-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2010-07-09 15:04:05 UTC
-
Revision ID:
james.westby@ubuntu.com-20100709150405-g4fqr6sq2lrzbxhg
Tags: 8.70.dfsg.1-0ubuntu3.1
* SECURITY UPDATE: denial of service and possible code execution via
buffer overflow in errprintf function
- debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
- CVE-2009-4270
* SECURITY UPDATE: arbitrary code execution via unlimited recursive
procedure invocations (LP: #546009)
- debian/patches/CVE-2010-1628.dpatch: only initialize structures if
all allocations were successful in psi/ialloc.c, psi/idosave.h,
psi/isave.c.
- CVE-2010-1628
* SECURITY UPDATE: arbitrary code execution via crafted PostScript file
(LP: #546009)
- debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
psi/int.mak, psi/iscan.c, psi/iscan.h.
- CVE-2010-1869