Format: 1.8
Date: Thu, 27 Apr 2017 17:38:59 -0700
Source: ghostscript
Binary: ghostscript ghostscript-x ghostscript-doc libgs9 libgs9-common libgs-dev ghostscript-dbg
Architecture: amd64 all
Version: 9.18~dfsg~0-0ubuntu2.4
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-35.buildd>
Changed-By: Steve Beattie <sbeattie@ubuntu.com>
Description:
 ghostscript - interpreter for the PostScript language and for PDF
 ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo
 ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati
 ghostscript-x - interpreter for the PostScript language and for PDF - X11 support
 libgs-dev  - interpreter for the PostScript language and for PDF - Development
 libgs9     - interpreter for the PostScript language and for PDF - Library
 libgs9-common - interpreter for the PostScript language and for PDF - common file
Changes:
 ghostscript (9.18~dfsg~0-0ubuntu2.4) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: invalid handling of parameters to .eqproc and
     .rsdparams allowed disabling -dSAFER and thus code execution
     - debian/patches/CVE-2017-8291-1.patch: check .eqproc parameters
     - debian/patches/CVE-2017-8291-2.patch: check .rsdparams parameters
     - CVE-2017-8291
   * SECURITY UPDATE: use-after-free in color management module.
     - CVE-2016-10217.patch: Dont create new ctx when pdf14 device
       reenabled
     - CVE-2016-10217
   * SECURITY UPDATE: divide-by-zero error denial of service in
     base/gxfill.c
     - CVE-2016-10219.patch: check for 0 in denominator
     - CVE-2016-10219
   * SECURITY UPDATE: null pointer dereference denial of service
     - CVE-2016-10220.patch: initialize device data structure correctly
     - CVE-2016-10220
   * SECURITY UPDATE: null pointer dereference denial of service
     - CVE-2017-5951.patch: use the correct param list enumerator
     - CVE-2017-5951
   * SECURITY UPDATE: null pointer dereference denial of service
     - CVE-2017-7207.patch: ensure a device has raster memory, before
       trying to read it
     - CVE-2017-7207
Checksums-Sha1:
 c0ba0f4c3e72660a0be3b53dfcb69551e39b7a7f 5723298 ghostscript-dbg_9.18~dfsg~0-0ubuntu2.4_amd64.deb
 ac145798c800bca94c2680b5a4d8baba591e635e 1004 ghostscript-dbgsym_9.18~dfsg~0-0ubuntu2.4_amd64.ddeb
 4da9512a101b7d33066a3a9914982f4e9f1ca4a1 5228500 ghostscript-doc_9.18~dfsg~0-0ubuntu2.4_all.deb
 a165e72782c0711ba7736fd6e09d8cd84395ea3f 940 ghostscript-x-dbgsym_9.18~dfsg~0-0ubuntu2.4_amd64.ddeb
 6243df3584310c4e873d0e6bd480180c5ac287f7 34386 ghostscript-x_9.18~dfsg~0-0ubuntu2.4_amd64.deb
 3233fc845a8691a4e2aabdadcf6506be17cd7fd2 40820 ghostscript_9.18~dfsg~0-0ubuntu2.4_amd64.deb
 6b54635e5f4938a74d207e65f4673d65c03dd633 998 libgs-dev-dbgsym_9.18~dfsg~0-0ubuntu2.4_amd64.ddeb
 ff191ceebe12234e5321ac6f49b8b67a277b0c94 2335756 libgs-dev_9.18~dfsg~0-0ubuntu2.4_amd64.deb
 1e7aee0bad191043c3bc59742a9c1acc0972dc45 2981244 libgs9-common_9.18~dfsg~0-0ubuntu2.4_all.deb
 04a3b6df936e38d5f108dc5544d3e370976a0d45 980 libgs9-dbgsym_9.18~dfsg~0-0ubuntu2.4_amd64.ddeb
 d82339ecf15b12f7f4fc7eec16ea665cad0de039 2059004 libgs9_9.18~dfsg~0-0ubuntu2.4_amd64.deb
Checksums-Sha256:
 87266bac72d413e87d21584dbddac9e46c0084108e74284030948c7162f26829 5723298 ghostscript-dbg_9.18~dfsg~0-0ubuntu2.4_amd64.deb
 e717bd5685b3d4bcfc0996cb72bf4d33a353f7228db8e59c1f17e873b0eb989f 1004 ghostscript-dbgsym_9.18~dfsg~0-0ubuntu2.4_amd64.ddeb
 42f48e372c31b402dd93015f89d3e1744fe8aa56c0df0a385f413470c87a6a89 5228500 ghostscript-doc_9.18~dfsg~0-0ubuntu2.4_all.deb
 526254baff5667878b8012c27044ede1a9fb0ce47f18d862c42de6febe88ec23 940 ghostscript-x-dbgsym_9.18~dfsg~0-0ubuntu2.4_amd64.ddeb
 34f66850c4415e78d9f924a5009e3442568ad77a003cdec2cf613835e803c3e2 34386 ghostscript-x_9.18~dfsg~0-0ubuntu2.4_amd64.deb
 96a8ad63f35a8560b55c3f81b9e5f599907ca5b7b4f6e3949808aa2063de8b90 40820 ghostscript_9.18~dfsg~0-0ubuntu2.4_amd64.deb
 7a58b18567e3d6082182bb21b586c1d9be00997b40efe90efd7710305e668487 998 libgs-dev-dbgsym_9.18~dfsg~0-0ubuntu2.4_amd64.ddeb
 a7af63d23e45b62727e04936c9ae47216c020460af4b23b54bb5320ea12eb769 2335756 libgs-dev_9.18~dfsg~0-0ubuntu2.4_amd64.deb
 ee73ba3acfdee6fac643b93b2a6efcacb9d615ea7a8632ebb608277ef527b68b 2981244 libgs9-common_9.18~dfsg~0-0ubuntu2.4_all.deb
 cc9294b543d52e4224c39d6128a626359f898c87ecefffe7e184b7a4d0642209 980 libgs9-dbgsym_9.18~dfsg~0-0ubuntu2.4_amd64.ddeb
 e86641b8d9a0d5ff817deedd9f209c761f7b9ebd119721ab1f845ed5d2be659b 2059004 libgs9_9.18~dfsg~0-0ubuntu2.4_amd64.deb
Files:
 d93fc05dabba69e731a8d1954ff528d4 5723298 debug extra ghostscript-dbg_9.18~dfsg~0-0ubuntu2.4_amd64.deb
 9463e53ba49c76f72958923e50e72538 1004 text extra ghostscript-dbgsym_9.18~dfsg~0-0ubuntu2.4_amd64.ddeb
 8b93d4731ac2a22dbb27df7264206d5f 5228500 doc optional ghostscript-doc_9.18~dfsg~0-0ubuntu2.4_all.deb
 a9d6232180d4e53ecbe7d67ad81de8c9 940 text extra ghostscript-x-dbgsym_9.18~dfsg~0-0ubuntu2.4_amd64.ddeb
 a8acb8fb451359a97029a7be69af0f9c 34386 text optional ghostscript-x_9.18~dfsg~0-0ubuntu2.4_amd64.deb
 abea1a1a5d259d839cb7582ea2161976 40820 text optional ghostscript_9.18~dfsg~0-0ubuntu2.4_amd64.deb
 e1935a9448fdbd211250dc805d755d2b 998 libdevel extra libgs-dev-dbgsym_9.18~dfsg~0-0ubuntu2.4_amd64.ddeb
 838f38b57e1fd93dd38e037db5d9da6c 2335756 libdevel optional libgs-dev_9.18~dfsg~0-0ubuntu2.4_amd64.deb
 4c5c1ea5dff9c5d12f9b1d7106e90cb7 2981244 libs optional libgs9-common_9.18~dfsg~0-0ubuntu2.4_all.deb
 a2574cb187f22b28a83cf14fd9bf8df7 980 libs extra libgs9-dbgsym_9.18~dfsg~0-0ubuntu2.4_amd64.ddeb
 0d797ba79511382db449aeb4b4b42874 2059004 libs optional libgs9_9.18~dfsg~0-0ubuntu2.4_amd64.deb
Original-Maintainer: Debian Printing Team <debian-printing@lists.debian.org>