-
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.14) xenial-security; urgency=medium
* SECURITY UPDATE: integer overflow in opj_t1_encode_cblks
- debian/patches/CVE-2018-5727.patch: fix UBSAN signed integer overflow
in openjpeg/src/lib/openjp2/t1.c.
- CVE-2018-5727
* SECURITY UPDATE: heap overflow in opj_t1_clbl_decode_processor
- debian/patches/CVE-2020-6851.patch: reject images whose
coordinates are beyond INT_MAX in openjpeg/src/lib/openjp2/j2k.c.
- CVE-2020-6851
* SECURITY UPDATE: another heap overflow in opj_t1_clbl_decode_processor
- debian/patches/CVE-2020-8112.patch: avoid integer overflow in
openjpeg/src/lib/openjp2/tcd.c.
- CVE-2020-8112
* SECURITY UPDATE: heap-buffer-overflow
- debian/patches/CVE-2020-27814-1.patch: grow buffer size in
openjpeg/src/lib/openjp2/tcd.c.
- debian/patches/CVE-2020-27814-2.patch: grow it again
- debian/patches/CVE-2020-27814-3.patch: and some more
- debian/patches/CVE-2020-27814-4.patch: bigger, BIGGER!!!
- CVE-2020-27814
* SECURITY UPDATE: global-buffer-overflow
- debian/patches/CVE-2020-27824.patch: avoid global buffer overflow on
irreversible conversion when too many decomposition levels are
specified in openjpeg/src/lib/openjp2/dwt.c.
- CVE-2020-27824
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2020-27841.patch: add extra checks to
openjpeg/src/lib/openjp2/pi.c, openjpeg/src/lib/openjp2/pi.h,
openjpeg/src/lib/openjp2/t2.c.
- CVE-2020-27841
* SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2020-27842.patch: add check to
openjpeg/src/lib/openjp2/t2.c.
- CVE-2020-27842
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2020-27843.patch: add check to
openjpeg/src/lib/openjp2/t2.c.
- CVE-2020-27843
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2020-27845.patch: add extra checks to
openjpeg/src/lib/openjp2/pi.c.
- CVE-2020-27845
-- Marc Deslauriers <email address hidden> Wed, 06 Jan 2021 12:44:08 -0500
-
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.13) xenial-security; urgency=medium
* SECURITY UPDATE: Multiple security issues
- debian/patches/CVE-2020-16*.patch: backport multiple upstream commits
to fix various security issues.
- CVE-2020-16287, CVE-2020-16288, CVE-2020-16289, CVE-2020-16290,
CVE-2020-16291, CVE-2020-16292, CVE-2020-16293, CVE-2020-16294,
CVE-2020-16295, CVE-2020-16296, CVE-2020-16297, CVE-2020-16298,
CVE-2020-16299, CVE-2020-16300, CVE-2020-16301, CVE-2020-16302,
CVE-2020-16303, CVE-2020-16304, CVE-2020-16305, CVE-2020-16306,
CVE-2020-16307, CVE-2020-16308, CVE-2020-16309, CVE-2020-16310,
CVE-2020-17538
-- Marc Deslauriers <email address hidden> Fri, 21 Aug 2020 13:16:34 -0400
-
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.12) xenial-security; urgency=medium
* SECURITY UPDATE: '-dSAFER' restrictions bypass by .forceput when
loading fonts
- debian/patches/CVE-2019-14869.patch: remove use of .forceput in
Resource/Init/gs_ttf.ps.
- CVE-2019-14869
-- Marc Deslauriers <email address hidden> Wed, 06 Nov 2019 10:46:55 -0500
-
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.11) xenial-security; urgency=medium
* SECURITY UPDATE: '-dSAFER' restrictions bypass by .forceput
Exposures
- debian/patches/CVE-2019-14811-CVE-2019-14812-CVE-2019-14813.patch:
Be more defensive by preventing access to .forceput from
.setuserparams2.
- CVE-2019-14811
- CVE-2019-14812
- CVE-2019-14813
- debian/patches/CVE-2019-14817.patch: mark more uses of .forceput
as execteonly
- CVE-2019-14817
-- Steve Beattie <email address hidden> Tue, 27 Aug 2019 22:43:23 -0700
-
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.10) xenial-security; urgency=medium
* SECURITY UPDATE: `-dSAFER` restrictions bypass
- debian/patches/CVE-2019-10216.patch: protect use of .forceput
with executeonly
- CVE-2019-10216
-- Steve Beattie <email address hidden> Thu, 08 Aug 2019 21:25:51 -0700
-
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.9) xenial-security; urgency=medium
* SECURITY UPDATE: code execution vulnerability
- debian/patches/CVE-2019-3839-1.patch: hide pdfdict and GS_PDF_ProcSet
in Resource/Init/pdf_base.ps, Resource/Init/pdf_draw.ps,
Resource/Init/pdf_font.ps, Resource/Init/pdf_main.ps,
Resource/Init/pdf_ops.ps, Resource/Init/pdf_sec.ps.
- debian/patches/CVE-2019-3839-2.patch: fix lib/pdf2dsc.ps to use
documented Ghostscript pdf procedures in lib/pdf2dsc.ps.
- CVE-2019-3839
-- Marc Deslauriers <email address hidden> Tue, 07 May 2019 12:48:37 -0400
-
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.8) xenial-security; urgency=medium
* SECURITY UPDATE: superexec operator is available
- debian/patches/CVE-2019-3835-pre1.patch: Have gs_cet.ps run from
gs_init.ps in Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps.
- debian/patches/CVE-2019-3835-pre2.patch: Undef /odef in
Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps.
- debian/patches/CVE-2019-3835-1.patch: restrict superexec and remove
it in Resource/Init/gs_cet.ps, Resource/Init/gs_dps1.ps,
Resource/Init/gs_fonts.ps, Resource/Init/gs_init.ps,
Resource/Init/gs_ttf.ps, Resource/Init/gs_type1.ps.
- debian/patches/CVE-2019-3835-2.patch: obliterate superexec in
Resource/Init/gs_init.ps, psi/icontext.c, psi/icstate.h,
psi/zcontrol.c, psi/zdict.c, psi/zgeneric.c.
- CVE-2019-3835
* SECURITY UPDATE: forceput in DefineResource is still accessible
- debian/patches/CVE-2019-3838-1.patch: make a transient proc
executeonly in Resource/Init/gs_res.ps.
- debian/patches/CVE-2019-3838-2.patch: an extra transient proc needs
executeonly in Resource/Init/gs_res.ps.
- CVE-2019-3838
-- Marc Deslauriers <email address hidden> Tue, 19 Mar 2019 09:03:50 -0400
-
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.7) xenial-security; urgency=medium
* SECURITY REGRESSION: High RIP_MAX_CACHE makes cups output device fail,
second fix attempt. (LP: #1815339)
- debian/patches/lp1815339.patch: re-enable.
- debian/patches/lp1815339-2.patch: properly map RGBW color space in
cups/gdevcups.c.
-- Marc Deslauriers <email address hidden> Mon, 25 Feb 2019 09:40:51 -0500
-
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.6) xenial-security; urgency=medium
* SECURITY REGRESSION: Ghostscript update causes blue background
(LP: #1817308)
- disable debian/patches/lp1815339.patch
-- Chris Coulson <email address hidden> Sat, 23 Feb 2019 06:56:54 +0100
-
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.5) xenial-security; urgency=medium
* SECURITY REGRESSION: High RIP_MAX_CACHE makes cups output device fail
(LP: #1815339)
- debian/patches/lp1815339.patch: fix logic in cups/gdevcups.c.
* debian/symbols.common: add new symbol missing in previous update.
-- Marc Deslauriers <email address hidden> Wed, 20 Feb 2019 11:46:24 +0100
-
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.4) xenial-security; urgency=medium
* SECURITY UPDATE: code execution vulnerability
- debian/patches/CVE-2019-6116.patch: address .force* operators
exposure in Resource/Init/gs_diskn.ps, Resource/Init/gs_dps1.ps,
Resource/Init/gs_fntem.ps, Resource/Init/gs_fonts.ps,
Resource/Init/gs_init.ps, Resource/Init/gs_lev2.ps,
Resource/Init/gs_pdfwr.ps, Resource/Init/gs_res.ps,
Resource/Init/gs_setpd.ps, Resource/Init/pdf_base.ps,
Resource/Init/pdf_draw.ps, Resource/Init/pdf_font.ps,
Resource/Init/pdf_main.ps, Resource/Init/pdf_ops.ps,
psi/int.mak, psi/interp.c, psi/istack.c, psi/istack.h.
- CVE-2019-6116
-- Marc Deslauriers <email address hidden> Wed, 16 Jan 2019 10:53:06 -0500
-
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.3) xenial-security; urgency=medium
* SECURITY REGRESSION: multiple regressions (LP: #1806517)
- debian/patches/020181126-96c381c*.patch: fix duplex issue.
- debian/patches/020181205-fae21f16*.patch: fix -dFirstPage and
-dLastPage issue.
-- Marc Deslauriers <email address hidden> Thu, 06 Dec 2018 07:17:51 -0500
-
ghostscript (9.26~dfsg+0-0ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: Updated to 9.26 to fix multiple security issues
- CVE-2018-19409
- CVE-2018-19475
- CVE-2018-19476
- CVE-2018-19477
* Removed patches included in new version:
- debian/patches/0218*.patch
- debian/patches/lp1800062.patch
* debian/symbols.common: updated for new version.
-- Marc Deslauriers <email address hidden> Wed, 28 Nov 2018 08:35:43 -0500
-
ghostscript (9.25~dfsg+1-0ubuntu0.16.04.3) xenial; urgency=medium
* Fix dependency for libgs9-common (LP: #1802958)
-- Ioanna Alifieraki <email address hidden> Mon, 12 Nov 2018 18:05:22 +0000
-
ghostscript (9.25~dfsg+1-0ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: Multiple security issues
- debian/patches/0218*.patch: multiple cherry-picked upstream commits
to fix security issues. Thanks to Jonas Smedegaard for cherry-picking
these for Debian's 9.25~dfsg-3 package.
- debian/symbols.common: added new symbol.
- CVE-2018-17961
- CVE-2018-18073
- CVE-2018-18284
* Fix LeadingEdge regression introduced in 9.22. (LP: #1800062)
- debian/patches/lp1800062.patch: fix cups get/put_params LeadingEdge
logic in cups/gdevcups.c.
-- Marc Deslauriers <email address hidden> Tue, 30 Oct 2018 09:04:39 -0400
-
ghostscript (9.25~dfsg+1-0ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: updated to 9.25 to fix multiple security issues
- Previous security release contained an incomplete fix for
CVE-2018-16510, and there are many other security fixes and
improvements that went into the new upstream version without getting
CVE numbers assigned.
- CVE-2018-16510
- CVE-2018-17183
* Packages changes required for new version:
- debian/patches/CVE*: removed, included in new version.
- debian/patches/*: updated from cosmic package.
- debian/copyright*: updated from cosmic package.
- debian/rules, debian/libgs-dev.install: remove static library.
- debian/symbols.common: updated for new version.
-- Marc Deslauriers <email address hidden> Thu, 27 Sep 2018 08:16:57 -0400
-
ghostscript (9.18~dfsg~0-0ubuntu2.9) xenial-security; urgency=medium
* SECURITY UPDATE: Multiple security issues
- debian/patches/CVE-2018-1*.patch: backport large number of
upstream security fixes.
- CVE-2018-11645, CVE-2018-15908, CVE-2018-15909, CVE-2018-15910,
CVE-2018-15911, CVE-2018-16509, CVE-2018-16511, CVE-2018-16513,
CVE-2018-16539, CVE-2018-16540, CVE-2018-16541, CVE-2018-16542,
CVE-2018-16543, CVE-2018-16585, CVE-2018-16802
-- Marc Deslauriers <email address hidden> Wed, 12 Sep 2018 11:00:10 -0400
-
ghostscript (9.18~dfsg~0-0ubuntu2.8) xenial-security; urgency=medium
* SECURITY UPDATE: Heap-based buffer overflow and application crash
- debian/patches/CVE-2016-10317.patch: check max_height bounds in
base/gxht_thresh.c, base/gxipixel.c.
- CVE-2016-10317
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2018-10194.patch: avoid infinite number
in devices/vector/gdevpdts.c.
- CVE-2018-10194
-- <email address hidden> (Leonidas S. Barbosa) Mon, 23 Apr 2018 15:40:08 -0300
-
ghostscript (9.18~dfsg~0-0ubuntu2.7) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via crafted files
- debian/patches/CVE-2017-11714.patch: prevent to reloc
a freed object in psi/ztoken.c.
- CVE-2017-11714
* SECURITY UPDATE: DoS in Artifex Ghostscript
- debian/patches/CVE-2017-9611.patch: bounds check pointer in
base/ttinterp.c
- CVE-2017-9611
* SECURITY UPDATE: DoS in Artifex Ghostscript
- debian/patches/CVE-2017-9612.patch: bounds check pointer in
base/ttinterp.c
- CVE-2017-9612
* SECURITY UPDATE: DoS heap-based buffer over-read and crash
- debian/patches/CVE-2017-9726.patch: bounds check zone pointer
in base/ttinterp.c.
- CVE-2017-9726
* SECURITY UPDATE: DoS heap-based buffer over-read and crash
- debian/patches/CVE-2017-9727.patch: make bounds check in
base/gxttfb.c.
- CVE-2017-9727
* SECURITY UPDATE: DoS heap-based buffer over-read and crash
- debian/patches/CVE-2017-9739.patch: bounds check in
base/ttinterp.c.
- CVE-2017-9739
* SECURITY UPDATE: DoS heap-base buffer over-read and crash
- debian/patches/CVE-2017-9835.patch: bounds check the array
allocations methods in base/gsalloc.c.
- CVE-2017-9835
-- <email address hidden> (Leonidas S. Barbosa) Thu, 24 Aug 2017 17:41:06 -0300
-
ghostscript (9.18~dfsg~0-0ubuntu2.6) xenial-security; urgency=medium
* REGRESSION UPDATE: Fix for CVE-2017-8291 broke pstoedit when using
DELAYBIND feature (LP: #1687614).
- debian/patches/CVE-2017-8291-regression.patch: return false rather
than raise error when .eqproc is called with parameters that are
not both procedures; correct stack underflow detection.
-- Steve Beattie <email address hidden> Mon, 15 May 2017 15:15:23 -0700
-
ghostscript (9.18~dfsg~0-0ubuntu2.4) xenial-security; urgency=medium
* SECURITY UPDATE: invalid handling of parameters to .eqproc and
.rsdparams allowed disabling -dSAFER and thus code execution
- debian/patches/CVE-2017-8291-1.patch: check .eqproc parameters
- debian/patches/CVE-2017-8291-2.patch: check .rsdparams parameters
- CVE-2017-8291
* SECURITY UPDATE: use-after-free in color management module.
- CVE-2016-10217.patch: Dont create new ctx when pdf14 device
reenabled
- CVE-2016-10217
* SECURITY UPDATE: divide-by-zero error denial of service in
base/gxfill.c
- CVE-2016-10219.patch: check for 0 in denominator
- CVE-2016-10219
* SECURITY UPDATE: null pointer dereference denial of service
- CVE-2016-10220.patch: initialize device data structure correctly
- CVE-2016-10220
* SECURITY UPDATE: null pointer dereference denial of service
- CVE-2017-5951.patch: use the correct param list enumerator
- CVE-2017-5951
* SECURITY UPDATE: null pointer dereference denial of service
- CVE-2017-7207.patch: ensure a device has raster memory, before
trying to read it
- CVE-2017-7207
-- Steve Beattie <email address hidden> Thu, 27 Apr 2017 17:38:59 -0700
-
ghostscript (9.18~dfsg~0-0ubuntu2.3) xenial-security; urgency=medium
* SECURITY UPDATE: Fix regression introduced by fix for CVE-2013-5653
(LP: #1647276)
- debian/patches/CVE-2013-5653-regression.patch
-- Emily Ratliff <email address hidden> Mon, 05 Dec 2016 11:16:41 -0600
-
ghostscript (9.18~dfsg~0-0ubuntu2.2) xenial-security; urgency=medium
* SECURITY UPDATE: Information disclosure through getenv, filenameforall
- debian/patches/CVE-2013-5653.patch: Have filenameforall and getenv
honor SAFER
- CVE-2013-5653
* SECURITY UPDATE: userparams with %pipe% in paths allow remote shell exec
- debian/patches/CVE-2016-7976.patch: Add a file permissions callback
- CVE-2016-7976
* SECURITY UPDATE: Improve SAFER permission handling
- debian/patches/safer.patch: Be rigorous with SAFER permissions
* SECURITY UPDATE: use-after-free and remote code execution
- debian/patches/CVE-2016-7978.patch: Reference count device icc profile
- CVE-2016-7978
* SECURITY UPDATE: type confusion allows remote code execution
- debian/patches/CVE-2016-7979.patch: DSC parser - validate parameters
- CVE-2016-7979
* SECURITY UPDATE: NULL dereference
- debian/patches/CVE-2016-8602.patch: check for sufficient params
- CVE-2016-8602
-- Emily Ratliff <email address hidden> Tue, 29 Nov 2016 15:48:57 -0600
-
ghostscript (9.18~dfsg~0-0ubuntu2) xenial; urgency=medium
* Backport change from Debian
"Add patch cherry-picked upstream to fix add gserrors.h to the
installed files for the so-install target."
-- Sebastien Bacher <email address hidden> Mon, 29 Feb 2016 11:35:03 +0100
-
ghostscript (9.18~dfsg~0-0ubuntu1) xenial; urgency=medium
* New upstream release
- Ghostscript 9.18
- A new method of internally inserting devices into the device chain has
been developed, named "device subclassing". This allows suitably
written devices to be more easily and consistently as "filter" devices.
The first fruit of this is a new implementation of the
"-dFirstPage"/"-dLastPage" feature which functions a device filter in
the Ghostscript graphics library, meaning it works consistently with
all input languages.
- Plus the usual round of bug fixes, compatibility changes, and incremental
improvements.
* 020150523_d73a342_gdevcups_support_color_spaces_18_19_20.patch,
020150724_0c0b085_sanity_check_for_memory_allocation.patch: Removed,
included upstream.
* 2001_docdir_fix_for_debian.patch,
1002_pxl-make-dicctransform-default.patch: Refreshed with quilt.
* debian/symbols.common: Updated for new upstream source. Applied patch
which dpkg-gensymbols generated for debian/libgs9.symbols to this file.
-- Till Kamppeter <email address hidden> Fri, 12 Feb 2016 19:29:28 -0200
-
ghostscript (9.16~dfsg~0-0ubuntu4) xenial; urgency=medium
* Multiarchify the library packages.
-- Matthias Klose <email address hidden> Wed, 27 Jan 2016 23:10:38 +0100
-
ghostscript (9.16~dfsg~0-0ubuntu3) wily; urgency=medium
* debian/rules: Demote texlive-lang-cjk from Recommends: to Suggests:
as it pulls in a large amount of unneeded packages (LP: #1449875).
-- Till Kamppeter <email address hidden> Sat, 19 Sep 2015 13:51:09 -0300
