Change log : ghostscript package : openKylin

10.02.1~dfsg1-ok4

Published in nile-proposed on 2024-11-05

ghostscript (10.02.1~dfsg1-ok4) nile; urgency=medium

  * SECURITY UPDATE: stack-based buffer overflow via long PDF filter
    name     - debian/patches/CVE-2024-29506.patch: don't allow PDF
    files with bad       Filters to overflow the debug buffer in
    pdf/pdf_file.c.     - CVE-2024-29506   * SECURITY UPDATE: stack-
    based buffer overflows     - debian/patches/CVE-2024-29507.patch:
    bounds checks when using CIDFont       related params in
    pdf/pdf_font.c, pdf/pdf_warnings.h.     - CVE-2024-29507   *
    SECURITY UPDATE: heap-based pointer disclosure via constructed
    BaseFont     name     - debian/patches/CVE-2024-29508.patch: review
    printing of pointers in       base/gsfont.c, base/gsicc_cache.c,
    base/gsmalloc.c, base/gxclmem.c,       base/gxcpath.c,
    base/gxpath.c, base/szlibc.c, devices/gdevupd.c,
    devices/vector/gdevpdtb.c, psi/ialloc.c, psi/igc.c, psi/igcstr.c,
    psi/iinit.c, psi/imainarg.c, psi/isave.c, psi/iutil.c.     -
    debian/patches/CVE-2024-29508-2.patch: fix compiler warning in
    optimised build in base/gsicc_cache.c.     - debian/patches/CVE-2024-
    29508-3.patch: remove extra arguments in       devices/gdevupd.c.
    - CVE-2024-29508   * SECURITY UPDATE: heap-based overflow via
    PDFPassword with null byte     - debian/patches/CVE-2024-
    29509.patch: don't use strlen on passwords in       pdf/pdf_sec.c.
    - CVE-2024-29509   * SECURITY UPDATE: directory traversal issue via
    OCRLanguage     - debian/patches/CVE-2024-29511.patch: reject
    OCRLanguage changes after       SAFER enabled in devices/gdevocr.c,
    devices/gdevpdfocr.c,       devices/vector/gdevpdfp.c.     -
    debian/patches/CVE-2024-29511-2.patch: original fix was overly
    aggressive in devices/gdevocr.c, devices/gdevpdfocr.c,
    devices/vector/gdevpdf.c, devices/vector/gdevpdfp.c.     - CVE-2024-
    29511

 -- liubo01 <email address hidden>  Tue, 05 Nov 2024 11:37:45 +0800

Available diffs

diff from 10.02.1~dfsg1-ok2 to 10.02.1~dfsg1-ok4 (10.2 KiB)

10.02.1~dfsg1-ok3

Superseded in nile-proposed on 2024-11-05

ghostscript (10.02.1~dfsg1-ok3) nile; urgency=medium

  * reserve CVE change.

 -- liubo01 <email address hidden>  Tue, 05 Nov 2024 11:29:51 +0800

Available diffs

diff from 10.02.1~dfsg1-ok2 to 10.02.1~dfsg1-ok3 (2.5 KiB)

10.02.1~dfsg1-ok2

Published in huanghe-proposed on 2024-10-15

Published in huanghe-release on 2024-10-15

Published in nile-release on 2024-07-10

Superseded in nile-proposed on 2024-11-05

ghostscript (10.02.1~dfsg1-ok2) nile; urgency=medium

  * Fix CVE-2024-29510 CVE-2024-33869 CVE-2024-33870 CVE-2024-33871

 -- liubo01 <email address hidden>  Mon, 08 Jul 2024 17:33:23 +0800

Available diffs

diff from 10.02.1~dfsg1-ok1 to 10.02.1~dfsg1-ok2 (2.7 KiB)

10.02.1~dfsg1-ok1

Superseded in nile-release on 2024-07-10

Superseded in nile-proposed on 2024-07-08

ghostscript (10.02.1~dfsg1-ok1) nile; urgency=medium

  * Sync upstream version.

 -- zhouganqing <email address hidden>  Fri, 19 Apr 2024 10:21:27 +0800

Available diffs

diff from 9.50~dfsg-ok5 to 10.02.1~dfsg1-ok1 (16.8 MiB)
diff from 9.50~dfsg-ok8 to 10.02.1~dfsg1-ok1 (16.8 MiB)

9.50~dfsg-ok8

Superseded in nile-proposed on 2024-04-19

ghostscript (9.50~dfsg-ok8) nile; urgency=medium

  * No change rebuild

 -- CI Bot <email address hidden>  Thu, 18 Apr 2024 12:44:06 +0000

Available diffs

diff from 9.50~dfsg-ok5 to 9.50~dfsg-ok8 (10.1 KiB)

9.50~dfsg-ok6

Published in yangtze-release on 2023-09-21

Published in yangtze-proposed on 2023-09-04

ghostscript (9.50~dfsg-ok6) yangtze; urgency=medium

  * Update package info.

 -- zhouganqing <email address hidden>  Mon, 04 Sep 2023 17:05:57 +0800

Available diffs

diff from 9.50~dfsg-ok4 to 9.50~dfsg-ok6 (9.2 KiB)
diff from 9.50~dfsg-ok5 to 9.50~dfsg-ok6 (4.5 KiB)

9.50~dfsg-ok5

Superseded in nile-release on 2024-04-30

Superseded in nile-proposed on 2024-04-18

Superseded in yangtze-proposed on 2023-09-04

ghostscript (9.50~dfsg-ok5) yangtze; urgency=medium

  * CVE问题修复：
    - CVE-2023-28879
    - CVE-2020-16289
    - CVE-2023-36664
    - CVE-2020-16295
    - CVE-2020-16292
    - CVE-2020-16293
    - CVE-2020-16296
    - CVE-2020-16294
    - CVE-2020-16301
    - CVE-2020-16300

 -- jiangdingyuan <email address hidden>  Wed, 02 Aug 2023 10:19:20 +0800

Available diffs

diff from 9.50~dfsg-ok4 to 9.50~dfsg-ok5 (5.5 KiB)

9.50~dfsg-ok4

Superseded in nile-release on 2023-12-13

Superseded in yangtze-release on 2023-09-21

Superseded in yangtze-proposed on 2023-08-03

ghostscript (9.50~dfsg-ok4) yangtze; urgency=medium

  * another-lin CVE-2020-16288 安全更新：修复缓冲区错误的漏洞。该漏洞源于网络系统或产品在内存上执行操作时，未正确验证数据边界，导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等.

 -- zhonglinliang <email address hidden>  Fri, 24 Mar 2023 15:32:33 +0800

Available diffs

diff from 9.50~dfsg-ok1 (in Openkylin) to 9.50~dfsg-ok4 (2.5 KiB)
diff from 9.50~dfsg-ok3 to 9.50~dfsg-ok4 (1.4 KiB)

9.50~dfsg-ok3

Superseded in yangtze-proposed on 2023-03-27

ghostscript (9.50~dfsg-ok3) yangtze; urgency=medium

  * uivnsd CVE-2020-16287 安全更新：Artifex Software Ghostscript存在缓冲区错误漏洞.

 -- heguanli <email address hidden>  Wed, 15 Mar 2023 21:56:17 +0800

Available diffs

diff from 9.50~dfsg-ok2 to 9.50~dfsg-ok3 (1.3 KiB)

9.50~dfsg-ok2

Superseded in yangtze-proposed on 2023-03-17

ghostscript (9.50~dfsg-ok2) yangtze; urgency=medium

  * TaciturnZ CVE-2020-15900 安全更新：Artifex Software Ghostscript 9.50版本和9.52版本中存在数字错误漏洞。攻击者可利用该漏洞关闭沙盒保护.

 -- wengz <email address hidden>  Tue, 14 Mar 2023 15:42:43 +0800

Available diffs

diff from 9.50~dfsg-ok1 (in Openkylin) to 9.50~dfsg-ok2 (1.1 KiB)

9.50~dfsg-ok1

Superseded in yangtze-release on 2023-07-05

ghostscript (9.50~dfsg-ok1) yangtze; urgency=medium

  * Build for openKylin.

 -- openKylinBot <email address hidden>  Mon, 25 Apr 2022 22:03:04 +0800

openKylin Build Service

openKylin ghostscript package

Change log for ghostscript package in openKylin

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs