ghostscript 9.55.0~dfsg1-0ubuntu5.9 source package in Ubuntu
Changelog
ghostscript (9.55.0~dfsg1-0ubuntu5.9) jammy-security; urgency=medium
* SECURITY UPDATE: stack-based buffer overflow via long PDF filter name
- debian/patches/CVE-2024-29506.patch: don't allow PDF files with bad
Filters to overflow the debug buffer in pdf/pdf_file.c.
- CVE-2024-29506
* SECURITY UPDATE: heap-based pointer disclosure via constructed BaseFont
name
- debian/patches/CVE-2024-29508.patch: review printing of pointers in
base/gsfont.c, base/gsicc_cache.c, base/gsmalloc.c, base/gxclmem.c,
base/gxcpath.c, base/gxpath.c, base/szlibc.c, devices/gdevupd.c,
devices/vector/gdevpdtb.c, psi/ialloc.c, psi/igc.c, psi/igcstr.c,
psi/iinit.c, psi/imainarg.c, psi/isave.c, psi/iutil.c.
- debian/patches/CVE-2024-29508-2.patch: remove extra arguments in
devices/gdevupd.c.
- CVE-2024-29508
* SECURITY UPDATE: heap-based overflow via PDFPassword with null byte
- debian/patches/CVE-2024-29509.patch: don't use strlen on passwords in
pdf/pdf_sec.c.
- CVE-2024-29509
* SECURITY UPDATE: directory traversal issue via OCRLanguage
- debian/patches/CVE-2024-29511.patch: reject OCRLanguage changes after
SAFER enabled in devices/gdevocr.c, devices/gdevpdfocr.c,
devices/vector/gdevpdfp.c.
- debian/patches/CVE-2024-29511-2.patch: original fix was overly
aggressive in devices/gdevocr.c, devices/gdevpdfocr.c,
devices/vector/gdevpdf.c, devices/vector/gdevpdfp.c.
- debian/libgs9.symbols: mark some symbols as optional.
- CVE-2024-29511
-- Marc Deslauriers <email address hidden> Thu, 11 Jul 2024 12:07:09 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Jammy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- text
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Jammy | updates | main | text | |
| Jammy | security | main | text |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| ghostscript_9.55.0~dfsg1.orig.tar.xz | 51.0 MiB | 7cd410b493b68b8471981f6a3f79f3ed687e9664177d188b290617f921e8052d |
| ghostscript_9.55.0~dfsg1-0ubuntu5.9.debian.tar.xz | 175.9 KiB | 1f7f902d6a53e6e9e256ab3a295263f4552104d37bbbb94128ca002eb01d2658 |
| ghostscript_9.55.0~dfsg1-0ubuntu5.9.dsc | 2.7 KiB | d716e4abc698f2cb37a6fcab1a6d59419ffa7ac867d5ddd7160cd2d46c214ddc |
Available diffs
Binary packages built by this source
- ghostscript: interpreter for the PostScript language and for PDF
GPL Ghostscript is used for PostScript/PDF preview and printing.
Usually as a back-end to a program such as ghostview, it can display
PostScript and PDF documents in an X11 environment.
.
Furthermore, it can render PostScript and PDF files as graphics to be
printed on non-PostScript printers. Supported printers include common
dot-matrix, inkjet and laser models.
- ghostscript-dbgsym: debug symbols for ghostscript
- ghostscript-doc: interpreter for the PostScript language and for PDF - Documentation
GPL Ghostscript is used for PostScript/PDF preview and printing.
Usually as a back-end to a program such as ghostview, it can display
PostScript and PDF documents in an X11 environment.
.
This package contains documentation for GPL Ghostscript, mainly
targeted developers and advanced users.
- ghostscript-x: interpreter for the PostScript language and for PDF - X11 support
GPL Ghostscript is used for PostScript/PDF preview and printing.
Usually as a back-end to a program such as ghostview, it can display
PostScript and PDF documents in an X11 environment.
.
This package contains the GPL Ghostscript output device for X11.
- ghostscript-x-dbgsym: debug symbols for ghostscript-x
- libgs-dev: interpreter for the PostScript language and for PDF - Development Files
GPL Ghostscript is used for PostScript/PDF preview and printing.
Usually as a back-end to a program such as ghostview, it can display
PostScript and PDF documents in an X11 environment.
.
This package provides the development files for the GPL Ghostscript
library which makes the facilities of GPL Ghostscript available to
applications.
- libgs9: interpreter for the PostScript language and for PDF - Library
GPL Ghostscript is used for PostScript/PDF preview and printing.
Usually as a back-end to a program such as ghostview, it can display
PostScript and PDF documents in an X11 environment.
.
This package provides the Ghostscript library which makes the
facilities of GPL Ghostscript available to applications.
- libgs9-common: interpreter for the PostScript language and for PDF - common files
GPL Ghostscript is used for PostScript/PDF preview and printing.
Usually as a back-end to a program such as ghostview, it can display
PostScript and PDF documents in an X11 environment.
.
This package provides common architecture-independent files needed by
the GPL Ghostscript library.
.
By default, GPL Ghostscript uses a font from the fonts-droid package to
approximate glyphs in PDFs for which the requested CJK TrueType font
is missing. If the fonts-droid package is not installed, these glyphs
will be rendered as bullets.
- libgs9-dbgsym: debug symbols for libgs9
