Comment 1 for bug 352920

Revision history for this message
Nicola Ferralis (feranick) wrote : Re: Update ghostscript to version 8.61.dfsg.1-1ubuntu3.1

New release in generic hardy fixes several other vulnerabilities

ghostscript (8.61.dfsg.1-1ubuntu3.2) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via buffer underflow in the CCITTFax decoding filter
    - debian/patches/33_CVE-2007-6725.dpatch: work around the buffer
      underflow in src/scfd.c.
    - CVE-2007-6725
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via BaseFont writer module
    - debian/patches/34_CVE-2008-6679.dpatch: increase size of buffer in
      src/gdevpdtb.c.
    - CVE-2008-6679
  * SECURITY UPDATE: possible arbitrary code execution via JBIG2 symbol
    dictionary segments
    - debian/patches/35_CVE-2009-0196.dpatch: validate size of runlength
      in export symbol table in jbig2dec/jbig2_symbol_dict.c.
    - CVE-2009-0196
  * SECURITY UPDATE: denial of service and possible arbitrary code
    execution via integer overflows in icclib
    - debian/patches/36_CVE-2009-0792.dpatch: fix numerous overflows in
      icclib/icc.c.
    - CVE-2009-0792

 -- Marc Deslauriers <email address hidden> Thu, 09 Apr 2009 11:26:12 -0400