[ubuntu/karmic-security] ghostscript (delayed), ghostscript 8.70.dfsg.1-0ubuntu3.1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Tue Jul 13 19:03:40 BST 2010
ghostscript (8.70.dfsg.1-0ubuntu3.1) karmic-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
buffer overflow in errprintf function
- debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
- CVE-2009-4270
* SECURITY UPDATE: arbitrary code execution via unlimited recursive
procedure invocations (LP: #546009)
- debian/patches/CVE-2010-1628.dpatch: only initialize structures if
all allocations were successful in psi/ialloc.c, psi/idosave.h,
psi/isave.c.
- CVE-2010-1628
* SECURITY UPDATE: arbitrary code execution via crafted PostScript file
(LP: #546009)
- debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
psi/int.mak, psi/iscan.c, psi/iscan.h.
- CVE-2010-1869
Date: Fri, 09 Jul 2010 15:04:05 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/ghostscript/8.70.dfsg.1-0ubuntu3.1
-------------- next part --------------
Format: 1.8
Date: Fri, 09 Jul 2010 15:04:05 -0400
Source: ghostscript
Binary: ghostscript gs gs-esp gs-gpl gs-aladdin gs-common ghostscript-cups ghostscript-x gs-esp-x ghostscript-doc libgs8 libgs-dev libgs-esp-dev
Architecture: source
Version: 8.70.dfsg.1-0ubuntu3.1
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
ghostscript - The GPL Ghostscript PostScript/PDF interpreter
ghostscript-cups - The GPL Ghostscript PostScript/PDF interpreter - CUPS filters
ghostscript-doc - The GPL Ghostscript PostScript/PDF interpreter - Documentation
ghostscript-x - The GPL Ghostscript PostScript/PDF interpreter - X Display suppor
gs - Transitional package
gs-aladdin - Transitional package
gs-common - Dummy package depending on ghostscript
gs-esp - Transitional package
gs-esp-x - Transitional package
gs-gpl - Transitional package
libgs-dev - The Ghostscript PostScript Library - Development Files
libgs-esp-dev - Transitional package
libgs8 - The Ghostscript PostScript/PDF interpreter Library
Changes:
ghostscript (8.70.dfsg.1-0ubuntu3.1) karmic-security; urgency=low
.
* SECURITY UPDATE: denial of service and possible code execution via
buffer overflow in errprintf function
- debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
- CVE-2009-4270
* SECURITY UPDATE: arbitrary code execution via unlimited recursive
procedure invocations (LP: #546009)
- debian/patches/CVE-2010-1628.dpatch: only initialize structures if
all allocations were successful in psi/ialloc.c, psi/idosave.h,
psi/isave.c.
- CVE-2010-1628
* SECURITY UPDATE: arbitrary code execution via crafted PostScript file
(LP: #546009)
- debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
psi/int.mak, psi/iscan.c, psi/iscan.h.
- CVE-2010-1869
Checksums-Sha1:
e35e0549fac4a06e4bad9fa735ac84acfd7dbe6f 1831 ghostscript_8.70.dfsg.1-0ubuntu3.1.dsc
e09e7e8581817732f506bf6e32070ffc092432a0 120548 ghostscript_8.70.dfsg.1-0ubuntu3.1.diff.gz
Checksums-Sha256:
2e00290b9999161b597be5bf4e99f48ea833181aede347532876022ff5e45787 1831 ghostscript_8.70.dfsg.1-0ubuntu3.1.dsc
f64a746066c2eb52e477e13470d4a6ca2789fe2b9893f0ff75ad99728bb47fca 120548 ghostscript_8.70.dfsg.1-0ubuntu3.1.diff.gz
Files:
d5032cc2f67a5d72a6aaf6cc07db4d33 1831 text optional ghostscript_8.70.dfsg.1-0ubuntu3.1.dsc
94b9ce3f6618ffe0115c227a5544b1d5 120548 text optional ghostscript_8.70.dfsg.1-0ubuntu3.1.diff.gz
Launchpad-Bugs-Fixed: 546009 546009
Original-Maintainer: Masayuki Hatta (mhatta) <mhatta at debian.org>
More information about the Karmic-changes
mailing list