPDATE: use-after-free in color management module.
    - CVE-2016-10217.patch: Dont create new ctx when pdf14 device
      reenabled
    - CVE-2016-10217
  * SECURITY UPDATE: divide-by-zero error denial of service in
    base/gxfill.c
    - CVE-2016-10219.patch: check for 0 in denominator
    - CVE-2016-10219
  * SECURITY UPDATE: null pointer dereference denial of service
    - CVE-2016-10220.patch: initialize device data structure correctly
    - CVE-2016-10220
  * SECURITY UPDATE: null pointer dereference denial of service
    - CVE-2017-5951.patch: use the correct param list enumerator
    - CVE-2017-5951
  * SECURITY UPDATE: null pointer dereference denial of service
    - CVE-2017-7207.patch: ensure a device has raster memory, before
      trying to read it
    - CVE-2017-7207

7341439... by Emily Ratliff on 2016-12-05

Import patches-unapplied version 9.18~dfsg~0-0ubuntu2.3 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 3f56da94516bb9ff7c3aacaa90863e1976427911

New changelog entries:
  * SECURITY UPDATE: Fix regression introduced by fix for CVE-2013-5653
    (LP: #1647276)
    - debian/patches/CVE-2013-5653-regression.patch

3f56da9... by Emily Ratliff on 2016-11-29

Import patches-unapplied version 9.18~dfsg~0-0ubuntu2.2 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: cfe67c09c30cccc090f4775fb6fcaef7e7d82196

New changelog entries:
  * SECURITY UPDATE: Information disclosure through getenv, filenameforall
    - debian/patches/CVE-2013-5653.patch: Have filenameforall and getenv
      honor SAFER
    - CVE-2013-5653
  * SECURITY UPDATE: userparams with %pipe% in paths allow remote shell exec
    - debian/patches/CVE-2016-7976.patch: Add a file permissions callback
    - CVE-2016-7976
  * SECURITY UPDATE: Improve SAFER permission handling
    - debian/patches/safer.patch: Be rigorous with SAFER permissions
  * SECURITY UPDATE: use-after-free and remote code execution
    - debian/patches/CVE-2016-7978.patch: Reference count device icc profile
    - CVE-2016-7978
  * SECURITY UPDATE: type confusion allows remote code execution
    - debian/patches/CVE-2016-7979.patch: DSC parser - validate parameters
    - CVE-2016-7979
  * SECURITY UPDATE: NULL dereference
    - debian/patches/CVE-2016-8602.patch: check for sufficient params
    - CVE-2016-8602