ghostscript 10.01.2~dfsg1-0ubuntu2.3 source package in Ubuntu
Changelog
ghostscript (10.01.2~dfsg1-0ubuntu2.3) mantic-security; urgency=medium
* SECURITY UPDATE: Policy bypass via improperly checked eexec seed
- debian/patches/CVE-2023-52722.patch: Prevent eexec seeds other than
Type 1 standard when SAFER mode is used in zmisc1.c.
- CVE-2023-52722
* SECURITY UPDATE: Arbitrary code execution via uniprint device
- debian/patches/CVE-2024-29510.patch: Prevent changes to uniprint device
argument strings after SAFER is activated in gdevupd.c.
- CVE-2024-29510
* SECURITY UPDATE: Path traversal and arbitrary code execution via improperly
checked path arguments
- debian/patches/CVE-2024-33869-part1.patch: Check that a current working
directory specifier is valid before stripping it from gpmisc.c.
- debian/patches/CVE-2024-33869-part2.patch: Check that a current working
directory specifier is valid before stripping it from gpmisc.c.
- CVE-2024-33869
* SECURITY UPDATE: Path traversal via improperly checked path arguments
- debian/patches/CVE-2024-33870.patch: Add a check for parent directory
prefixes when handling relative paths in gpmisc.c.
- CVE-2024-33870
* SECURITY UPDATE: Arbitrary code execution via custom driver library
- debian/patches/CVE-2024-33871.patch: Prevent changes to parameter that
specifies the names of dynamic libraries to be loaded by the opvp/oprp
device in gdevopvp.c
- CVE-2024-33871
-- Chris Kim <email address hidden> Mon, 03 Jun 2024 14:47:09 -0700
Upload details
- Uploaded by:
- Chris Kim
- Uploaded to:
- Mantic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- text
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Mantic | updates | main | text | |
| Mantic | security | main | text |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| ghostscript_10.01.2~dfsg1.orig.tar.xz | 51.6 MiB | c283d6799a424593c680b3addfaf1c5aeccc898f256d4157dc0e6b6b2ea5a792 |
| ghostscript_10.01.2~dfsg1-0ubuntu2.3.debian.tar.xz | 87.8 KiB | 29bbe2d62e336271beffcd3ed9d85c8e60e5999bbe25c40a44a99131925f81c3 |
| ghostscript_10.01.2~dfsg1-0ubuntu2.3.dsc | 2.9 KiB | 973ab89126519adb6a35889c5b63dc5ccfffeec6bc274b82c67ab24b09fc8f3a |
Available diffs
Binary packages built by this source
- ghostscript: interpreter for the PostScript language and for PDF
GPL Ghostscript is used for PostScript/PDF preview and printing.
Usually as a back-end to a program such as ghostview,
it can display PostScript and PDF documents in an X11 environment.
.
Furthermore, it can render PostScript and PDF files as graphics
to be printed on non-PostScript printers.
Supported printers include common dot-matrix, inkjet and laser models.
- ghostscript-dbgsym: debug symbols for ghostscript
- ghostscript-doc: interpreter for the PostScript language and for PDF - Documentation
GPL Ghostscript is used for PostScript/PDF preview and printing.
Usually as a back-end to a program such as ghostview,
it can display PostScript and PDF documents in an X11 environment.
.
This package contains documentation for GPL Ghostscript,
mainly targeted developers and advanced users.
- ghostscript-x: transitional package for ghostscript
This is a transitional package and can safely be removed.
- libgs-common: interpreter for the PostScript language and for PDF - ICC profiles
GPL Ghostscript is used for PostScript/PDF preview and printing.
Usually as a back-end to a program such as ghostview,
it can display PostScript and PDF documents in an X11 environment.
.
This package provides common ICC profiles.
- libgs-dev: interpreter for the PostScript language and for PDF - Development Files
GPL Ghostscript is used for PostScript/PDF preview and printing.
Usually as a back-end to a program such as ghostview,
it can display PostScript and PDF documents in an X11 environment.
.
This package provides the development files
for the GPL Ghostscript library
which makes the facilities of GPL Ghostscript available
to applications.
- libgs10: interpreter for the PostScript language and for PDF - Library
GPL Ghostscript is used for PostScript/PDF preview and printing.
Usually as a back-end to a program such as ghostview,
it can display PostScript and PDF documents in an X11 environment.
.
This package provides the Ghostscript library
which makes the facilities of GPL Ghostscript available
to applications.
- libgs10-common: interpreter for the PostScript language and for PDF - common files
GPL Ghostscript is used for PostScript/PDF preview and printing.
Usually as a back-end to a program such as ghostview,
it can display PostScript and PDF documents in an X11 environment.
.
This package provides common architecture-independent files
needed by the GPL Ghostscript library.
.
By default, GPL Ghostscript uses a font from the fonts-droid package
to approximate glyphs in PDFs
for which the requested CJK TrueType font is missing.
If the fonts-droid package is not installed,
these glyphs will be rendered as bullets.
- libgs10-dbgsym: debug symbols for libgs10
- libgs9-common: transitional package for libgs-common
This is a transitional package and can safely be removed.
