-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 22 Apr 2009 00:19:51 +0200 Source: ghostscript Binary: ghostscript gs gs-esp gs-gpl gs-aladdin gs-common ghostscript-x ghostscript-doc libgs8 libgs-dev Architecture: source all amd64 Version: 8.64~dfsg-1+squeeze1 Distribution: testing-security Urgency: high Maintainer: Masayuki Hatta (mhatta) <mhatta@debian.org> Changed-By: Nico Golde <nion@debian.org> Description: ghostscript - The GPL Ghostscript PostScript/PDF interpreter ghostscript-doc - The GPL Ghostscript PostScript/PDF interpreter - Documentation ghostscript-x - The GPL Ghostscript PostScript/PDF interpreter - X Display suppor gs - Transitional package gs-aladdin - Transitional package gs-common - Dummy package depending on ghostscript gs-esp - Transitional package gs-gpl - Transitional package libgs-dev - The Ghostscript PostScript Library - Development Files libgs8 - The Ghostscript PostScript/PDF interpreter Library Closes: 522416 524803 524915 Changes: ghostscript (8.64~dfsg-1+squeeze1) testing-security; urgency=high . * Non-maintainer upload by the Security Team. * This update fixes various security issues: - CVE-2009-0792: multiple integer overflows in the icc library can cause a heap-based buffer overflow possibly leading to arbitray code execution. - CVE-2009-0584/CVE-2009-0583: Multiple integer overflows causing an application crash or possibly arbitrary code execution. - CVE-2009-0196: heap-based buffer overflow in big2_decode_symbol_dict() leading to arbitrary code execution via a crafted JBIG2 symbol dictionary segment. . (Closes: #524915, #522416, #524803) Checksums-Sha1: 14f32b8d9f0d6c080fb9ab5b0dbe0c83d452af3e 1686 ghostscript_8.64~dfsg-1+squeeze1.dsc 5bb48646a61d9453e5fa669d229a847136c8a680 11996078 ghostscript_8.64~dfsg.orig.tar.gz 913cbe48f8d931f00968d8be58d56f7222340566 86715 ghostscript_8.64~dfsg-1+squeeze1.diff.gz cb910dc645de359b9f13a8e90ae1ba9a856d911c 30622 gs_8.64~dfsg-1+squeeze1_all.deb 0205d82d28da9eda5b7f75e890a78e6be209b461 30618 gs-esp_8.64~dfsg-1+squeeze1_all.deb 3fcbcb09f962e19874d28f61688b951a1ba56d02 30624 gs-gpl_8.64~dfsg-1+squeeze1_all.deb b0f2a16b66fe5f09412e05db57ac2b43d62bfff4 30630 gs-aladdin_8.64~dfsg-1+squeeze1_all.deb 04b894385452935eebdde7e0b6b8749d481e6781 30884 gs-common_8.64~dfsg-1+squeeze1_all.deb b6365abfbb00d01c9d3b9114f85003a0640101b0 2964652 ghostscript-doc_8.64~dfsg-1+squeeze1_all.deb cdc5cab5ebf97796492541fcf5d39cd180463394 769912 ghostscript_8.64~dfsg-1+squeeze1_amd64.deb f7d778d1f20b7e307119f0616be377b9a096055b 64032 ghostscript-x_8.64~dfsg-1+squeeze1_amd64.deb bffa3343304c13c99a124f0b0b0a9868208039ee 2399554 libgs8_8.64~dfsg-1+squeeze1_amd64.deb f7c3486f9feb13599c6d5c6285e05b0cc88ab208 38320 libgs-dev_8.64~dfsg-1+squeeze1_amd64.deb Checksums-Sha256: c1b0b105c97e6519e799576b77ec122e1398ca68e1f0664ab6f1dd4994cb8fea 1686 ghostscript_8.64~dfsg-1+squeeze1.dsc cc856d33cb781cdc3383b8eb4e0f390997f8359fe144a906b84297b5d377f03d 11996078 ghostscript_8.64~dfsg.orig.tar.gz 56f7f81acef3de7dcd242ff64a762840d59b05f1c16247047dfb6dd11b6a0983 86715 ghostscript_8.64~dfsg-1+squeeze1.diff.gz 879dcaf08ca16d38a3bdbaa6ad825746075045fce6058dc682609bf1d4febc6e 30622 gs_8.64~dfsg-1+squeeze1_all.deb ee6930582ea9e8dc63dad0ea19f665fb557ea212dec2732e1c212a546fdf75e6 30618 gs-esp_8.64~dfsg-1+squeeze1_all.deb 1b47ef59970e8ed3fa8c5b295c85d7778d54260225491a76a53b2c5bb7a03e1e 30624 gs-gpl_8.64~dfsg-1+squeeze1_all.deb 4727d743dec40e284543eb485b747d863fd64a7d5dc4a3b5961988ece54974c2 30630 gs-aladdin_8.64~dfsg-1+squeeze1_all.deb c2a54af4b0f8371a9bd69256f3c360f3b997eab56b7c645443026fdee1dab797 30884 gs-common_8.64~dfsg-1+squeeze1_all.deb d855b88533b6f4f2d8fbd14eb75c8c2e6789e838c7b0fc9a96c2f18bf61b5fd5 2964652 ghostscript-doc_8.64~dfsg-1+squeeze1_all.deb 0220ad7802e7e36bf4b2332bf8e9bdcbba74bc635c2c04757c1b9b2899007543 769912 ghostscript_8.64~dfsg-1+squeeze1_amd64.deb 8fb3d594f4316e64749697a55b11601d8793d891cf8edf89ee8be595ca58f4d5 64032 ghostscript-x_8.64~dfsg-1+squeeze1_amd64.deb 5d0a1eea0c034b170fcdfe71355d79341240f906dd4be3f8cb81b832734cecf2 2399554 libgs8_8.64~dfsg-1+squeeze1_amd64.deb 4e0f12ff40de8f7a333a8f44ead78409822824c6ae96738be86068c121854578 38320 libgs-dev_8.64~dfsg-1+squeeze1_amd64.deb Files: f2487113efaedd0869b033e5dfd49cdd 1686 text optional ghostscript_8.64~dfsg-1+squeeze1.dsc e42706c2409815df5c959484080fd4a3 11996078 text optional ghostscript_8.64~dfsg.orig.tar.gz 8317ffc09f923368e4305f025c6bfcd9 86715 text optional ghostscript_8.64~dfsg-1+squeeze1.diff.gz 9e8022883ec4f35e22ac030fbd79a622 30622 text extra gs_8.64~dfsg-1+squeeze1_all.deb ff1f6644769114b644842cfb2456497f 30618 text extra gs-esp_8.64~dfsg-1+squeeze1_all.deb 12c3bd09877de8c8fc2def9431d82d79 30624 text extra gs-gpl_8.64~dfsg-1+squeeze1_all.deb b295fb9a4d18c3ada094cd259f69cfe9 30630 text extra gs-aladdin_8.64~dfsg-1+squeeze1_all.deb 20e9c0290d09dded49e1e0feccdc3368 30884 text extra gs-common_8.64~dfsg-1+squeeze1_all.deb 10ed6579ecce2302b647bf7df16ef46c 2964652 doc optional ghostscript-doc_8.64~dfsg-1+squeeze1_all.deb 61542d159ad18b46640761470dc85712 769912 text optional ghostscript_8.64~dfsg-1+squeeze1_amd64.deb 9942a8959be5eb58fa12b4e6d2b0635e 64032 text optional ghostscript-x_8.64~dfsg-1+squeeze1_amd64.deb d1b5c3846dac054078fbb2548c216ae0 2399554 libs optional libgs8_8.64~dfsg-1+squeeze1_amd64.deb 15158c213b74cab80a7c30bc4fbdc837 38320 libdevel optional libgs-dev_8.64~dfsg-1+squeeze1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkn0fsgACgkQHYflSXNkfP8SrgCgi6VY5Ec67mZn5zjuXwiAOpnC 5AAAnR7J/I4ycrFr8Xc4gvglnHj7deQ6 =B/Kg -----END PGP SIGNATURE----- Accepted: ghostscript-doc_8.64~dfsg-1+squeeze1_all.deb to pool/main/g/ghostscript/ghostscript-doc_8.64~dfsg-1+squeeze1_all.deb ghostscript-x_8.64~dfsg-1+squeeze1_amd64.deb to pool/main/g/ghostscript/ghostscript-x_8.64~dfsg-1+squeeze1_amd64.deb ghostscript_8.64~dfsg-1+squeeze1.diff.gz to pool/main/g/ghostscript/ghostscript_8.64~dfsg-1+squeeze1.diff.gz ghostscript_8.64~dfsg-1+squeeze1.dsc to pool/main/g/ghostscript/ghostscript_8.64~dfsg-1+squeeze1.dsc ghostscript_8.64~dfsg-1+squeeze1_amd64.deb to pool/main/g/ghostscript/ghostscript_8.64~dfsg-1+squeeze1_amd64.deb gs-aladdin_8.64~dfsg-1+squeeze1_all.deb to pool/main/g/ghostscript/gs-aladdin_8.64~dfsg-1+squeeze1_all.deb gs-common_8.64~dfsg-1+squeeze1_all.deb to pool/main/g/ghostscript/gs-common_8.64~dfsg-1+squeeze1_all.deb gs-esp_8.64~dfsg-1+squeeze1_all.deb to pool/main/g/ghostscript/gs-esp_8.64~dfsg-1+squeeze1_all.deb gs-gpl_8.64~dfsg-1+squeeze1_all.deb to pool/main/g/ghostscript/gs-gpl_8.64~dfsg-1+squeeze1_all.deb gs_8.64~dfsg-1+squeeze1_all.deb to pool/main/g/ghostscript/gs_8.64~dfsg-1+squeeze1_all.deb libgs-dev_8.64~dfsg-1+squeeze1_amd64.deb to pool/main/g/ghostscript/libgs-dev_8.64~dfsg-1+squeeze1_amd64.deb libgs8_8.64~dfsg-1+squeeze1_amd64.deb to pool/main/g/ghostscript/libgs8_8.64~dfsg-1+squeeze1_amd64.deb
