← Back to branch summary

~ubuntu-branches/debian/squeeze/ghostscript/squeeze

« back to all changes in this revision

Viewing changes to debian/changelog

  • Committer: Bazaar Package Importer
  • Author(s): Nico Golde
  • Date: 2009-04-22 00:19:51 UTC
  • Revision ID: james.westby@ubuntu.com-20090422001951-d4ret0g0hainvwor
Tags: 8.64~dfsg-1+squeeze1
http://bugs.debian.org/524915
http://bugs.debian.org/522416
http://bugs.debian.org/524803
* Non-maintainer upload by the Security Team.
* This update fixes various security issues:
  - CVE-2009-0792: multiple integer overflows in the icc library
    can cause a heap-based buffer overflow possibly leading to arbitray
    code execution.
  - CVE-2009-0584/CVE-2009-0583: Multiple integer overflows causing an
    application crash or possibly arbitrary code execution.
  - CVE-2009-0196: heap-based buffer overflow in big2_decode_symbol_dict()
    leading to arbitrary code execution via a crafted JBIG2 symbol
    dictionary segment.
    .
    (Closes: #524915, #522416, #524803)

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/changelog
 
1
ghostscript (8.64~dfsg-1+squeeze1) testing-security; urgency=high
 
2
 
 
3
  * Non-maintainer upload by the Security Team.
 
4
  * This update fixes various security issues:
 
5
    - CVE-2009-0792: multiple integer overflows in the icc library
 
6
      can cause a heap-based buffer overflow possibly leading to arbitray
 
7
      code execution.
 
8
    - CVE-2009-0584/CVE-2009-0583: Multiple integer overflows causing an
 
9
      application crash or possibly arbitrary code execution.
 
10
    - CVE-2009-0196: heap-based buffer overflow in big2_decode_symbol_dict()
 
11
      leading to arbitrary code execution via a crafted JBIG2 symbol
 
12
      dictionary segment.
 
13
      .
 
14
      (Closes: #524915, #522416, #524803)
 
15
 
 
16
 -- Nico Golde <nion@debian.org>  Wed, 22 Apr 2009 00:19:51 +0200
 
17
 
1
18
ghostscript (8.64~dfsg-1) unstable; urgency=low
2
19
 
3
20
  * New upstream release.