Format: 1.8 Date: Wed, 06 Jan 2021 12:44:08 -0500 Source: ghostscript Binary: ghostscript ghostscript-x ghostscript-doc libgs9 libgs9-common libgs-dev ghostscript-dbg Architecture: arm64 Version: 9.26~dfsg+0-0ubuntu0.16.04.14 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati ghostscript-x - interpreter for the PostScript language and for PDF - X11 support libgs-dev - interpreter for the PostScript language and for PDF - Development libgs9 - interpreter for the PostScript language and for PDF - Library libgs9-common - interpreter for the PostScript language and for PDF - common file Changes: ghostscript (9.26~dfsg+0-0ubuntu0.16.04.14) xenial-security; urgency=medium . * SECURITY UPDATE: integer overflow in opj_t1_encode_cblks - debian/patches/CVE-2018-5727.patch: fix UBSAN signed integer overflow in openjpeg/src/lib/openjp2/t1.c. - CVE-2018-5727 * SECURITY UPDATE: heap overflow in opj_t1_clbl_decode_processor - debian/patches/CVE-2020-6851.patch: reject images whose coordinates are beyond INT_MAX in openjpeg/src/lib/openjp2/j2k.c. - CVE-2020-6851 * SECURITY UPDATE: another heap overflow in opj_t1_clbl_decode_processor - debian/patches/CVE-2020-8112.patch: avoid integer overflow in openjpeg/src/lib/openjp2/tcd.c. - CVE-2020-8112 * SECURITY UPDATE: heap-buffer-overflow - debian/patches/CVE-2020-27814-1.patch: grow buffer size in openjpeg/src/lib/openjp2/tcd.c. - debian/patches/CVE-2020-27814-2.patch: grow it again - debian/patches/CVE-2020-27814-3.patch: and some more - debian/patches/CVE-2020-27814-4.patch: bigger, BIGGER!!! - CVE-2020-27814 * SECURITY UPDATE: global-buffer-overflow - debian/patches/CVE-2020-27824.patch: avoid global buffer overflow on irreversible conversion when too many decomposition levels are specified in openjpeg/src/lib/openjp2/dwt.c. - CVE-2020-27824 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27841.patch: add extra checks to openjpeg/src/lib/openjp2/pi.c, openjpeg/src/lib/openjp2/pi.h, openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27841 * SECURITY UPDATE: null pointer dereference - debian/patches/CVE-2020-27842.patch: add check to openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27842 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27843.patch: add check to openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27843 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27845.patch: add extra checks to openjpeg/src/lib/openjp2/pi.c. - CVE-2020-27845 Checksums-Sha1: e4d4ca90087bef7498657c0f3c850f12c68eeca9 6222134 ghostscript-dbg_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb 3fda88441b12462004fbc21094a13883a519ae2b 1008 ghostscript-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.ddeb 9a1121a2418928996dcb586d4fe4bf82d34102d4 944 ghostscript-x-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.ddeb 314e33dbdf279269a3cfb415286a977407288dd4 38610 ghostscript-x_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb f34f46c1beb156d6163947aaa1e686c39816e754 47072 ghostscript_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb 0e25344b0d7151f8a32c64f988095925fe2d208b 1004 libgs-dev-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.ddeb 7e68947fe56115900b155ddff71aa76f62f9b048 25420 libgs-dev_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb 3efa358f7f6749a95a0ad6638141f54587fde80b 986 libgs9-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.ddeb a000f902ecd003e28f14f3133d84898fe60a03ab 1891118 libgs9_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb Checksums-Sha256: 288b2d6b34e9041ea69d357dd039bbdb7d3b9a9b8367f68ef954fb2208cce553 6222134 ghostscript-dbg_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb 1cdf718c422e0f634cba5e3f014f3f26cad074e907d6e622a2940c4d7be98a60 1008 ghostscript-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.ddeb e8b9fa9ad343b06a7274860cc06436b2b325d83d7e7acb77772970954ff8a783 944 ghostscript-x-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.ddeb 29f5db9d6952939b627ca11fbcf820d3e60bc90e7e4a48bdef2fa07e40f59c7b 38610 ghostscript-x_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb f8f2584db98ebda2818353ce66f1269df4e53185eb1c1b2aa35d976622fbfdc7 47072 ghostscript_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb 0cd78943cd0754f79c56deb3a55873f861dd806b2956f0d1b72bde1702d6da4b 1004 libgs-dev-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.ddeb 9442bff27e018bf6b0f6b76b2ed8c472f11fa54151afaae65f88e520467f3833 25420 libgs-dev_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb b8f381c5de5a8fad86929b1c0173ea4106179580ba889fd2c856e1510af75017 986 libgs9-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.ddeb 8e095e51d111b278b0c3943dd7144f677aaea4fe6d668ce3d4f1cc21cc517705 1891118 libgs9_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb Files: 98e57fa98b71ac38c84be6ab05013486 6222134 debug extra ghostscript-dbg_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb 591cf08c9c9f69a1a799799d68210e23 1008 text extra ghostscript-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.ddeb c21b527600bc299bbc494c5982e8b113 944 text extra ghostscript-x-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.ddeb d208200b9de19e8a7af24d552829e9bb 38610 text optional ghostscript-x_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb 5234951aa397dffb2faff222fd887d93 47072 text optional ghostscript_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb c1b09ab6c38a2e78bddfae0933989572 1004 libdevel extra libgs-dev-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.ddeb b1619f842c41a6aa44763c40974ffe28 25420 libdevel optional libgs-dev_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb 009517ad63a52636cd42562f8862d7ae 986 libs extra libgs9-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.ddeb c72af990b95cd3d71eea8fc4508b6c12 1891118 libs optional libgs9_9.26~dfsg+0-0ubuntu0.16.04.14_arm64.deb Original-Maintainer: Debian Printing Team