CVE-2009-4270 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4270): Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file, as originally reported for debug logging code in gdevcups.c in the CUPS output driver.
New upstream version app-text/ghostscript-gpl-8.71 in CVS (depends on ~testing libpng-1.2.42).
So 8.71 is ok to go stable?!
I've just put -r1 into CVS which should be considered the stable candidate since it addresses most regressions 8.71 caused. Should be good to go stable in about 1-2 days.
CVE-2009-4897 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4897): Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name.
GLSA request filed.
No affected package in the tree anymore. Nothing left to do for printing.
CVE-2009-3743 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3743): Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed TrueType font in a document that trigger an integer overflow and a heap-based buffer overflow.
CVE-2010-4054 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4054): The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043.
This issue was resolved and addressed in GLSA 201412-17 at http://security.gentoo.org/glsa/glsa-201412-17.xml by GLSA coordinator Sean Amoss (ackle).