~ubuntu-branches/ubuntu/karmic/ghostscript/karmic-updates

Viewing all changes in revision 62.

  • Committer: Bazaar Package Importer
  • Author(s): Marc Deslauriers
  • Date: 2010-07-09 15:04:05 UTC
  • Revision ID: james.westby@ubuntu.com-20100709150405-g4fqr6sq2lrzbxhg
Tags: 8.70.dfsg.1-0ubuntu3.1
* SECURITY UPDATE: denial of service and possible code execution via
  buffer overflow in errprintf function
  - debian/patches/CVE-2009-4270.dpatch: use vsnprintf in base/gsmisc.c.
  - CVE-2009-4270
* SECURITY UPDATE: arbitrary code execution via unlimited recursive
  procedure invocations (LP: #546009)
  - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
    all allocations were successful in psi/ialloc.c, psi/idosave.h,
    psi/isave.c.
  - CVE-2010-1628
* SECURITY UPDATE: arbitrary code execution via crafted PostScript file
  (LP: #546009)
  - debian/patches/CVE-2010-1869.dpatch: use correct buffer sizes in
    psi/int.mak, psi/iscan.c, psi/iscan.h.
  - CVE-2010-1869

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: