[ubuntu/karmic-security] ghostscript (delayed), ghostscript 8.70.dfsg.1-0ubuntu3.1 (Accepted)

[Ubuntu Installer]

ghostscript (8.70.dfsg.1-0ubuntu3.1) karmic-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    buffer overflow in errprintf function
    - debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
    - CVE-2009-4270
  * SECURITY UPDATE: arbitrary code execution via unlimited recursive
    procedure invocations (LP: #546009)
    - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
      all allocations were successful in psi/ialloc.c, psi/idosave.h,
      psi/isave.c.
    - CVE-2010-1628
  * SECURITY UPDATE: arbitrary code execution via crafted PostScript file
    (LP: #546009)
    - debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
      psi/int.mak, psi/iscan.c, psi/iscan.h.
    - CVE-2010-1869

Date: Fri, 09 Jul 2010 15:04:05 -0400
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-disc...@lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/ghostscript/8.70.dfsg.1-0ubuntu3.1

Format: 1.8
Date: Fri, 09 Jul 2010 15:04:05 -0400
Source: ghostscript
Binary: ghostscript gs gs-esp gs-gpl gs-aladdin gs-common ghostscript-cups 
ghostscript-x gs-esp-x ghostscript-doc libgs8 libgs-dev libgs-esp-dev
Architecture: source
Version: 8.70.dfsg.1-0ubuntu3.1
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-disc...@lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauri...@ubuntu.com>
Description: 
 ghostscript - The GPL Ghostscript PostScript/PDF interpreter
 ghostscript-cups - The GPL Ghostscript PostScript/PDF interpreter - CUPS 
filters
 ghostscript-doc - The GPL Ghostscript PostScript/PDF interpreter - 
Documentation
 ghostscript-x - The GPL Ghostscript PostScript/PDF interpreter - X Display 
suppor
 gs         - Transitional package
 gs-aladdin - Transitional package
 gs-common  - Dummy package depending on ghostscript
 gs-esp     - Transitional package
 gs-esp-x   - Transitional package
 gs-gpl     - Transitional package
 libgs-dev  - The Ghostscript PostScript Library - Development Files
 libgs-esp-dev - Transitional package
 libgs8     - The Ghostscript PostScript/PDF interpreter Library
Changes: 
 ghostscript (8.70.dfsg.1-0ubuntu3.1) karmic-security; urgency=low
 .
   * SECURITY UPDATE: denial of service and possible code execution via
     buffer overflow in errprintf function
     - debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
     - CVE-2009-4270
   * SECURITY UPDATE: arbitrary code execution via unlimited recursive
     procedure invocations (LP: #546009)
     - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
       all allocations were successful in psi/ialloc.c, psi/idosave.h,
       psi/isave.c.
     - CVE-2010-1628
   * SECURITY UPDATE: arbitrary code execution via crafted PostScript file
     (LP: #546009)
     - debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
       psi/int.mak, psi/iscan.c, psi/iscan.h.
     - CVE-2010-1869
Checksums-Sha1: 
 e35e0549fac4a06e4bad9fa735ac84acfd7dbe6f 1831 
ghostscript_8.70.dfsg.1-0ubuntu3.1.dsc
 e09e7e8581817732f506bf6e32070ffc092432a0 120548 
ghostscript_8.70.dfsg.1-0ubuntu3.1.diff.gz
Checksums-Sha256: 
 2e00290b9999161b597be5bf4e99f48ea833181aede347532876022ff5e45787 1831 
ghostscript_8.70.dfsg.1-0ubuntu3.1.dsc
 f64a746066c2eb52e477e13470d4a6ca2789fe2b9893f0ff75ad99728bb47fca 120548 
ghostscript_8.70.dfsg.1-0ubuntu3.1.diff.gz
Files: 
 d5032cc2f67a5d72a6aaf6cc07db4d33 1831 text optional 
ghostscript_8.70.dfsg.1-0ubuntu3.1.dsc
 94b9ce3f6618ffe0115c227a5544b1d5 120548 text optional 
ghostscript_8.70.dfsg.1-0ubuntu3.1.diff.gz
Launchpad-Bugs-Fixed: 546009 546009
Original-Maintainer: Masayuki Hatta (mhatta) <mha...@debian.org>

-- 
Karmic-changes mailing list
Karmic-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/karmic-changes