Format: 1.8 Date: Thu, 15 Dec 2016 16:27:43 -0600 Source: ghostscript Binary: ghostscript ghostscript-x ghostscript-doc libgs9 libgs9-common libgs-dev ghostscript-dbg Architecture: amd64 all Version: 9.19~dfsg+1-0ubuntu7.1 Distribution: zesty Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Emily Ratliff Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati ghostscript-x - interpreter for the PostScript language and for PDF - X11 support libgs-dev - interpreter for the PostScript language and for PDF - Development libgs9 - interpreter for the PostScript language and for PDF - Library libgs9-common - interpreter for the PostScript language and for PDF - common file Changes: ghostscript (9.19~dfsg+1-0ubuntu7.1) zesty-security; urgency=medium . * SECURITY UPDATE: Information disclosure through getenv, filenameforall - debian/patches/CVE-2013-5653.patch: Have filenameforall and getenv honor SAFER - CVE-2013-5653 * SECURITY UPDATE: userparams with %pipe% in paths allow remote shell exec - debian/patches/CVE-2016-7976.patch: Add a file permissions callback - CVE-2016-7976 * SECURITY UPDATE: use-after-free and remote code execution - debian/patches/CVE-2016-7978.patch: Reference count device icc profile - CVE-2016-7978 * SECURITY UPDATE: type confusion allows remote code execution - debian/patches/CVE-2016-7979.patch: DSC parser - validate parameters - CVE-2016-7979 * SECURITY UPDATE: NULL dereference - debian/patches/CVE-2016-8602.patch: check for sufficient params - CVE-2016-8602 * SECURITY UPDATE: fix SAFER permissions - debian/patches/CVE-2016-7977.patch: Be rigorous with SAFER permissions - CVE-2016-7977 Checksums-Sha1: b0ea694760d7e17da013be9afe9e854131050028 11878678 ghostscript-dbg_9.19~dfsg+1-0ubuntu7.1_amd64.deb 08582e5903d08e9e1b981dcc30373ff123accba3 1000 ghostscript-dbgsym_9.19~dfsg+1-0ubuntu7.1_amd64.ddeb f45af7d4989dc4cc0f4993a26e090d56228f66cb 5526062 ghostscript-doc_9.19~dfsg+1-0ubuntu7.1_all.deb 13195ae2c01495541c1307a9467019d971deb642 934 ghostscript-x-dbgsym_9.19~dfsg+1-0ubuntu7.1_amd64.ddeb cb4bcd9da414c2ae64d7e492debcf29469025ef6 43262 ghostscript-x_9.19~dfsg+1-0ubuntu7.1_amd64.deb acf0c343541ab371e82e0d1522b468cfbd7cade9 50040 ghostscript_9.19~dfsg+1-0ubuntu7.1_amd64.deb e8968b55e97b51c754f53714105fc2d369524c21 994 libgs-dev-dbgsym_9.19~dfsg+1-0ubuntu7.1_amd64.ddeb 514d8fba2cb5d4b29e552d85d2fce13025e7c48a 2376966 libgs-dev_9.19~dfsg+1-0ubuntu7.1_amd64.deb 67b2ad40656b3b7ef47afc2acbb9d99096d00332 2989120 libgs9-common_9.19~dfsg+1-0ubuntu7.1_all.deb 191f8397c9e19f77647b6b41b8c83542bfff64e0 976 libgs9-dbgsym_9.19~dfsg+1-0ubuntu7.1_amd64.ddeb ae83d20c860d8e255e04f72dd070393e526667db 2100692 libgs9_9.19~dfsg+1-0ubuntu7.1_amd64.deb Checksums-Sha256: 896249923edea550284e45ab92bb1537d0ca4aef73cca16a96a1b225d8ca1696 11878678 ghostscript-dbg_9.19~dfsg+1-0ubuntu7.1_amd64.deb 988bee9f127e577ff880079b2d07aef0bdcf28fe1388c182fa4c5abf958c64df 1000 ghostscript-dbgsym_9.19~dfsg+1-0ubuntu7.1_amd64.ddeb 43f2e253829acfad04ea9044789f087466979ff98b68b261fd402c2ad490db22 5526062 ghostscript-doc_9.19~dfsg+1-0ubuntu7.1_all.deb 46e10c868ff258f4eeca3ae4f6f89f0fdfb09ecdb5f3a189efd126d75fa23941 934 ghostscript-x-dbgsym_9.19~dfsg+1-0ubuntu7.1_amd64.ddeb d2cf587a7a3af9b77d9fb94153a28e809ada8e4c3bb65b7d7b4df4cc34e28465 43262 ghostscript-x_9.19~dfsg+1-0ubuntu7.1_amd64.deb 127e851767ccdc8fd0eb67e613db7fe67da0bcc8530ead6addfb1b8e71cd509b 50040 ghostscript_9.19~dfsg+1-0ubuntu7.1_amd64.deb 09d2cce34dba7d33bf80ddfff75eb7e1085ad99d79e74d4ef6258e7409f45da4 994 libgs-dev-dbgsym_9.19~dfsg+1-0ubuntu7.1_amd64.ddeb 612cfe25261924012cf179747d64b7b2f259e0813a1e64803675f60ac2a003f7 2376966 libgs-dev_9.19~dfsg+1-0ubuntu7.1_amd64.deb 5d5ff04bec4714f25ea9cae2d755943689bbb0b9df0d7320401cd97dca6a009d 2989120 libgs9-common_9.19~dfsg+1-0ubuntu7.1_all.deb 0bc297aa4a18b7fb25d13e1090935e5f954453ce927de6154ad33d48a1a369b6 976 libgs9-dbgsym_9.19~dfsg+1-0ubuntu7.1_amd64.ddeb 21153d424840e9a77d7ea374e18c1c615bbab2bf6d66eb24f8efce4459c076ab 2100692 libgs9_9.19~dfsg+1-0ubuntu7.1_amd64.deb Files: 952060e0fcd5203c4f0f1c8cee26712c 11878678 debug extra ghostscript-dbg_9.19~dfsg+1-0ubuntu7.1_amd64.deb 67237c3a9e20c5168322508569954858 1000 text extra ghostscript-dbgsym_9.19~dfsg+1-0ubuntu7.1_amd64.ddeb b1aba0aed27343e05589ab5abb2920ca 5526062 doc optional ghostscript-doc_9.19~dfsg+1-0ubuntu7.1_all.deb 4bf7ed6909423b930527f43c317cec96 934 text extra ghostscript-x-dbgsym_9.19~dfsg+1-0ubuntu7.1_amd64.ddeb 3a9801dc73f8a133e57454fb760f519c 43262 text optional ghostscript-x_9.19~dfsg+1-0ubuntu7.1_amd64.deb 32a2fd40ea0506e2220f410bb55fd205 50040 text optional ghostscript_9.19~dfsg+1-0ubuntu7.1_amd64.deb e5449c592dcbd19a8c4d463e7a60853f 994 libdevel extra libgs-dev-dbgsym_9.19~dfsg+1-0ubuntu7.1_amd64.ddeb 5854dfcd747c492e362843f5c5796b26 2376966 libdevel optional libgs-dev_9.19~dfsg+1-0ubuntu7.1_amd64.deb 25635288826a6acdf95a30a7854d12a1 2989120 libs optional libgs9-common_9.19~dfsg+1-0ubuntu7.1_all.deb 718364032e4c940606478ce9bb98e4f0 976 libs extra libgs9-dbgsym_9.19~dfsg+1-0ubuntu7.1_amd64.ddeb 49ac0cc03846c1be82845244c1aa243d 2100692 libs optional libgs9_9.19~dfsg+1-0ubuntu7.1_amd64.deb Original-Maintainer: Debian Printing Team