-
ghostscript (9.54.0~dfsg1-0ubuntu2.1) impish-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow in sampled_data_finish
- debian/patches/CVE-2021-45949.patch: fix op stack management in
psi/zfsample.c.
- CVE-2021-45949
-- Marc Deslauriers <email address hidden> Tue, 11 Jan 2022 09:19:13 -0500
-
ghostscript (9.54.0~dfsg1-0ubuntu2) impish; urgency=medium
* SECURITY UPDATE: Trivial -dSAFER bypass
- debian/patches/CVE-2021-3781.patch: include device specifier strings
in access validation in base/gdevpipe.c, base/gp_mshdl.c,
base/gp_msprn.c, base/gp_os2pr.c, base/gslibctx.c.
- CVE-2021-3781
-- Marc Deslauriers <email address hidden> Fri, 10 Sep 2021 07:59:00 -0400
-
ghostscript (9.54.0~dfsg1-0ubuntu1) impish; urgency=medium
* New re-packaging of Ghostscript 9.54.0, keeping the leptonica and
tesseract convenience copies in as they are not in Ubuntu Main. Added
appropriate remark to debian/copyright.
* De-activated the extract library/"docxwrite" device. This did not
build and Debian also seems to not use it. Used the --without-extract-dir
option on ./configure for that.
* "Downgrade" dh_missing from --fail-missing to --list-missing to
avoid FTBFS on non-amd64 from compat 13 on
* Updated debian/libgs9.symbols.
-- Till Kamppeter <email address hidden> Thu, 19 Aug 2021 11:54:46 +0200
-
ghostscript (9.54.0~dfsg-1) experimental; urgency=medium
[ upstream ]
* new release
* update copyright info:
+ exclude comvenience copies
of projects libextract, leptonica, and tesseract
+ update coverage
+ update source helper tool copyright-check:
implement option --merge-licenses
* drop patches cherry-picked upstream since applied
* unfuzz patches
* add patches cherry-picked upstream:
+ improve description of configure.ac option --with-extract-dir
+ fix magic number used in pam device
+ fix MacOS/tesseract build problems on Unix systems
+ work with latest Extract library
+ bounds check name table "string"
+ add some relevant flags to the cups compilation
+ do not lie about emitting Multiple Master fonts in psfwrite
+ add a PassThrough for JPX encoded images to pdfwrite
+ fix missing interior of rectangles (regression in 9.54.0)
+ tweak Leptonica/Tesseract memory allocators
* add patch 1004 to enable DeviceN-related device xcfcmyk
* use debhelper compatibility level 13 (not 12)
-- Jonas Smedegaard <email address hidden> Sun, 18 Jul 2021 15:07:19 +0200
-
ghostscript (9.53.3~dfsg-7) unstable; urgency=medium
* update previous changelog section, add a bug closure.
* update source helper script copyright-check.
* copyright: update coverage
* add patches cherry-picked upstream:
+ re-enable support for opvp/oprp devices;
closes: bug#980971, thanks to Chris Bainbridge
+ parse some types of broken PDFs;
closes: bug#981583, thanks to Rogério Brito
+ fix segfault parsing large Postscript file;
closes: bug#970878, thanks to Paul Gevers, Bernhard Übelacker,
Iustin Pop and Stefano Rivera
* update symbols: 4 private symbols added
-- Jonas Smedegaard <email address hidden> Tue, 02 Feb 2021 14:18:01 +0100