-
ghostscript (9.27~dfsg-2+deb10u5) buster-security; urgency=high
* Non-maintainer upload by the Security Team.
* Check stack limits after function evaluation (CVE-2021-45944)
* Fix op stack management in sampled_data_continue() (CVE-2021-45949)
-- Salvatore Bonaccorso <email address hidden> Tue, 04 Jan 2022 16:46:59 +0100
-
ghostscript (9.27~dfsg-2+deb10u4) buster-security; urgency=medium
* CVE-2020-16287 CVE-2020-16288 CVE-2020-16289 CVE-2020-16290
* CVE-2020-16291 CVE-2020-16292 CVE-2020-16293 CVE-2020-16294
* CVE-2020-16295 CVE-2020-16296 CVE-2020-17538 CVE-2020-16297
* CVE-2020-16298 CVE-2020-16299 CVE-2020-16300 CVE-2020-16301
* CVE-2020-16302 CVE-2020-16303 CVE-2020-16304 CVE-2020-16305
* CVE-2020-16306 CVE-2020-16307 CVE-2020-16308 CVE-2020-16309
* CVE-2020-16310
-- Moritz Mühlenhoff <email address hidden> Mon, 24 Aug 2020 17:03:45 +0200
-
ghostscript (9.27~dfsg-2+deb10u3) buster-security; urgency=high
* remove .forceput from /.charkeys (CVE-2019-14869)
-- Salvatore Bonaccorso <email address hidden> Sat, 09 Nov 2019 22:58:27 +0100
-
ghostscript (9.27~dfsg-2+deb10u2) buster-security; urgency=high
* Non-maintainer upload by the Security Team.
* make .forceput inaccessible (CVE-2019-14811, CVE-2019-14812,
CVE-2019-14813)
* PDF interpreter - review .forceput security (CVE-2019-14817)
-- Salvatore Bonaccorso <email address hidden> Mon, 02 Sep 2019 14:36:48 +0200
-
ghostscript (9.27~dfsg-2+deb10u1) buster-security; urgency=high
* Non-maintainer upload by the Security Team.
* protect use of .forceput with executeonly (CVE-2019-10216)
-- Salvatore Bonaccorso <email address hidden> Thu, 08 Aug 2019 06:52:14 +0200
-
ghostscript (9.27~dfsg-2) unstable; urgency=medium
* Add patch cherry-picked upstream
to fix regression resolving bounding box of font glyphs.
Closes: Bug#927429. Thanks to Kenshi Muto.
-- Jonas Smedegaard <email address hidden> Sat, 20 Apr 2019 10:16:50 +0200
-
ghostscript (9.27~dfsg-1) unstable; urgency=high
[ upstream ]
* New release.
Closes: Bug#925256, 925257 (CVE-2019-3835, CVE-2019-3838).
Thanks to Salvatore Bonaccorso.
* Set urgency=high, due to CVE fix.
[ Jonas Smedegaard ]
* Drop patches cherry-picked upstream now applied.
* Unfuzz patches.
* Build-depend versioned on libjbig2dec0-dev
(not unversioned on libjbig2dec-dev).
* Use dpkg-provided snippet
(not additional explicit dpkg-parsechangelog call)
to resolve when build is targeted experimental suite.
* Revert to again split ABI at ~ (not a)."
* Update copyright info: Extend coverage for main upstream author.
* Update testsuite to catch new error message.
* Update symbols:
+ 18 private symbols dropped.
+ 51 private symbols dropped.
-- Jonas Smedegaard <email address hidden> Thu, 04 Apr 2019 20:17:20 +0200
-
ghostscript (9.26a~dfsg-2) unstable; urgency=medium
* Update symbols: 1 private added.
* Add test to check that upstream bug 700317 is fixed,
and a smoketest to check commanline options.
Enable bugchecking and smoketest during build,
and smoketest as autopkgtest.
-- Jonas Smedegaard <email address hidden> Wed, 23 Jan 2019 20:26:09 +0100
-
ghostscript (9.26~dfsg-2) unstable; urgency=high
* Add patches cherry-picked upstream
to fix segfault with certain PDFs with -dLastPage=1.
Closes: Bug#915832. Thanks to Salvatore Bonaccorso.
* Set urgency=high as this is fixes regression in 9.26~dfsg-1.
-- Jonas Smedegaard <email address hidden> Sat, 22 Dec 2018 14:38:38 +0100
-
ghostscript (9.26~dfsg-1) unstable; urgency=high
[ upstream ]
* New security and bugfix release.
[ Jonas Smedegaard ]
* Drop patches cherry-picked upstream now applied.
* Unfuzz patch 2009.
* Set urgency=high due to high potential for security fixes
(beyond those already included as cherry-picked patches).
* Update symbols: 12 private added.
-- Jonas Smedegaard <email address hidden> Wed, 21 Nov 2018 10:27:59 +0100
-
ghostscript (9.25~dfsg-7) unstable; urgency=medium
* drop obsolete preinst migrations.
* Quote variables in package helper update-gsfontmap.
* Fix typos in previous changelog entries.
* Disable parallel building.
Closes: Bug#912847. Thanks to Matthias Klose.
-- Jonas Smedegaard <email address hidden> Sun, 04 Nov 2018 19:01:16 +0100
-
ghostscript (9.25~dfsg-4) unstable; urgency=high
* Re-release with urgency=high, due to CVE fixes.
-- Jonas Smedegaard <email address hidden> Fri, 19 Oct 2018 09:45:03 +0200
-
ghostscript (9.25~dfsg-2) unstable; urgency=high
* Add/correct bug-closures for previous releases 9.25~dfsg-1,
9.25~dfsg-1~exp1, 9.24~~rc2~dfsg-1, 9.21~dfsg-1.
* Set urgency=high due to recent CVE fixes.
-- Jonas Smedegaard <email address hidden> Sat, 15 Sep 2018 14:18:15 +0200
-
ghostscript (9.22~dfsg-2.1) unstable; urgency=medium
* Non-maintainer upload.
* Buffer overflow in fill_threshold_buffer (CVE-2016-10317)
(Closes: #860869)
* pdfwrite - Guard against trying to output an infinite number
(CVE-2018-10194) (Closes: #896069)
-- Salvatore Bonaccorso <email address hidden> Fri, 20 Apr 2018 12:28:29 +0200
-
ghostscript (9.22~dfsg-2) unstable; urgency=medium
* Update Vcs-* fields for the move to salsa.d.o
-- Didier Raboud <email address hidden> Sat, 10 Feb 2018 17:41:31 +0100
-
ghostscript (9.22~dfsg-1) unstable; urgency=medium
[ upstream ]
* New release.
Highlights:
+ Ghostscript can now consume and produce (via the pdfwrite device)
PDF 2.0 compliant files.
+ The main focus of this release has been security and code
cleanliness. Hence many AddressSanitizer, Valgrind and Coverity
issues have been addressed.
+ The usual round of bug fixes, compatibility changes, and
incremental improvements.
[ Jonas Smedegaard ]
* Update copyright info:
+ Update paths of files to strip from upstream source.
+ Stop strip ConvertUTF files when repackaging upstream source: No
longer included upstream.
* Update watch file: Use substitution strings.
* Update package relations:
+ Relax to build-depend unversioned on liblcms2-dev d-shlibs cdbs:
Needed versions satisfied even in oldstable
* Tighten lintian overrides regarding License-Reference.
* Use https protocol for upstream Homepage.
* Declare compliance with Debian Policy 4.1.1.
* Drop patches applied upstream.
* Unfuzz patches.
* Update symbols file.
-- Jonas Smedegaard <email address hidden> Wed, 04 Oct 2017 17:13:06 +0200
-
ghostscript (9.21~dfsg-1) unstable; urgency=medium
[ upstream ]
* New release.
Highlights:
+ pdfwrite preserves annotations from input PDFs where possible.
+ GhostXPS pass required data to pdfwrite to emit a ToUnicode CMap,
resulting in fully searchable PDFs created from XPS in most cases.
+ Allow default color space for PDF transparency blends.
+ Improved support for cross-compiling in configure script.
+ tiffscaled and tiffscaled4 supports ETS (Even Tone Screening).
+ toolbin/pdf_info.ps utility emits PDF XML metadata.
+ New scan converter, more performant with large and complex paths.
[ Jonas Smedegaard ]
* Modernize cdbs:
+ Do copyright-check in maintainer script (not during build).
* Avoid compressing pdf documentation.
* Revive git-ignore file, lost importing NMUs.
* Update watch file: Fix track releases (not tags).
* Update copyright info:
+ Fix update main Files section to include all directory wildcards
declared in root LICENSE file.
+ Stop track files no longer shipped upstream.
+ Add copyright holder Raph Levien.
+ Extend coverage for main upstream author.
+ Use https protocol in format string.
* Update patches:
+ Drop patches applied upstream.
+ Normalize patch names.
+ Tidy DEP3 patch headers.
+ Add patch cherry-picked upstream to fix the shared openjpeg build.
+ Add patch cherry-picked upstream to fix shared lib build with
openjpeg >= 2.1.1, replacing patch 1001.
* Update package relations:
+ Relax build-dependency on cdbs.
+ Stop build-depend on licensecheck libregexp-assemble-perl
libimage-exiftool-perl libfont-ttf-perl.
* Relax symbols check when targeting experimental.
* Update symbols: 16 dropped. 37 added.
* Declare compliance with Debian Policy 4.0.0.
-- Jonas Smedegaard <email address hidden> Mon, 19 Jun 2017 19:19:55 +0200