nixpkgs/pkgs/misc
Florian Klink 3f65f10982 ghostscript: 9.24 -> 9.25 (#47934)
Highlights in this release include:

This release fixes problems with argument handling, some unintended results of the security fixes to the SAFER file access restrictions (specifically accessing ICC profile files), and some additional security issues over the recent 9.24 release.

CVE-2018-16802
CVE-2018-17183

Note: The ps2epsi utility does not, and cannot call Ghostscript with the -dSAFER command line option. It should never be called with input from untrusted sources.

Security issues have been the primary focus of this release, including solving several (well publicised) real and potential exploits.
PLEASE NOTE: We strongly urge users to upgrade to this latest release to avoid these issues.

As well as Ghostscript itself, jbig2dec has had a significant amount of work improving its robustness in the face of out specification files.

IMPORTANT: We are in the process of forking LittleCMS. LCMS2 is not thread safe, and cannot be made thread safe without breaking the ABI. Our fork will be thread safe, and include performance enhancements (these changes have all be been offered and rejected upstream). We will maintain compatibility between Ghostscript and LCMS2 for a time, but not in perpetuity. Our fork will be available as its own package separately from Ghostscript (and MuPDF).

The usual round of bug fixes, compatibility changes, and incremental improvements.
2018-10-06 00:47:08 +02:00
..
apulse
arm-trusted-firmware
base16-builder reewide: Purge all uses stdenv.system and top-level system 2018-08-30 17:20:32 -04:00
beep Revert "beep: fix for CVE-2018-0492" 2018-04-20 08:50:31 +08:00
brightnessctl brightnessctl: 0.3.2 -> 0.4 2018-09-25 07:55:21 -07:00
calaos/installer calaos_installer: fix darwin install (#46629) 2018-09-13 23:40:30 +02:00
cups samsung-unified-linux-driver: update default version to 4.01.17 2018-10-03 10:25:46 +02:00
documentation-highlighter nixos docs: syntax highlight 2018-04-05 07:54:01 -04:00
drivers tree-wide: patchelf used during build -> nativeBuildInputs 2018-09-28 11:43:16 -05:00
emulators wineUnstable: 3.15 -> 3.17 2018-10-04 21:24:22 +03:00
foldingathome treewide: remove platform assertions 2018-05-03 13:09:20 -05:00
frescobaldi frescobaldi: 2.0.16 -> 3.0.0; fix build 2018-03-31 17:03:17 +02:00
ghostscript ghostscript: 9.24 -> 9.25 (#47934) 2018-10-06 00:47:08 +02:00
gnash gnome3.gconf: remove 2018-07-10 12:14:40 +02:00
gnuk
jackaudio treewide: Replace meta.available checks in shouldUsePackages copypasta 2018-09-28 15:01:00 +03:00
libcardiacarrest libcardiacarrest: 12.1-6 -> 12.1-7 2018-09-23 17:46:43 +00:00
lilypond pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
logging/beats beats: upgrade default from v5 to v6 2018-08-03 12:06:58 +01:00
lollypop-portal lollypop-portal: add python3 2018-09-18 14:42:25 -04:00
long-shebang
mnemonicode
mxt-app mxt-app: limit platforms to linux 2018-07-05 23:35:49 +02:00
my-env pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
phabricator phabricator: add license 2018-08-06 12:14:05 +02:00
riscv-pk
sailsd
scrcpy scrcpy: 1.2 -> 1.3 2018-09-15 23:38:32 +02:00
screensavers alock: mark linux only 2018-09-12 20:06:06 +02:00
seafile-shared seafile-shared: 6.2.3 -> 6.2.4 2018-08-20 16:49:55 +02:00
solfege
sound-of-sorting
source-and-tags source-and-tags: fix default.nix 2018-04-24 23:12:40 +02:00
stabber
talkfilters talkfilters: update homepage 2018-09-03 22:36:56 +02:00
themes gnome3: remove version attribute 2018-10-05 02:07:09 +02:00
tmux-plugins tmuxPlugins: expose mkDerivation for creating a TMUX plugins 2018-08-06 12:17:45 -07:00
tw-rs
uboot U-Boot: Add Orange Pi Zero Plus2 (H5) build 2018-09-25 10:04:14 +03:00
urbit urbit: clean-up 2018-08-05 20:34:24 +02:00
vim-plugins misc/vim-plugins: add posva/vim-vue 2018-10-05 14:54:39 +02:00
vscode-extensions vscode-extensions.ms-vscode.cpptools: 0.17.6 -> 0.19.0 (#47573) 2018-10-01 07:51:04 +02:00
xosd