[ubuntu/jaunty] ghostscript 8.64.dfsg.1-0ubuntu6 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Fri Mar 27 14:15:13 GMT 2009 

ghostscript (8.64.dfsg.1-0ubuntu6) jaunty; urgency=low

  * SECURITY UPDATE: Arbitrary code execution due to integer overflows and
    insufficient upper-bounds checks in the ICC library
    - debian/patches/38_CVE-2009-0583_0584.dpatch: fix multiple integer
      overflows and perform bounds checking in icclib/icc.c.
    - CVE-2009-0583
    - CVE-2009-0584

Date: Fri, 27 Mar 2009 08:51:14 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/ghostscript/8.64.dfsg.1-0ubuntu6
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 27 Mar 2009 08:51:14 -0400
Source: ghostscript
Binary: ghostscript gs gs-esp gs-gpl gs-aladdin gs-common ghostscript-x gs-esp-x ghostscript-doc libgs8 libgs-dev libgs-esp-dev
Architecture: source
Version: 8.64.dfsg.1-0ubuntu6
Distribution: jaunty
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 ghostscript - The GPL Ghostscript PostScript/PDF interpreter
 ghostscript-doc - The GPL Ghostscript PostScript/PDF interpreter - Documentation
 ghostscript-x - The GPL Ghostscript PostScript/PDF interpreter - X Display suppor
 gs         - Transitional package
 gs-aladdin - Transitional package
 gs-common  - Dummy package depending on ghostscript
 gs-esp     - Transitional package
 gs-esp-x   - Transitional package
 gs-gpl     - Transitional package
 libgs-dev  - The Ghostscript PostScript Library - Development Files
 libgs-esp-dev - Transitional package
 libgs8     - The Ghostscript PostScript/PDF interpreter Library
Changes: 
 ghostscript (8.64.dfsg.1-0ubuntu6) jaunty; urgency=low
 .
   * SECURITY UPDATE: Arbitrary code execution due to integer overflows and
     insufficient upper-bounds checks in the ICC library
     - debian/patches/38_CVE-2009-0583_0584.dpatch: fix multiple integer
       overflows and perform bounds checking in icclib/icc.c.
     - CVE-2009-0583
     - CVE-2009-0584
Checksums-Sha1: 
 8c4837c7ccce07fa04592050b87b2eaef4205e06 1801 ghostscript_8.64.dfsg.1-0ubuntu6.dsc
 11f7038482a34f19d434078b7b69cc4b0801f8ad 51215 ghostscript_8.64.dfsg.1-0ubuntu6.diff.gz
Checksums-Sha256: 
 9ae12daec96bdd14111b284042a0530daa2b2b55393ffcdba780d35d617185f0 1801 ghostscript_8.64.dfsg.1-0ubuntu6.dsc
 55c9b9d30176052519c489b34b001ae6125d6a74807dd7bab2dfcca955722929 51215 ghostscript_8.64.dfsg.1-0ubuntu6.diff.gz
Files: 
 c54acb13f71f475f4f89327e59ef9287 1801 text optional ghostscript_8.64.dfsg.1-0ubuntu6.dsc
 50ac73345cb4b1b884454d7e86d4db1a 51215 text optional ghostscript_8.64.dfsg.1-0ubuntu6.diff.gz
Original-Maintainer: Masayuki Hatta (mhatta) <mhatta at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknM3jUACgkQW0JvuRdL8BrZdQCcCCPdGCYP5Jwg0VEISX/TBJpw
Q0QAn0qTKLTHKqqJTcfSLPDpT5AkLlrx
=B1kK
-----END PGP SIGNATURE-----

More information about the Jaunty-changes mailing list