Format: 1.8 Date: Thu, 27 Apr 2017 16:00:11 -0700 Source: ghostscript Binary: ghostscript ghostscript-x ghostscript-doc libgs9 libgs9-common libgs-dev ghostscript-dbg Architecture: i386 Version: 9.19~dfsg+1-0ubuntu8 Distribution: artful-proposed Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Steve Beattie Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati ghostscript-x - interpreter for the PostScript language and for PDF - X11 support libgs-dev - interpreter for the PostScript language and for PDF - Development libgs9 - interpreter for the PostScript language and for PDF - Library libgs9-common - interpreter for the PostScript language and for PDF - common file Changes: ghostscript (9.19~dfsg+1-0ubuntu8) artful; urgency=medium . * SECURITY UPDATE: invalid handling of parameters to .eqproc and .rsdparams allowed disabling -dSAFER and thus code execution - debian/patches/CVE-2017-8291-1.patch: check .eqproc parameters - debian/patches/CVE-2017-8291-2.patch: check .rsdparams parameters - CVE-2017-8291 * SECURITY UPDATE: use-after-free in color management module. - CVE-2016-10217.patch: Dont create new ctx when pdf14 device reenabled - CVE-2016-10217 * SECURITY UPDATE: divide-by-zero error denial of service in base/gxfill.c - CVE-2016-10219.patch: check for 0 in denominator - CVE-2016-10219 * SECURITY UPDATE: null pointer dereference denial of service - CVE-2016-10220.patch: initialize device data structure correctly - CVE-2016-10220 * SECURITY UPDATE: null pointer dereference denial of service - CVE-2017-5951.patch: use the correct param list enumerator - CVE-2017-5951 * SECURITY UPDATE: null pointer dereference denial of service - CVE-2017-7207.patch: ensure a device has raster memory, before trying to read it - CVE-2017-7207 Checksums-Sha1: d9a461ddf3a9a47369923c026003fcd0734f1a24 11075492 ghostscript-dbg_9.19~dfsg+1-0ubuntu8_i386.deb a136dda79c1732a2e91b8d90e33f95c073369874 44772 ghostscript-x_9.19~dfsg+1-0ubuntu8_i386.deb 901c14c829bc10d93982c62550b560fdad083d7b 13104 ghostscript_9.19~dfsg+1-0ubuntu8_i386.buildinfo 758354aebc5d99fefad503801ed187f8631439e1 50154 ghostscript_9.19~dfsg+1-0ubuntu8_i386.deb 722dc9b84fcfbcd49c5e29cdaa2224357f3994ec 2563048 libgs-dev_9.19~dfsg+1-0ubuntu8_i386.deb 4edb04c828c27e06fb32171e9b5eb7edd537bd7e 2197766 libgs9_9.19~dfsg+1-0ubuntu8_i386.deb Checksums-Sha256: 5ba8fd28c9aeef9a13ddb85d55ed3295c6993199aad15bf37b0c3db15eb24884 11075492 ghostscript-dbg_9.19~dfsg+1-0ubuntu8_i386.deb 145ab9ca8bcdf81e9babb2cedcf8bf6f9bfa22d614acc0b4ca130384e6f6ce34 44772 ghostscript-x_9.19~dfsg+1-0ubuntu8_i386.deb b802ee7cd9eea929572017f4e4e67c625fda130fb3a6e9ebc13236f25c8d848c 13104 ghostscript_9.19~dfsg+1-0ubuntu8_i386.buildinfo fa06bda0eb0c5bcfb89963637e3d05a1263edc6eecffaeb9f8216f6c2d42d65f 50154 ghostscript_9.19~dfsg+1-0ubuntu8_i386.deb cb5f776602796bb2ca6ca1d5b791321669a732259b3739f18a7bc4941fbc8533 2563048 libgs-dev_9.19~dfsg+1-0ubuntu8_i386.deb 54c2c3d713d3aacd9a0f11236f571264c8bb91eda57a779ac4f9a16d5285ac74 2197766 libgs9_9.19~dfsg+1-0ubuntu8_i386.deb Files: b6a0720b9e37fb3db8f4a2ff247379b6 11075492 debug extra ghostscript-dbg_9.19~dfsg+1-0ubuntu8_i386.deb 06168e2cb0156e9f2b0e551b864fd455 44772 text optional ghostscript-x_9.19~dfsg+1-0ubuntu8_i386.deb f55c71bc1353d43d0b75f97d580143b8 13104 text optional ghostscript_9.19~dfsg+1-0ubuntu8_i386.buildinfo 2d540416cbe36109c6b49c9ac32f41c2 50154 text optional ghostscript_9.19~dfsg+1-0ubuntu8_i386.deb a0769a36f54ded0124f461ad43d476ce 2563048 libdevel optional libgs-dev_9.19~dfsg+1-0ubuntu8_i386.deb a0d5004a668cac209374d109772c8f13 2197766 libs optional libgs9_9.19~dfsg+1-0ubuntu8_i386.deb Original-Maintainer: Debian Printing Team