1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted ghostscript 10.0.0~dfsg-11+deb12u6 (source) into proposed-upda

    From Debian FTP Masters@21:1/5 to All on Fri Nov 15 16:40:02 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Sun, 10 Nov 2024 13:20:08 +0100
    Source: ghostscript
    Architecture: source
    Version: 10.0.0~dfsg-11+deb12u6
    Distribution: bookworm-security
    Urgency: high
    Maintainer: Debian QA Group <packages@qa.debian.org>
    Changed-By: Salvatore Bonaccorso <carnil@debian.org>
    Changes:
    ghostscript (10.0.0~dfsg-11+deb12u6) bookworm-security; urgency=high
    .
    * Non-maintainer upload by the Security Team.
    * Check for overflow validating format string (CVE-2024-46953)
    * Fix filenameforall completion cleanup
    * Don't leave a dangling pointer on the stack
    * PostScript interpreter - Null dangling references on stack
    * PostScript interpreter - fix buffer length check (CVE-2024-46956)
    * PS interpreter review colour code for stack pointers
    * PS interpreter - check Indexed colour space index (CVE-2024-46955)
    * PS interpreter - check the type of the Pattern Implementation
    (CVE-2024-46951)
    * PDF interpreter - sanitise W array values in Xref streams (CVE-2024-46952) Checksums-Sha1:
    ca1381ce12040f291aa77e5b6b1967aff55e5a39 3021 ghostscript_10.0.0~dfsg-11+deb12u6.dsc
    5f5adb88612553f4b9dee3606265aba70802b4f0 103152 ghostscript_10.0.0~dfsg-11+deb12u6.debian.tar.xz
    3fde2e1f374a58962e6a250b7b253622581a67a4 7320 ghostscript_10.0.0~dfsg-11+deb12u6_source.buildinfo
    Checksums-Sha256:
    5d41cc89cfde3a53d968d4ea0bc905a749527eef1f994174e99659a790f2fd3a 3021 ghostscript_10.0.0~dfsg-11+deb12u6.dsc
    2b62a7ed32612ec854feac1cebb639e7f169231307b4e78d6d16d0f3d6e5c692 103152 ghostscript_10.0.0~dfsg-11+deb12u6.debian.tar.xz
    191d966ed79e85d1221a2729040dc8666ff1f66be4f3df9bd6c62d1066ccbec5 7320 ghostscript_10.0.0~dfsg-11+deb12u6_source.buildinfo
    Files:
    631bb1c9a4b0b597f758eb9b87b81301 3021 text optional ghostscript_10.0.0~dfsg-11+deb12u6.dsc
    5aafaef0b4a10d27054c5d5cc1442ea2 103152 text optional ghostscript_10.0.0~dfsg-11+deb12u6.debian.tar.xz
    4b713da2b1ee55b2f64d3dc5b42addbf 7320 text optional ghostscript_10.0.0~dfsg-11+deb12u6_source.buildinfo
    -----BEGIN PGP SIGNATURE-----

    iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmcwp0ZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EgWYP/2bCPP+YUGlI6CvFxnZR7Hhm2P6N0V9E rX5yCyQX1Zpb2sE3G/tNbVF5wvqT36djrYIa+XUkIizpVvxUG7waLZ3A/pHKGdWM oDO5ZJCAwAyl+iRSalUec2enmNL2qUNDjFblb5TaxzbGhANjyQattVZGAF9HtvfY Z8apeB4ngnM1q9aif+era6ec4LVomiS0kzc6tZle/CnB1uxJdK8ygDK6Evn9YF5k VQmo7v9GNZ8ITAb6aWPeT2xw24Yq+oZsWAU2M+AGSG3TiRwdF9ln/zEGp8JrfKdG pjm0Y6WGwNM89QtMH2Ll3WHfLtfYdodhabVwFaRnp1Y5FeG5C6EH89rttQ92Bz/q bHMjtuTJfb0mN6opCDRxUacUajJ4Y5N7YbK1Jp3kyWj/Bi3VSMazc3y8GObBpLVm lL8u5Es6ytZlI2WbLnKoKEdC0U4l1tkqCQs6xlgVN8mr843DjfvOU/C5XcyTmZMo JaRYeMwz2xLT6YcMqrSz3WyS9SHjaRKNEHn8F8jYCmGAXUFJQdEngBdvINzCFu0s zPzWan8Tm+k48/6ERGdzd1hLYVUJIyKa9ZNyM6eczzSAnpuVSMyU7r1chyEu1rlV ynV62zAcMq3qOQBxFm1JEXd0PNDJq9DXifdAgCNF2pr8iQ7EZ6j7eylHagomgiT5
    rAr6+ntH4rOC
    =N14W
    -----END PGP SIGNATURE-----


    --==============♠39471534629877966=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZzdpggAKCRCb9qggYcy5 IbtEAP42yQC2Vm1+vhKW2CrMtN7xhEtFFDzrKv54/cPF5L70/wEAu+zSkZNCDCx9 mHikmRdSRW+qt+Jk61GsR7D3A92LDAE█ju
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)