-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 28 Apr 2017 06:50:05 +0200 Source: ghostscript Binary: ghostscript ghostscript-x ghostscript-doc libgs9 libgs9-common libgs-dev ghostscript-dbg Architecture: all source Version: 9.20~dfsg-3.1 Distribution: unstable Urgency: high Maintainer: Debian Printing Team <debian-printing@lists.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Closes: 859662 859666 859694 859696 861295 Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati ghostscript-x - interpreter for the PostScript language and for PDF - X11 support libgs-dev - interpreter for the PostScript language and for PDF - Development libgs9 - interpreter for the PostScript language and for PDF - Library libgs9-common - interpreter for the PostScript language and for PDF - common file Changes: ghostscript (9.20~dfsg-3.1) unstable; urgency=high . * Non-maintainer upload. * -dSAFER bypass and remote command execution via a "/OutputFile (%pipe%" substring (CVE-2017-8291) (Closes: #861295) * use the correct param list enumerator (CVE-2017-5951) (Closes: #859696) * fix crash with bad data supplied to makeimagedevice (CVE-2016-10220) (Closes: #859694) * Avoid divide by 0 in scan conversion code (CVE-2016-10219) (Closes: #859666) * Dont create new ctx when pdf14 device reenabled (CVE-2016-10217) (Closes: #859662) Checksums-Sha1: 27beb46933666fd84a822dc2f11043dd9816582e 3025 ghostscript_9.20~dfsg-3.1.dsc ff6c9d1f36d0f4baff2f1fca1bfdbe36f2cadf75 114264 ghostscript_9.20~dfsg-3.1.debian.tar.xz 38aba5ecd413b0fe8d6f233de1987b18ee43edbb 5630604 ghostscript-doc_9.20~dfsg-3.1_all.deb fd085947763beac463eb617ef0c19458bdf40f86 5160310 libgs9-common_9.20~dfsg-3.1_all.deb Checksums-Sha256: 7eea1566d95e1970a46635aee3ff6d8cc528907bb0ff3815df7d5430e5bc9158 3025 ghostscript_9.20~dfsg-3.1.dsc d1d7e8f06ada9ec035e7f8394f9a52b793619cb1d11aaa03fa87b3caeee5ccc1 114264 ghostscript_9.20~dfsg-3.1.debian.tar.xz 9463f519c4fd20eabcecd9fbd5801fca7376f32ce1ca4946acbd5133d1e6be25 5630604 ghostscript-doc_9.20~dfsg-3.1_all.deb 975eb0dee2daec3abec78a5a711a266e62c097f022bd311c81eec482021469f8 5160310 libgs9-common_9.20~dfsg-3.1_all.deb Files: e175a069819fb9b4427d067224117197 3025 text optional ghostscript_9.20~dfsg-3.1.dsc 0c1e846432225a349fc8c2468782e348 114264 text optional ghostscript_9.20~dfsg-3.1.debian.tar.xz 58c815ac983e543243491b7868dbb1fc 5630604 doc optional ghostscript-doc_9.20~dfsg-3.1_all.deb 553fdff0bcc31e300f5c935379b2cecf 5160310 libs optional libgs9-common_9.20~dfsg-3.1_all.deb -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlkCzw9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EvcIP/2pqibgJm2OGBXZg/D4AfLfufCIlLz2e mGWTBipJa1zcWX42jQ57bsKaQ2va7C2FFOTwDUumOKlo/TqwOmYV3irwqr2I3ihI ILvE7CzgLf/Rfaem6BuCqUtRU0oop58iFHHp93XYvJ7wlklh6Lz7bvkzowp6ca0H 20BF4trrm9eLuT8aiPyogmvqer63IGpIgG1SbuZUE9AB0i4NgsvUZkrPd5CQN73v ctYGACXejCIU/YF6QvmFT1i0joeideS1dNJRrxesY7f2S5cSEbEh7pueiCV9vf15 tE+iRZ7W+NoeTJwHgh5bDYL71mCCfPeD3CtSGcVqVWCVw10IP2yD8OnU8ie030cX oslYjp3XIDtaaxzfF+MIEz7ha6hM1FQOxtQAMJhdHM9PGY0baJf0+dwa/YF/n/mO WRAguwFnPV5cQYcyqPV1tHUkdSdQsCFu+gZfIb7SEK/b3RV8PfqdDnzSOr53V31Q dyzhDp28lGHgymCkY19gl9WHszKWumj3OddBc6Kk9q7UHpeKmkMK9R7PYBoZUKqL YD54sgg0tAByfyJT/wzJpkS5F4L2Z2kfyCiOCfv1bVMp1IEJy/3+iZdmm9sIl5y2 5JtyQ3rocStOHnodpIf9Ni+L9RFAmQa2xeAwRfyPsKnGY8fvdy9FumSrBXJlNyi6 5RSYeXgZB7Pm =D0ON -----END PGP SIGNATURE-----
