Format: 1.8 Date: Thu, 21 Mar 2019 13:15:30 -0400 Source: ghostscript Binary: ghostscript ghostscript-dbg ghostscript-x libgs-dev libgs9 Architecture: arm64 Version: 9.26~dfsg+0-0ubuntu7 Distribution: disco-proposed Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo ghostscript-x - interpreter for the PostScript language and for PDF - X11 support libgs-dev - interpreter for the PostScript language and for PDF - Development libgs9 - interpreter for the PostScript language and for PDF - Library Changes: ghostscript (9.26~dfsg+0-0ubuntu7) disco; urgency=medium . * SECURITY UPDATE: superexec operator is available - debian/patches/CVE-2019-3835-pre1.patch: Have gs_cet.ps run from gs_init.ps in Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps. - debian/patches/CVE-2019-3835-pre2.patch: Undef /odef in Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps. - debian/patches/CVE-2019-3835-1.patch: restrict superexec and remove it in Resource/Init/gs_cet.ps, Resource/Init/gs_dps1.ps, Resource/Init/gs_fonts.ps, Resource/Init/gs_init.ps, Resource/Init/gs_ttf.ps, Resource/Init/gs_type1.ps. - debian/patches/CVE-2019-3835-2.patch: obliterate superexec in Resource/Init/gs_init.ps, psi/icontext.c, psi/icstate.h, psi/zcontrol.c, psi/zdict.c, psi/zgeneric.c. - CVE-2019-3835 * SECURITY UPDATE: forceput in DefineResource is still accessible - debian/patches/CVE-2019-3838-1.patch: make a transient proc executeonly in Resource/Init/gs_res.ps. - debian/patches/CVE-2019-3838-2.patch: an extra transient proc needs executeonly in Resource/Init/gs_res.ps. - CVE-2019-3838 Checksums-Sha1: 79151cfea703548a85e02d2e2af257b2a5358ce0 14960376 ghostscript-dbg_9.26~dfsg+0-0ubuntu7_arm64.deb a8f3ca557b3cd2d466cd21aea240e2d4cf3bfe6d 41392 ghostscript-x_9.26~dfsg+0-0ubuntu7_arm64.deb 1794078e03158bc4b5270a9b0d122d8174a3f0fd 12263 ghostscript_9.26~dfsg+0-0ubuntu7_arm64.buildinfo e93d6bc5008e92a96c597c5c2bb5afba2db9bdca 51780 ghostscript_9.26~dfsg+0-0ubuntu7_arm64.deb 82e09679a93f75ebc57321590fb0185c04e83045 25516 libgs-dev_9.26~dfsg+0-0ubuntu7_arm64.deb 1f1fdef21d6f68da67added99b39ed25c552c87d 2212568 libgs9_9.26~dfsg+0-0ubuntu7_arm64.deb Checksums-Sha256: cbb4c9686a051c588f35ada86ec093855db17caf51a7b269f4bfb98a979ae6e6 14960376 ghostscript-dbg_9.26~dfsg+0-0ubuntu7_arm64.deb 99402631a9170fe4a58cc5de0c876e5290f901fc8c06399cf80d617b3e288f18 41392 ghostscript-x_9.26~dfsg+0-0ubuntu7_arm64.deb 441ce5915160e8dbc52bead9fdc555586615f3056294e78cac4bf79babbb0c4f 12263 ghostscript_9.26~dfsg+0-0ubuntu7_arm64.buildinfo e33ab17e29a0225c0965d68f0b5c7d103a7147fb9e67d130d1506b2cc97e1f73 51780 ghostscript_9.26~dfsg+0-0ubuntu7_arm64.deb fbf779d5b033a7668cb5c7c24c8ef63397fb903141797be5fd0e9a92a7765c81 25516 libgs-dev_9.26~dfsg+0-0ubuntu7_arm64.deb 74dab6ef86bfcd1505c9b318b63db92be21ba14bcbe5e91820675633990f5459 2212568 libgs9_9.26~dfsg+0-0ubuntu7_arm64.deb Files: cd55fb8d53e4f9560e6ece2388118aa6 14960376 debug extra ghostscript-dbg_9.26~dfsg+0-0ubuntu7_arm64.deb b498b555c1882dc0c44d06f151e4dce7 41392 text optional ghostscript-x_9.26~dfsg+0-0ubuntu7_arm64.deb f1dc7af7d2cd6b1e3331e3d220a4fe30 12263 text optional ghostscript_9.26~dfsg+0-0ubuntu7_arm64.buildinfo 50b2f4b478b3e1ef3928b3535a82a445 51780 text optional ghostscript_9.26~dfsg+0-0ubuntu7_arm64.deb 59bdee5ea9f257aef0553a56b4d17d06 25516 libdevel optional libgs-dev_9.26~dfsg+0-0ubuntu7_arm64.deb 50f36eaaca0e5d2827b1a4fa38b2f24f 2212568 libs optional libgs9_9.26~dfsg+0-0ubuntu7_arm64.deb Original-Maintainer: Debian Printing Team