Debian Package Tracker

From: Salvatore Bonaccorso <carnil@debian.org>
To: <>
Subject: Accepted ghostscript 9.26a~dfsg-0+deb9u2 (source) into stable->embargoed, stable
Date: Tue, 16 Apr 2019 19:49:33 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 13 Apr 2019 16:40:43 +0200
Source: ghostscript
Architecture: source
Version: 9.26a~dfsg-0+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Debian Printing Team <debian-printing@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 925256 925257
Changes:
 ghostscript (9.26a~dfsg-0+deb9u2) stretch-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Have gs_cet.ps run from gs_init.ps
   * Undef /odef in gs_init.ps
   * Restrict superexec and remove it from internals and gs_cet.ps
     (CVE-2019-3835) (Closes: #925256)
   * Obliterate "superexec". We don't need it, nor do any known apps
     (CVE-2019-3835) (Closes: #925256)
   * Make a transient proc executeonly (in DefineResource) (CVE-2019-3838)
     (Closes: #925257)
   * an extra transient proc needs executeonly'ed (CVE-2019-3838)
     (Closes: #925257)
Checksums-Sha1: 
 a36471ccccfaa5f824feb421b9b8d36a01880ed2 3052 ghostscript_9.26a~dfsg-0+deb9u2.dsc
 64988c4bcb2461931ab91c63de5c3c3c7bb14a07 114608 ghostscript_9.26a~dfsg-0+deb9u2.debian.tar.xz
Checksums-Sha256: 
 f2db945f626273db54377fd2114278e0bedce96310668b6e550b26305ff9d29c 3052 ghostscript_9.26a~dfsg-0+deb9u2.dsc
 83f9bf1932c637733e63e293ed822dff0ea9b47914c743d29725ffc2cee839e8 114608 ghostscript_9.26a~dfsg-0+deb9u2.debian.tar.xz
Files: 
 3eaf5fdf443490ece65b2bf39c69456f 3052 text optional ghostscript_9.26a~dfsg-0+deb9u2.dsc
 be65f72beb08cce7f64abd31998ceb20 114608 text optional ghostscript_9.26a~dfsg-0+deb9u2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlyx+4JfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EQS0P/AnEA56L6SIYVVNp8S2r0ovQSjiB4QID
DxQrBdlSBIkOkCvx7yGZpW/opZsPHGnJrqZSdm+eqUckzMSg/x4sPlAo0JxTwmMU
7mgonXwHioqGVUk8qZ4q27KsiOjbOJETpVf90LuDm7lnLGvRjDqeE5ySehHnys2J
/63RNYzLAj23H+jwVDsQA7DqLVK1KUHKGqABIyPJzVBnvFzoXAAGdGb9/UouiWsC
5g1TARClQrullhcNz2NcK0PLBbhtN1kxx/CyoBgS8itH3jolqUw4zk03Jx6p7F9f
GqP5mHAMoZo9WQBNKnoTr3xV4elUFvxIkPncFfPHpU5315w2K84n50nLGqYy+5k4
VkVB78BuomMyfRlUKZ4YyXPEsWj0GqLZQUOsb7WEx5NzNW9/1Fc8ib0qbij2DSpg
jVAapY/zRB+mjMB7ZmYdT3iVGQrQQEkQBMq0vrXZqnZyj3PuvPmE6AMj7MuQ8R5r
85Hj2Kvn2Ni4Ioxnz4h5grO5XI4cjDvNlrY4tlrpW/WHmAMZe4jEVJo3pbchlXbn
J3bs2AWiI0J/yEnlcQLjIAgv9mQpFIJLAl8OYj6nSL7Y9xzJjGdVngCB6udS35J1
Bv9mEueZ77YFzBxBJNB+nZFuR7EFDFu94HMqLWDhhIod8432dmHl2m9FzM4YjjlP
3nwxgM0ZrQZZ
=tQiH
-----END PGP SIGNATURE-----
News for package ghostscript
