Format: 1.8 Date: Wed, 06 Jan 2021 12:44:08 -0500 Source: ghostscript Binary: ghostscript ghostscript-x ghostscript-doc libgs9 libgs9-common libgs-dev ghostscript-dbg Architecture: amd64 all Version: 9.26~dfsg+0-0ubuntu0.16.04.14 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati ghostscript-x - interpreter for the PostScript language and for PDF - X11 support libgs-dev - interpreter for the PostScript language and for PDF - Development libgs9 - interpreter for the PostScript language and for PDF - Library libgs9-common - interpreter for the PostScript language and for PDF - common file Changes: ghostscript (9.26~dfsg+0-0ubuntu0.16.04.14) xenial-security; urgency=medium . * SECURITY UPDATE: integer overflow in opj_t1_encode_cblks - debian/patches/CVE-2018-5727.patch: fix UBSAN signed integer overflow in openjpeg/src/lib/openjp2/t1.c. - CVE-2018-5727 * SECURITY UPDATE: heap overflow in opj_t1_clbl_decode_processor - debian/patches/CVE-2020-6851.patch: reject images whose coordinates are beyond INT_MAX in openjpeg/src/lib/openjp2/j2k.c. - CVE-2020-6851 * SECURITY UPDATE: another heap overflow in opj_t1_clbl_decode_processor - debian/patches/CVE-2020-8112.patch: avoid integer overflow in openjpeg/src/lib/openjp2/tcd.c. - CVE-2020-8112 * SECURITY UPDATE: heap-buffer-overflow - debian/patches/CVE-2020-27814-1.patch: grow buffer size in openjpeg/src/lib/openjp2/tcd.c. - debian/patches/CVE-2020-27814-2.patch: grow it again - debian/patches/CVE-2020-27814-3.patch: and some more - debian/patches/CVE-2020-27814-4.patch: bigger, BIGGER!!! - CVE-2020-27814 * SECURITY UPDATE: global-buffer-overflow - debian/patches/CVE-2020-27824.patch: avoid global buffer overflow on irreversible conversion when too many decomposition levels are specified in openjpeg/src/lib/openjp2/dwt.c. - CVE-2020-27824 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27841.patch: add extra checks to openjpeg/src/lib/openjp2/pi.c, openjpeg/src/lib/openjp2/pi.h, openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27841 * SECURITY UPDATE: null pointer dereference - debian/patches/CVE-2020-27842.patch: add check to openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27842 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27843.patch: add check to openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27843 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27845.patch: add extra checks to openjpeg/src/lib/openjp2/pi.c. - CVE-2020-27845 Checksums-Sha1: e913b0ab532f43ae8f2a23c83c84dadd5f6e2c3e 6294240 ghostscript-dbg_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb a0679510faa580d91807acb204d4d5c03577828b 1008 ghostscript-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.ddeb fd6ca75292ede106e3fd521f362aa29c628f7dfa 3439370 ghostscript-doc_9.26~dfsg+0-0ubuntu0.16.04.14_all.deb b5dfde3737cb39b6751dfebd6f4aefe880cd2d82 942 ghostscript-x-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.ddeb 74fa52aed3494d45d688a73679ed759f3675bd2f 43078 ghostscript-x_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb 44c4dd80ac19e3070da52056059b3fee84c874fa 47264 ghostscript_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb 4094b52462f4954391070d2c3f4077df5ad6b051 1004 libgs-dev-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.ddeb fa673294400cb07f913591d8fcdfcd369dcd4ecb 25316 libgs-dev_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb ba3882ac17ac3be5a21557b069938c2d7b3049c8 5096846 libgs9-common_9.26~dfsg+0-0ubuntu0.16.04.14_all.deb e1c45add9bfe679604efb55cbc9cdce61129b68b 986 libgs9-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.ddeb ae3e9df7347e5ddd64247bb5531882556111c17b 2277988 libgs9_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb Checksums-Sha256: 9f7990476a81f6692baaadf4d5b0fcf070b158418ae13fbac8d782b8cf0b6512 6294240 ghostscript-dbg_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb 579d329d71246cfbd38dcaa63639e70e01b43cec86e71f174a04e495d4ffb3ac 1008 ghostscript-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.ddeb 8d7e01453f7783f298f96e8106392c66873a9e5758ad3931c83f74bb2dd5cf2f 3439370 ghostscript-doc_9.26~dfsg+0-0ubuntu0.16.04.14_all.deb 58dc4382d692c364368a6d35bc1504e261a34ed4bb639e7ddf178beb0c26c1af 942 ghostscript-x-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.ddeb 41d1ccb89db55a118b02f31fe611e1a04dae2f5d6e1fc5818e24db5df25d739b 43078 ghostscript-x_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb 36ea939321c8b5c8b6e6cabd79d596164031b9e25b63b7ffbb916e47a5dd472a 47264 ghostscript_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb 552a48ed647a0d5669ad23528c800f0dfb3a7da590ab8bb9b70bfece19ac6dd0 1004 libgs-dev-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.ddeb 026af44d86d9e913634df986545298a56465c7acf3bd69f70f371c6822065c00 25316 libgs-dev_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb 35bd8c04170d76c241d06411b9b2613666f62a15b3610cb8d113ea9cd4a56500 5096846 libgs9-common_9.26~dfsg+0-0ubuntu0.16.04.14_all.deb 9ec19cf5f24e3f2c1932eba62092eebfabe97863461e6081509a97d44698d4c2 986 libgs9-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.ddeb 11d194a7953db5a862896beb3450238d014488968fae2c34e8a003d8f31b3b6d 2277988 libgs9_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb Files: 7d16fd3879e2c67dbbf2c2509672770f 6294240 debug extra ghostscript-dbg_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb 7dafae5ab18b7e62a609ee0d32db5753 1008 text extra ghostscript-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.ddeb 6e3a7e24af457d4ec323d6481a316273 3439370 doc optional ghostscript-doc_9.26~dfsg+0-0ubuntu0.16.04.14_all.deb 48343be0a4d852211df43de88c7745b2 942 text extra ghostscript-x-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.ddeb edd0aa8ccf994eed24e937547e96574c 43078 text optional ghostscript-x_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb c5ad3ebefab262eceb9192d325bce277 47264 text optional ghostscript_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb 2478d40494e52f3becf655e310ae97d5 1004 libdevel extra libgs-dev-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.ddeb d923c161c83a45d664c3c1ceca7a9d82 25316 libdevel optional libgs-dev_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb ada5933f72c86a72aee0036ec6d79af6 5096846 libs optional libgs9-common_9.26~dfsg+0-0ubuntu0.16.04.14_all.deb 079c8cd95c0ada4e84002f3ca70e4b3c 986 libs extra libgs9-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.ddeb 6b1e2f198ef2f6e606eb0f7cacb9e9d3 2277988 libs optional libgs9_9.26~dfsg+0-0ubuntu0.16.04.14_amd64.deb Original-Maintainer: Debian Printing Team