1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted ghostscript 10.0.0~dfsg-11+deb12u5 (source) into proposed-upda

    From Debian FTP Masters@21:1/5 to All on Sat Aug 31 23:20:01 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Sat, 24 Aug 2024 21:29:52 +0200
    Source: ghostscript
    Architecture: source
    Version: 10.0.0~dfsg-11+deb12u5
    Distribution: bookworm-security
    Urgency: high
    Maintainer: Debian QA Group <packages@qa.debian.org>
    Changed-By: Salvatore Bonaccorso <carnil@debian.org>
    Changes:
    ghostscript (10.0.0~dfsg-11+deb12u5) bookworm-security; urgency=high
    .
    * Non-maintainer upload by the Security Team.
    * review printing of pointers (CVE-2024-29508)
    * Fix compiler warning in optimised build
    * Coverity IDs 414141 & 414145
    * Don't allow PDF files with bad Filters to overflow the debug buffer
    (CVE-2024-29506)
    * Don't use strlen on passwords (CVE-2024-29509)
    * Bounds checks when using CIDFont related params (CVE-2024-29507) Checksums-Sha1:
    686d0ed3e24df62b1bfde268e6b27c3c22a03bc6 3018 ghostscript_10.0.0~dfsg-11+deb12u5.dsc
    d43dd81061bbcb928e1e9acb5b73efa282f88ee2 96556 ghostscript_10.0.0~dfsg-11+deb12u5.debian.tar.xz
    72ef195fff23a25146a2e0382906b2720a80e532 7267 ghostscript_10.0.0~dfsg-11+deb12u5_source.buildinfo
    Checksums-Sha256:
    b4d40810b9a50f3ea403f0c06e60faa912eca78e48ccc7ceeb526030e5bea178 3018 ghostscript_10.0.0~dfsg-11+deb12u5.dsc
    39907790b3af47a77ec745c95c0aedd7795affd4ce9a186200bbbee69c1da1d2 96556 ghostscript_10.0.0~dfsg-11+deb12u5.debian.tar.xz
    b3559ee71218e854aee99061a77b9dfa6c1018f396152775951a375d9c33bc19 7267 ghostscript_10.0.0~dfsg-11+deb12u5_source.buildinfo
    Files:
    ae9c5d342adc687fdcc0913600fd428a 3018 text optional ghostscript_10.0.0~dfsg-11+deb12u5.dsc
    2fd6e46eb789eb808794eefbd54e0a4f 96556 text optional ghostscript_10.0.0~dfsg-11+deb12u5.debian.tar.xz
    52d6d03437b745c84c965662a1edb827 7267 text optional ghostscript_10.0.0~dfsg-11+deb12u5_source.buildinfo
    -----BEGIN PGP SIGNATURE-----

    iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmbKxoRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89E37gP/3ybj/W1OyBxVA3EHcAQ3pr8YM478OCc S7qSlYXoP4hwCEv21Wrosgv4UCVS44EzsWD8GtCwNyMD87POGzKA/QY/Y4tvcklK D8saQaL2cNIL9Ro0U4aCgmkZn1l+RJv4YSV/M03u2MqLGS3j8sp5uuMxMPqIrqss CmZFRYwW31igGkXzgR99HkAzaozB8BMBLSbceBgqKp0QK2MdYB30lNeeJQuJZvEW SDIXatBWs5k3tmyzIXPUX5TXW0wCGAqUOqXDaU4fr2gaoPiwePX7sUsUtPRckZGc 4azhd0UQb/0RiVcHQbnct2gm9l4wIRS3PTiixzABJJyqdS8gYkTphUC6wo+lDNZ2 X13nEm+JhEFDYtQ3yvncYAi0N1KaxLi4fGm0EF8uJKNLwaL7a4VfpGVBGdl2HWp+ 5xWHLYCDmJB3gOx3V6gR0hTgUZU0NUrjMFRbsFXFXkKtOlf8lbVT5gFG/dL8Gcvv b2096j7WHw33CUS7TVIsCpBfIOvmxV0hCFF2p1yY+IL3Mj+VpwbTzVCx7VUk1ITN nDLsJP5h7KsukvPvcWgL8dNAaIOHRnYviXoch52r8TDMp8x6JDt1yXdVkKSEw7tX l0z4FDdqTcF+DfH2Vfwu4qSENNHeKwkc1lmz4Tqe0x8PsHhN0gv+pYA19chViVzn
    rmYCAYBWfHO7
    =qOv8
    -----END PGP SIGNATURE-----


    --==============¶79052284052421078=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZtOIVAAKCRCb9qggYcy5 IZdkAQCzzLYpvWQmrKm1SdnhBgO+5N3kmkqkd8+Nnt5+hxBa7wEAhreXHJUrB84l u1NFgwcgacuDk4OHUn9Nbrt1r2qupQA=mkFl
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)