ghostscript 9.26~dfsg+0-0ubuntu7 source package in Ubuntu

Changelog

ghostscript (9.26~dfsg+0-0ubuntu7) disco; urgency=medium

  * SECURITY UPDATE: superexec operator is available
    - debian/patches/CVE-2019-3835-pre1.patch: Have gs_cet.ps run from
      gs_init.ps in Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps.
    - debian/patches/CVE-2019-3835-pre2.patch: Undef /odef in
      Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps.
    - debian/patches/CVE-2019-3835-1.patch: restrict superexec and remove
      it in Resource/Init/gs_cet.ps, Resource/Init/gs_dps1.ps,
      Resource/Init/gs_fonts.ps, Resource/Init/gs_init.ps,
      Resource/Init/gs_ttf.ps, Resource/Init/gs_type1.ps.
    - debian/patches/CVE-2019-3835-2.patch: obliterate superexec in
      Resource/Init/gs_init.ps, psi/icontext.c, psi/icstate.h,
      psi/zcontrol.c, psi/zdict.c, psi/zgeneric.c.
    - CVE-2019-3835
  * SECURITY UPDATE: forceput in DefineResource is still accessible
    - debian/patches/CVE-2019-3838-1.patch: make a transient proc
      executeonly in Resource/Init/gs_res.ps.
    - debian/patches/CVE-2019-3838-2.patch: an extra transient proc needs
      executeonly in Resource/Init/gs_res.ps.
    - CVE-2019-3838

 -- Marc Deslauriers <email address hidden>  Thu, 21 Mar 2019 13:15:30 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Disco
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
text
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
ghostscript_9.26~dfsg+0.orig.tar.xz 25.8 MiB f13dd2be0499ae47f508d66be4f7a61056674c2ee6ff53d954e84bc634986bd7
ghostscript_9.26~dfsg+0-0ubuntu7.debian.tar.xz 123.1 KiB bb400db2996b328864590559b48540a70fe47fcd315a8bb203258255427743dc
ghostscript_9.26~dfsg+0-0ubuntu7.dsc 2.8 KiB 5e640d242c776e64a15f05f1aef35dfa07f6a862211a9ade36027924aeb82be5

View changes file

Binary packages built by this source

ghostscript: No summary available for ghostscript in ubuntu eoan.

No description available for ghostscript in ubuntu eoan.

ghostscript-dbg: No summary available for ghostscript-dbg in ubuntu disco.

No description available for ghostscript-dbg in ubuntu disco.

ghostscript-doc: No summary available for ghostscript-doc in ubuntu eoan.

No description available for ghostscript-doc in ubuntu eoan.

ghostscript-x: No summary available for ghostscript-x in ubuntu eoan.

No description available for ghostscript-x in ubuntu eoan.

libgs-dev: No summary available for libgs-dev in ubuntu eoan.

No description available for libgs-dev in ubuntu eoan.

libgs9: No summary available for libgs9 in ubuntu eoan.

No description available for libgs9 in ubuntu eoan.

libgs9-common: No summary available for libgs9-common in ubuntu eoan.

No description available for libgs9-common in ubuntu eoan.