[ubuntu/hardy-security] ghostscript (delayed), ghostscript 8.61.dfsg.1-1ubuntu3.3 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Tue Jul 13 19:04:16 BST 2010
ghostscript (8.61.dfsg.1-1ubuntu3.3) hardy-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via unlimited recursive
procedure invocations (LP: #546009)
- debian/patches/CVE-2010-1628.dpatch: only initialize structures if
all allocations were successful in src/ialloc.c, src/idosave.h,
src/isave.c.
- CVE-2010-1628
* SECURITY UPDATE: arbitrary code execution via crafted PostScript file
(LP: #546009)
- debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
src/int.mak, src/iscan.c, src/iscan.h.
- CVE-2010-1869
* SECURITY UPDATE: arbitrary code execution via long names
- debian/patches/security-long-names.dpatch: check against maximum size
in psi/iscan.c.
- No CVE number yet.
Date: Mon, 12 Jul 2010 12:33:50 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/ghostscript/8.61.dfsg.1-1ubuntu3.3
-------------- next part --------------
Format: 1.7
Date: Mon, 12 Jul 2010 12:33:50 -0400
Source: ghostscript
Binary: ghostscript gs gs-esp gs-gpl gs-aladdin gs-common ghostscript-x gs-esp-x ghostscript-doc libgs8 libgs-dev libgs-esp-dev
Architecture: source
Version: 8.61.dfsg.1-1ubuntu3.3
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
ghostscript - The GPL Ghostscript PostScript/PDF interpreter
ghostscript-doc - The GPL Ghostscript PostScript/PDF interpreter - Documentation
ghostscript-x - The GPL Ghostscript PostScript/PDF interpreter - X Display suppor
gs - Transitional package
gs-aladdin - Transitional package
gs-common - Transitional package
gs-esp - Transitional package
gs-esp-x - Transitional package
gs-gpl - Transitional package
libgs-dev - The Ghostscript PostScript Library - Development Files
libgs-esp-dev - Transitional package
libgs8 - The Ghostscript PostScript/PDF interpreter Library
Launchpad-Bugs-Fixed: 546009 546009
Changes:
ghostscript (8.61.dfsg.1-1ubuntu3.3) hardy-security; urgency=low
.
* SECURITY UPDATE: arbitrary code execution via unlimited recursive
procedure invocations (LP: #546009)
- debian/patches/CVE-2010-1628.dpatch: only initialize structures if
all allocations were successful in src/ialloc.c, src/idosave.h,
src/isave.c.
- CVE-2010-1628
* SECURITY UPDATE: arbitrary code execution via crafted PostScript file
(LP: #546009)
- debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
src/int.mak, src/iscan.c, src/iscan.h.
- CVE-2010-1869
* SECURITY UPDATE: arbitrary code execution via long names
- debian/patches/security-long-names.dpatch: check against maximum size
in psi/iscan.c.
- No CVE number yet.
Files:
47b1e3be761c1bcead5c0cf6a7b70472 1207 text optional ghostscript_8.61.dfsg.1-1ubuntu3.3.dsc
cc2a8073f8e835d8b64735be5eddb2a1 112285 text optional ghostscript_8.61.dfsg.1-1ubuntu3.3.diff.gz
Original-Maintainer: Masayuki Hatta (mhatta) <mhatta at debian.org>
More information about the Hardy-changes
mailing list