Change log for ghostscript package in openKylin

ghostscript (10.02.1~dfsg1-ok6) nile; urgency=medium

  * Bug号:无
  * 需求号:无
  * 其他改动说明:构建 nile-sp2 版本
  * 其他改动影响域:无

 -- jiangdingyuan <email address hidden>  Wed, 13 Aug 2025 15:31:46 +0800

Available diffs

• diff from 10.02.1~dfsg1-ok4 (in Openkylin) to 10.02.1~dfsg1-ok6 (460.8 KiB)
• diff from 10.02.1~dfsg1-ok5 to 10.02.1~dfsg1-ok6 (619 bytes)

ghostscript (10.02.1~dfsg1-ok4) nile; urgency=medium

  * SECURITY UPDATE: stack-based buffer overflow via long PDF filter
    name     - debian/patches/CVE-2024-29506.patch: don't allow PDF
    files with bad       Filters to overflow the debug buffer in
    pdf/pdf_file.c.     - CVE-2024-29506   * SECURITY UPDATE: stack-
    based buffer overflows     - debian/patches/CVE-2024-29507.patch:
    bounds checks when using CIDFont       related params in
    pdf/pdf_font.c, pdf/pdf_warnings.h.     - CVE-2024-29507   *
    SECURITY UPDATE: heap-based pointer disclosure via constructed
    BaseFont     name     - debian/patches/CVE-2024-29508.patch: review
    printing of pointers in       base/gsfont.c, base/gsicc_cache.c,
    base/gsmalloc.c, base/gxclmem.c,       base/gxcpath.c,
    base/gxpath.c, base/szlibc.c, devices/gdevupd.c,
    devices/vector/gdevpdtb.c, psi/ialloc.c, psi/igc.c, psi/igcstr.c,
    psi/iinit.c, psi/imainarg.c, psi/isave.c, psi/iutil.c.     -
    debian/patches/CVE-2024-29508-2.patch: fix compiler warning in
    optimised build in base/gsicc_cache.c.     - debian/patches/CVE-2024-
    29508-3.patch: remove extra arguments in       devices/gdevupd.c.
    - CVE-2024-29508   * SECURITY UPDATE: heap-based overflow via
    PDFPassword with null byte     - debian/patches/CVE-2024-
    29509.patch: don't use strlen on passwords in       pdf/pdf_sec.c.
    - CVE-2024-29509   * SECURITY UPDATE: directory traversal issue via
    OCRLanguage     - debian/patches/CVE-2024-29511.patch: reject
    OCRLanguage changes after       SAFER enabled in devices/gdevocr.c,
    devices/gdevpdfocr.c,       devices/vector/gdevpdfp.c.     -
    debian/patches/CVE-2024-29511-2.patch: original fix was overly
    aggressive in devices/gdevocr.c, devices/gdevpdfocr.c,
    devices/vector/gdevpdf.c, devices/vector/gdevpdfp.c.     - CVE-2024-
    29511

 -- liubo01 <email address hidden>  Tue, 05 Nov 2024 11:37:45 +0800

Available diffs

• diff from 10.02.1~dfsg1-ok2 to 10.02.1~dfsg1-ok4 (10.2 KiB)

ghostscript (10.02.1~dfsg1-ok3) nile; urgency=medium

  * reserve CVE change.

 -- liubo01 <email address hidden>  Tue, 05 Nov 2024 11:29:51 +0800

Available diffs

• diff from 10.02.1~dfsg1-ok2 to 10.02.1~dfsg1-ok3 (2.5 KiB)

ghostscript (10.02.1~dfsg1-ok2) nile; urgency=medium

  * Fix CVE-2024-29510 CVE-2024-33869 CVE-2024-33870 CVE-2024-33871

 -- liubo01 <email address hidden>  Mon, 08 Jul 2024 17:33:23 +0800

Available diffs

• diff from 10.02.1~dfsg1-ok1 to 10.02.1~dfsg1-ok2 (2.7 KiB)

ghostscript (10.02.1~dfsg1-ok1) nile; urgency=medium

  * Sync upstream version.

 -- zhouganqing <email address hidden>  Fri, 19 Apr 2024 10:21:27 +0800

Available diffs

• diff from 9.50~dfsg-ok5 to 10.02.1~dfsg1-ok1 (16.8 MiB)
• diff from 9.50~dfsg-ok8 to 10.02.1~dfsg1-ok1 (16.8 MiB)

ghostscript (9.50~dfsg-ok8) nile; urgency=medium

  * No change rebuild

 -- CI Bot <email address hidden>  Thu, 18 Apr 2024 12:44:06 +0000

Available diffs

• diff from 9.50~dfsg-ok5 to 9.50~dfsg-ok8 (10.1 KiB)

ghostscript (9.50~dfsg-ok6) yangtze; urgency=medium

  * Update package info.

 -- zhouganqing <email address hidden>  Mon, 04 Sep 2023 17:05:57 +0800

Available diffs

• diff from 9.50~dfsg-ok4 to 9.50~dfsg-ok6 (9.2 KiB)
• diff from 9.50~dfsg-ok5 to 9.50~dfsg-ok6 (4.5 KiB)

ghostscript (9.50~dfsg-ok5) yangtze; urgency=medium

  * CVE问题修复：
    - CVE-2023-28879
    - CVE-2020-16289
    - CVE-2023-36664
    - CVE-2020-16295
    - CVE-2020-16292
    - CVE-2020-16293
    - CVE-2020-16296
    - CVE-2020-16294
    - CVE-2020-16301
    - CVE-2020-16300

 -- jiangdingyuan <email address hidden>  Wed, 02 Aug 2023 10:19:20 +0800

Available diffs

• diff from 9.50~dfsg-ok4 to 9.50~dfsg-ok5 (5.5 KiB)

ghostscript (9.50~dfsg-ok4) yangtze; urgency=medium

  * another-lin CVE-2020-16288 安全更新：修复缓冲区错误的漏洞。该漏洞源于网络系统或产品在内存上执行操作时，未正确验证数据边界，导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等.

 -- zhonglinliang <email address hidden>  Fri, 24 Mar 2023 15:32:33 +0800

Available diffs

• diff from 9.50~dfsg-ok1 (in Openkylin) to 9.50~dfsg-ok4 (2.5 KiB)
• diff from 9.50~dfsg-ok3 to 9.50~dfsg-ok4 (1.4 KiB)

ghostscript (9.50~dfsg-ok3) yangtze; urgency=medium

  * uivnsd CVE-2020-16287 安全更新：Artifex Software Ghostscript存在缓冲区错误漏洞.

 -- heguanli <email address hidden>  Wed, 15 Mar 2023 21:56:17 +0800

Available diffs

• diff from 9.50~dfsg-ok2 to 9.50~dfsg-ok3 (1.3 KiB)

ghostscript (9.50~dfsg-ok2) yangtze; urgency=medium

  * TaciturnZ CVE-2020-15900 安全更新：Artifex Software Ghostscript 9.50版本和9.52版本中存在数字错误漏洞。攻击者可利用该漏洞关闭沙盒保护.

 -- wengz <email address hidden>  Tue, 14 Mar 2023 15:42:43 +0800

Available diffs

• diff from 9.50~dfsg-ok1 (in Openkylin) to 9.50~dfsg-ok2 (1.1 KiB)

ghostscript (9.50~dfsg-ok1) yangtze; urgency=medium

  * Build for openKylin.

 -- openKylinBot <email address hidden>  Mon, 25 Apr 2022 22:03:04 +0800