Bug#862779: marked as done (ghostscript: Regression caused by CVE-2017-8291 fix: breaks pstoedit when using DELAYBIND feature)
Your message dated Mon, 22 May 2017 04:52:01 +0000
with message-id <E1dCfK5-0009Oe-L9@fasolo.debian.org>
and subject line Bug#862779: fixed in ghostscript 9.20~dfsg-3.2
has caused the Debian Bug report #862779,
regarding ghostscript: Regression caused by CVE-2017-8291 fix: breaks pstoedit when using DELAYBIND feature
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
862779: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862779
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: ghostscript
Version: 9.20~dfsg-3.1
Severity: serious
Tags: patch security upstream fixed-upstream
Justification: regression
Forwarded: https://bugs.ghostscript.com/show_bug.cgi?id=697846
Hi
The update in unstable for ghostscript breaks pstoedit when using
DELAYBIND feature.
Details: https://bugs.ghostscript.com/show_bug.cgi?id=697846
and originally reported in Ubuntu as:
https://bugs.launchpad.net/ubuntu/+source/ghostscript/+bug/1687614
Fix:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=57f20719
AFAICT, this does only apply to stretch/sid, but not to jessie (but
needs another review).
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: ghostscript
Source-Version: 9.20~dfsg-3.2
We believe that the bug you reported is fixed in the latest version of
ghostscript, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 862779@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated ghostscript package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 21 May 2017 19:22:52 +0200
Source: ghostscript
Binary: ghostscript ghostscript-x ghostscript-doc libgs9 libgs9-common libgs-dev ghostscript-dbg
Architecture: all source
Version: 9.20~dfsg-3.2
Distribution: unstable
Urgency: medium
Maintainer: Debian Printing Team <debian-printing@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 862779
Description:
ghostscript - interpreter for the PostScript language and for PDF
ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo
ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati
ghostscript-x - interpreter for the PostScript language and for PDF - X11 support
libgs-dev - interpreter for the PostScript language and for PDF - Development
libgs9 - interpreter for the PostScript language and for PDF - Library
libgs9-common - interpreter for the PostScript language and for PDF - common file
Changes:
ghostscript (9.20~dfsg-3.2) unstable; urgency=medium
.
* Non-maintainer upload.
* Fix regression introduced by CVE-2017-8291 fix.
When using the "DELAYBIND" feature, it turns out that .eqproc can be
called with parameters that are not both procedures. In this case, it
turns out, the expectation is for the operator to return 'false', rather
than throw an error. (Closes: #862779)
Checksums-Sha1:
0111dc68b8aadf5731af9a6c801b36cd3913877e 3025 ghostscript_9.20~dfsg-3.2.dsc
0097eed242272f15179d4e13164361a3f5dd41d4 114764 ghostscript_9.20~dfsg-3.2.debian.tar.xz
4bf1f1c7ee145ba7e2332c5715286e929e097c4f 5630748 ghostscript-doc_9.20~dfsg-3.2_all.deb
cabf46530c6b4f9b48faf52045aa9ce32f25ab99 5161338 libgs9-common_9.20~dfsg-3.2_all.deb
Checksums-Sha256:
63ae72900c52a47304a7991d86c9d715f92cc0153eaa9343d89911ecdb6d6e35 3025 ghostscript_9.20~dfsg-3.2.dsc
9d1ab7534bd9a3eb31ac89f775a45f23e991f459d67c3ea17c4038f64eaf5148 114764 ghostscript_9.20~dfsg-3.2.debian.tar.xz
fc94d3a5264e14a127eda829963f9686863fffdb4a8d25ffffd9c63eeaa83e1f 5630748 ghostscript-doc_9.20~dfsg-3.2_all.deb
2e9a9e2c6536dc8698653569db6c5cfb828a6bcbee8aa9ac22ea87ef577d5eaf 5161338 libgs9-common_9.20~dfsg-3.2_all.deb
Files:
53dbb3548f2dbcd2dbfa0f380c424d9f 3025 text optional ghostscript_9.20~dfsg-3.2.dsc
73bd9ae6f72391cb39daae1abcc4ab91 114764 text optional ghostscript_9.20~dfsg-3.2.debian.tar.xz
b9ed2fa87fc57e557bb076a2771907db 5630748 doc optional ghostscript-doc_9.20~dfsg-3.2_all.deb
0efa7dabe401d1b97027224e93a0a68f 5161338 libs optional libgs9-common_9.20~dfsg-3.2_all.deb
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlkh0BJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EtlwP/3j/2yiZOUEFDGB74972+BAs1m/ro7Rx
FUcSAtXXCnb26wXLrx60dxzb5txR+tCKgEPn/knlnCkF1G3ylyNdgUJmRTavK7GK
ZAV00M4+p8/GWyE3yjXPHTHRv7jxYZjxfnq5QQ3o9f3NecTpzolHk9d0FK7SOS28
vnz1uR7NkEJtXuXYlGHNYS6plQVgptDtQXvSS2QEvpC8A6MtI731QncS17y8Jg3u
05V2N8ziL/SJjb0TUP41K3dczHCSRJ2mGhtJd64roAjQSQufiVg9HsqigZHtn67e
Ah3GDH38E9YJwjvNlbv/TNHPS+4K/u1UEPN40wO4tRhfTbDAzFX3Hz9xhQ8qq63Q
9YA3FGbtySjtd9TggMAEaC3mthWwPcqnJ++ZbFpAO6uqrO4knTMIrf9A6zeU/OPy
LsVNTvd0V8rxlEV0+HS3ngjXUn0QoGM0eMg9FzJkX19ahGJNPsVGMge41HjE0kFS
7iJYVuLFiy6mwluKmYp2vfADhmt+loeDoWL2YoWv6gT1/bTI70l9NEegpcClVURe
nGz2r7EuzaDQPIuqa+JDvKOd9gWXgIMdBIOzeFsskrR/HPrQXY9qmv/Arw7NZ1jx
/hgjpcV7KbIHshjTU+EOEoMNlCix7371y5+rLmMYDCEzfuddJT0rp5iE9JzGgU3C
ygnTV6+oR1/N
=lRih
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: