1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted ghostscript 10.0.0~dfsg-11+deb12u7 (source) into proposed-upda

    From Debian FTP Masters@21:1/5 to All on Thu Mar 27 01:50:02 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Wed, 26 Mar 2025 10:10:35 +0100
    Source: ghostscript
    Architecture: source
    Version: 10.0.0~dfsg-11+deb12u7
    Distribution: bookworm-security
    Urgency: high
    Maintainer: Debian QA Group <packages@qa.debian.org>
    Changed-By: Salvatore Bonaccorso <carnil@debian.org>
    Changes:
    ghostscript (10.0.0~dfsg-11+deb12u7) bookworm-security; urgency=high
    .
    * Non-maintainer upload by the Security Team.
    * Fix confusion between bytes and shorts (CVE-2025-27835)
    * Avoid integer overflow leading to buffer overflow (CVE-2025-27832)
    * PCL interpreter - fix decode_glyph for Unicode
    * Prevent Unicode decoding overrun (CVE-2025-27831)
    * Fix potential print buffer overflow (CVE-2025-27836)
    * Fix potential Buffer overflow with DollarBlend (CVE-2025-27830)
    * Cope with double byte chars in TTF scanning code
    * Check TTF name size before copying to buffer. (CVE-2025-27833)
    * PDF interpreter - Guard against unsigned int overflow (CVE-2025-27834)
    * Fix Coverity IDs 457699 and 457700
    Checksums-Sha1:
    da90c0b2220bf1384c4ef9ae5f088b7cfd0f2202 3023 ghostscript_10.0.0~dfsg-11+deb12u7.dsc
    b0a4f9e0599671f8bf60320267c7d0d14bcc4838 108216 ghostscript_10.0.0~dfsg-11+deb12u7.debian.tar.xz
    054a93901d32c425986e57bf3598c332e4b13220 7123 ghostscript_10.0.0~dfsg-11+deb12u7_source.buildinfo
    Checksums-Sha256:
    0fcf5e9cebac4104c0673673cd2154063de4516179aadd0b6277e4784ba02609 3023 ghostscript_10.0.0~dfsg-11+deb12u7.dsc
    3feea42d295481ae4fafec097a0f82e181b7117c37fd35bff81305708d559b51 108216 ghostscript_10.0.0~dfsg-11+deb12u7.debian.tar.xz
    73d5178c3e5ba8da893627833f9a60e336965dfb162fdf6a32ed01711e175696 7123 ghostscript_10.0.0~dfsg-11+deb12u7_source.buildinfo
    Files:
    36186a134bee5092450c32ea20ad1fd5 3023 text optional ghostscript_10.0.0~dfsg-11+deb12u7.dsc
    76d8db34852c12b1c66beffe9e2d66a6 108216 text optional ghostscript_10.0.0~dfsg-11+deb12u7.debian.tar.xz
    04e38ee65ddffea4790af3ab534bb61a 7123 text optional ghostscript_10.0.0~dfsg-11+deb12u7_source.buildinfo


    -----BEGIN PGP SIGNATURE-----

    iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmfjxNlfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89ECFEP/ijVeEl5uon1+vuT/kl4WZsQSFi1VM8z 2tu6+xaI8Rs79I4AC5B/2WIZ6qafi9g0TBSJbc0Fitu0cSfnoZvjnOS7NfChpCRl uk79MbzZ57BsK2KFNj37G8dn2EkyaaiprtBe+ANHRldbaMMDmWYHgvEORb9mBB4F 3EBnjJCNupuI/Kjn3diCx7PLLHhvK6f0DLe7knC46+/wNy0kEJLIqSBhTUHJD085 MarpGnD9X3XHGK07RKnl5eb8Fja6ghpAMNq0hOn8Wr8jVr/urd9UNN+HEJY/Ja18 M00pTUsDFyB/E1V9zVlI2ven1CzX3Us7nAVowGf53sjWhgVGXGdpmGBHSfnBQa9W oi/p2b6C4GZg2XAvAM6nMu64wSkRelXA0KuYTrPiCpjWQS+823PAnksSq0LLqc6P HuJM343ULDIr2c+D4wPlxl0A0wfbvzHn409NByfCaHXDI1bKZoAoPYE/6xeJOOQk qiU9gO3sWFH3tArp0liJ35ei2lrNPkRdiMYhKiee/RowMX7Mg0i2/Vx0mGqAiQTD qPdqJJjjKk3FkVW3NRXtNu7GTxmsspNnu3UWHzDylOEEXZmwX8wFcU0mAH9yUdz6 8vx7VzTGj+U5ZxaI10DbanNx3Y95QBQKlAgoRwdpAFCVIDsBkq0Lz5iIQf879A5T
    Rg/WAseJd4YK
    =98Ql
    -----END PGP SIGNATURE-----


    --==============↑01319109859673020=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZ+SgFQAKCRCb9qggYcy5 IWNpAP4otoQvzD/VgXP3OevlVZdMUC8mohcDaO6BPqE6vOj1iQD9G6qoKAwoflLP oAOJi1eKVDUXHOiOHQrVfllmCcyVVwI=tVen
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)