ghostscript (9.26~dfsg+0-0ubuntu0.14.04.8) trusty-security; urgency=medium
* SECURITY UPDATE: superexec operator is available
- debian/patches/CVE-2019-3835-pre1.patch: Have gs_cet.ps run from
gs_init.ps in Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps.
- debian/patches/CVE-2019-3835-pre2.patch: Undef /odef in
Resource/Init/gs_cet.ps, Resource/Init/gs_init.ps.
- debian/patches/CVE-2019-3835-1.patch: restrict superexec and remove
it in Resource/Init/gs_cet.ps, Resource/Init/gs_dps1.ps,
Resource/Init/gs_fonts.ps, Resource/Init/gs_init.ps,
Resource/Init/gs_ttf.ps, Resource/Init/gs_type1.ps.
- debian/patches/CVE-2019-3835-2.patch: obliterate superexec in
Resource/Init/gs_init.ps, psi/icontext.c, psi/icstate.h,
psi/zcontrol.c, psi/zdict.c, psi/zgeneric.c.
- CVE-2019-3835
* SECURITY UPDATE: forceput in DefineResource is still accessible
- debian/patches/CVE-2019-3838-1.patch: make a transient proc
executeonly in Resource/Init/gs_res.ps.
- debian/patches/CVE-2019-3838-2.patch: an extra transient proc needs
executeonly in Resource/Init/gs_res.ps.
- CVE-2019-3838
Date: 2019-03-19 14:24:14.467842+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.14.04.8
Sorry, changesfile not available.
--
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/trusty-changes
