Format: 1.8 Date: Wed, 06 Jan 2021 12:44:08 -0500 Source: ghostscript Binary: ghostscript ghostscript-x ghostscript-doc libgs9 libgs9-common libgs-dev ghostscript-dbg Architecture: armhf Version: 9.26~dfsg+0-0ubuntu0.16.04.14 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati ghostscript-x - interpreter for the PostScript language and for PDF - X11 support libgs-dev - interpreter for the PostScript language and for PDF - Development libgs9 - interpreter for the PostScript language and for PDF - Library libgs9-common - interpreter for the PostScript language and for PDF - common file Changes: ghostscript (9.26~dfsg+0-0ubuntu0.16.04.14) xenial-security; urgency=medium . * SECURITY UPDATE: integer overflow in opj_t1_encode_cblks - debian/patches/CVE-2018-5727.patch: fix UBSAN signed integer overflow in openjpeg/src/lib/openjp2/t1.c. - CVE-2018-5727 * SECURITY UPDATE: heap overflow in opj_t1_clbl_decode_processor - debian/patches/CVE-2020-6851.patch: reject images whose coordinates are beyond INT_MAX in openjpeg/src/lib/openjp2/j2k.c. - CVE-2020-6851 * SECURITY UPDATE: another heap overflow in opj_t1_clbl_decode_processor - debian/patches/CVE-2020-8112.patch: avoid integer overflow in openjpeg/src/lib/openjp2/tcd.c. - CVE-2020-8112 * SECURITY UPDATE: heap-buffer-overflow - debian/patches/CVE-2020-27814-1.patch: grow buffer size in openjpeg/src/lib/openjp2/tcd.c. - debian/patches/CVE-2020-27814-2.patch: grow it again - debian/patches/CVE-2020-27814-3.patch: and some more - debian/patches/CVE-2020-27814-4.patch: bigger, BIGGER!!! - CVE-2020-27814 * SECURITY UPDATE: global-buffer-overflow - debian/patches/CVE-2020-27824.patch: avoid global buffer overflow on irreversible conversion when too many decomposition levels are specified in openjpeg/src/lib/openjp2/dwt.c. - CVE-2020-27824 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27841.patch: add extra checks to openjpeg/src/lib/openjp2/pi.c, openjpeg/src/lib/openjp2/pi.h, openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27841 * SECURITY UPDATE: null pointer dereference - debian/patches/CVE-2020-27842.patch: add check to openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27842 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27843.patch: add check to openjpeg/src/lib/openjp2/t2.c. - CVE-2020-27843 * SECURITY UPDATE: out-of-bounds read - debian/patches/CVE-2020-27845.patch: add extra checks to openjpeg/src/lib/openjp2/pi.c. - CVE-2020-27845 Checksums-Sha1: 3493d5aec12a9c153a35396e0161d8d199ad25bf 6058516 ghostscript-dbg_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb 515ccd1a1dfa0013dbc4aec0d316af8f6431c7b9 1008 ghostscript-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.ddeb a74114e51537c8cfb7d421f8c1a89b9ba328893f 942 ghostscript-x-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.ddeb 26807a8aab2a3eb19d6903f61a1c6035f9ee71a9 39118 ghostscript-x_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb 4badce56f9b2febea75af688487f26ec44f9f3d3 46920 ghostscript_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb 0450f290879f6ce8e210e5a86d659dbb0e82ab0f 1002 libgs-dev-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.ddeb 8eab9c9c737c7d8a8b1e19bf0916cefb13f79105 25436 libgs-dev_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb 7a8a0236e5f666f79bf3cc1282e02d4b000864e5 986 libgs9-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.ddeb 685ffe91b78957d21d7e173dd7b86d73c4edb58c 1969166 libgs9_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb Checksums-Sha256: a36280d35138142961db8406a3ec6dd1192f28c83ab0ea246aba500162667772 6058516 ghostscript-dbg_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb 02cc85594b96f6e057ef879a617cd800f7f45cf6c65c71e6f0bac2a46667d478 1008 ghostscript-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.ddeb 174659b6ce7bb1a22865ef612dd04fd4c9d361217246cff5717f87dda273406d 942 ghostscript-x-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.ddeb f8056c98815057d5423dacf10d796ccd49b3886a7a66d5e4703c6f9ff195ba41 39118 ghostscript-x_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb 46522bd83df115c8d40214ee7ab58b0da02e355bd50e72f6847e2366591b5834 46920 ghostscript_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb f22be8485250e49c1e4c182c38d9158d1eabfbd85c4e65e729be35b82442df79 1002 libgs-dev-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.ddeb 0cd7d236de9523e761719c7a6851942f5d458fa9889d4a0cf658bdd9e1ad05c3 25436 libgs-dev_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb 12a6ba363e192fa391d42618c1367326724f3a854df65b5107ea7e4bf2ff2cf4 986 libgs9-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.ddeb 495e4b9fa3a7a517a75ee0f3e36946c4c5913c970bf9474f55bce7aa6fb4fc01 1969166 libgs9_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb Files: c629b685060da3dd113c0837433016c1 6058516 debug extra ghostscript-dbg_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb 8f097077d116f7a603ce1db966d6e62e 1008 text extra ghostscript-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.ddeb a9da41610c1bfb81d6420aac80352a16 942 text extra ghostscript-x-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.ddeb 14990e30b2c872f757160912e606dffe 39118 text optional ghostscript-x_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb b1dbc1991ab94f493afad443312cbd82 46920 text optional ghostscript_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb ee551fca4eb362d283fc1e9391866c6f 1002 libdevel extra libgs-dev-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.ddeb e7f55e6bf8967dd9b9b25b59bac780ae 25436 libdevel optional libgs-dev_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb 7f4638c04fcfd5d23bcf64b7431fb3c8 986 libs extra libgs9-dbgsym_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.ddeb 47e2b23916db0cdd5793d06abe182eff 1969166 libs optional libgs9_9.26~dfsg+0-0ubuntu0.16.04.14_armhf.deb Original-Maintainer: Debian Printing Team