Change logs for ghostscript source package in Impish

  • ghostscript (9.54.0~dfsg1-0ubuntu2.1) impish-security; urgency=medium
    
      * SECURITY UPDATE: heap-based buffer overflow in sampled_data_finish
        - debian/patches/CVE-2021-45949.patch: fix op stack management in
          psi/zfsample.c.
        - CVE-2021-45949
    
     -- Marc Deslauriers <email address hidden>  Tue, 11 Jan 2022 09:19:13 -0500
  • ghostscript (9.54.0~dfsg1-0ubuntu2) impish; urgency=medium
    
      * SECURITY UPDATE: Trivial -dSAFER bypass
        - debian/patches/CVE-2021-3781.patch: include device specifier strings
          in access validation in base/gdevpipe.c, base/gp_mshdl.c,
          base/gp_msprn.c, base/gp_os2pr.c, base/gslibctx.c.
        - CVE-2021-3781
    
     -- Marc Deslauriers <email address hidden>  Fri, 10 Sep 2021 07:59:00 -0400
  • ghostscript (9.54.0~dfsg1-0ubuntu1) impish; urgency=medium
    
      * New re-packaging of Ghostscript 9.54.0, keeping the leptonica and
        tesseract convenience copies in as they are not in Ubuntu Main. Added
        appropriate remark to debian/copyright.
      * De-activated the extract library/"docxwrite" device. This did not
        build and Debian also seems to not use it. Used the --without-extract-dir
        option on ./configure for that.
      * "Downgrade" dh_missing from --fail-missing to --list-missing to
        avoid FTBFS on non-amd64 from compat 13 on
      * Updated debian/libgs9.symbols.
    
     -- Till Kamppeter <email address hidden>  Thu, 19 Aug 2021 11:54:46 +0200
  • ghostscript (9.54.0~dfsg-1) experimental; urgency=medium
    
      [ upstream ]
      * new release
    
      * update copyright info:
        + exclude comvenience copies
          of projects libextract, leptonica, and tesseract
        + update coverage
        + update source helper tool copyright-check:
          implement option --merge-licenses
      * drop patches cherry-picked upstream since applied
      * unfuzz patches
      * add patches cherry-picked upstream:
        + improve description of configure.ac option --with-extract-dir
        + fix magic number used in pam device
        + fix MacOS/tesseract build problems on Unix systems
        + work with latest Extract library
        + bounds check name table "string"
        + add some relevant flags to the cups compilation
        + do not lie about emitting Multiple Master fonts in psfwrite
        + add a PassThrough for JPX encoded images to pdfwrite
        + fix missing interior of rectangles (regression in 9.54.0)
        + tweak Leptonica/Tesseract memory allocators
      * add patch 1004 to enable DeviceN-related device xcfcmyk
      * use debhelper compatibility level 13 (not 12)
    
     -- Jonas Smedegaard <email address hidden>  Sun, 18 Jul 2021 15:07:19 +0200
  • ghostscript (9.53.3~dfsg-7) unstable; urgency=medium
    
      * update previous changelog section, add a bug closure.
      * update source helper script copyright-check.
      * copyright: update coverage
      * add patches cherry-picked upstream:
        + re-enable support for opvp/oprp devices;
          closes: bug#980971, thanks to Chris Bainbridge
        + parse some types of broken PDFs;
          closes: bug#981583, thanks to Rogério Brito
        + fix segfault parsing large Postscript file;
          closes: bug#970878, thanks to Paul Gevers, Bernhard Übelacker,
          Iustin Pop and Stefano Rivera
      * update symbols: 4 private symbols added
    
     -- Jonas Smedegaard <email address hidden>  Tue, 02 Feb 2021 14:18:01 +0100