[ubuntu/artful-proposed] ghostscript 9.21~dfsg+1-0ubuntu3 (Accepted)

Leonidas S. Barbosa leo.barbosa at canonical.com
Thu Sep 14 18:20:18 UTC 2017 

ghostscript (9.21~dfsg+1-0ubuntu3) artful; urgency=medium

  * SECURITY UPDATE: DoS via crafted files
    - debian/patches/CVE-2017-11714.patch: prevent to reloc
      a freed object in psi/ztoken.c.
    - CVE-2017-11714
  * SECURITY UPDATE: DoS in Artifex Ghostscript
    - debian/patches/CVE-2017-9611.patch: bounds check pointer in
      base/ttinterp.c
    - CVE-2017-9611
  * SECURITY UPDATE: DoS in Artifex Ghostscript
    - debian/patches/CVE-2017-9612.patch: bounds check pointer in
      base/ttinterp.c
    - CVE-2017-9612
  * SECURITY UPDATE: DoS heap-based buffer over-read and crash
    - debian/patches/CVE-2017-9726.patch: bounds check zone pointer
      in base/ttinterp.c.
    - CVE-2017-9726
  * SECURITY UPDATE: DoS heap-based buffer over-read and crash
    - debian/patches/CVE-2017-9727.patch: make bounds check in
      base/gxttfb.c.
    - CVE-2017-9727
  * SECURITY UPDATE: DoS heap-based buffer over-read and crash
    - debian/patches/CVE-2017-9739.patch: bounds check in
      base/ttinterp.c.
    - CVE-2017-9739
  * SECURITY UPDATE: DoS heap-base buffer over-read and crash
    - debian/patches/CVE-2017-9835.patch: bounds check the array
      allocations methods in base/gsalloc.c.
    - CVE-2017-9835

Date: Thu, 14 Sep 2017 13:48:36 -0400
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/ghostscript/9.21~dfsg+1-0ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 14 Sep 2017 13:48:36 -0400
Source: ghostscript
Binary: ghostscript ghostscript-x ghostscript-doc libgs9 libgs9-common libgs-dev ghostscript-dbg
Architecture: source
Version: 9.21~dfsg+1-0ubuntu3
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Leonidas S. Barbosa <leo.barbosa at canonical.com>
Description:
 ghostscript - interpreter for the PostScript language and for PDF
 ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo
 ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati
 ghostscript-x - interpreter for the PostScript language and for PDF - X11 support
 libgs-dev  - interpreter for the PostScript language and for PDF - Development
 libgs9     - interpreter for the PostScript language and for PDF - Library
 libgs9-common - interpreter for the PostScript language and for PDF - common file
Changes:
 ghostscript (9.21~dfsg+1-0ubuntu3) artful; urgency=medium
 .
   * SECURITY UPDATE: DoS via crafted files
     - debian/patches/CVE-2017-11714.patch: prevent to reloc
       a freed object in psi/ztoken.c.
     - CVE-2017-11714
   * SECURITY UPDATE: DoS in Artifex Ghostscript
     - debian/patches/CVE-2017-9611.patch: bounds check pointer in
       base/ttinterp.c
     - CVE-2017-9611
   * SECURITY UPDATE: DoS in Artifex Ghostscript
     - debian/patches/CVE-2017-9612.patch: bounds check pointer in
       base/ttinterp.c
     - CVE-2017-9612
   * SECURITY UPDATE: DoS heap-based buffer over-read and crash
     - debian/patches/CVE-2017-9726.patch: bounds check zone pointer
       in base/ttinterp.c.
     - CVE-2017-9726
   * SECURITY UPDATE: DoS heap-based buffer over-read and crash
     - debian/patches/CVE-2017-9727.patch: make bounds check in
       base/gxttfb.c.
     - CVE-2017-9727
   * SECURITY UPDATE: DoS heap-based buffer over-read and crash
     - debian/patches/CVE-2017-9739.patch: bounds check in
       base/ttinterp.c.
     - CVE-2017-9739
   * SECURITY UPDATE: DoS heap-base buffer over-read and crash
     - debian/patches/CVE-2017-9835.patch: bounds check the array
       allocations methods in base/gsalloc.c.
     - CVE-2017-9835
Checksums-Sha1:
 0cba8e7223090e0de0b8339143df83bc382da107 2873 ghostscript_9.21~dfsg+1-0ubuntu3.dsc
 91e49d3892a8c281382afcdae8ebe6ca1d3c997c 112212 ghostscript_9.21~dfsg+1-0ubuntu3.debian.tar.xz
 d5e6227e097f52c8d7a79f9c9c81d4d78f12a889 11723 ghostscript_9.21~dfsg+1-0ubuntu3_source.buildinfo
Checksums-Sha256:
 3fbd6003f33c3d4643b9b25e1f4cc7010e3d802524fe3f7650b80ad68c949370 2873 ghostscript_9.21~dfsg+1-0ubuntu3.dsc
 2660fb788ac602d091ae438db6fb91240b97ee0cc06c3b8b93600bd5bb6cf565 112212 ghostscript_9.21~dfsg+1-0ubuntu3.debian.tar.xz
 70076e272f88e06ba72810688d7270dc8f7ea55b341394002ef3ebcbb6b6e480 11723 ghostscript_9.21~dfsg+1-0ubuntu3_source.buildinfo
Files:
 a42222a1c567a9c4b39a0a8382c31f30 2873 text optional ghostscript_9.21~dfsg+1-0ubuntu3.dsc
 2de671cbfc45afe93c7810932829cdd1 112212 text optional ghostscript_9.21~dfsg+1-0ubuntu3.debian.tar.xz
 47e5742d546b761937e614a96ecbf390 11723 text optional ghostscript_9.21~dfsg+1-0ubuntu3_source.buildinfo
Original-Maintainer: Debian Printing Team <debian-printing at lists.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJZusfNAAoJEGVp2FWnRL6Tb3QP/imTZkVx0zXfDDNkEC9s/+1f
4KXXcrWkEZgmM/Lx98Ek0EtvhmITWOrBq22Uc/U6+n+TXwBvqX9gDL5K8LeFpGjv
/LNNiAfIQTxY7kCcxXio0NPMm7uU2OED+abkj3vqnRMTaaXYgWwGsgufSIrbq0t3
kPfq/IuuiFefwkSt+5U1kmUreW4+Gg9VniTXzeyNueUUqnUisHA5ybjnMLoY/qfH
ufZ7Ylp/uL8wqs5XahZpv2seuwaYYnLfvkScOlIv2bCH1Ttq8+2ujZF8l4c5ehhI
4jk8yWE91dktz3xxPf2HdxmaXTaZo7MqQH4iM4hPUkpf9QvSLiOwYYDuNten/eoJ
1v8c9kxG5qOqTG8yDIUVie3TaYLVRlNBBwIW4YdAsEjYfUXyzE0LQscsNlCetFwb
LF5lHw80f1BffqmNE7L28soXIwVkB/8jqq0j6fEQ7DPz+qMzMepg5KYuyMNr1LE/
VMXXd9z+ekoAFrf+4hId7AOCw5zTT8Aw5sizOpHTMhVdar0SiSnaKRsM6Of9K0LD
6eHnIgbVlbhxpgLPUfnlRRaCE/AXP3CbcrWuBH1bve46BMSFxDAz9VJNtd/3NyIe
qV6D75MrSsDKqaV8vaZImwffiBwOGnxTzwRKGkUps7VYGfgpqBkf/9LYZyDYajwq
ec56mnsd0LOYVZxVwr1g
=MdVC
-----END PGP SIGNATURE-----

More information about the Artful-changes mailing list