ghostscript 10.02.1~dfsg1-ok4 source package in openKylin

Changelog

ghostscript (10.02.1~dfsg1-ok4) nile; urgency=medium

  * SECURITY UPDATE: stack-based buffer overflow via long PDF filter
    name     - debian/patches/CVE-2024-29506.patch: don't allow PDF
    files with bad       Filters to overflow the debug buffer in
    pdf/pdf_file.c.     - CVE-2024-29506   * SECURITY UPDATE: stack-
    based buffer overflows     - debian/patches/CVE-2024-29507.patch:
    bounds checks when using CIDFont       related params in
    pdf/pdf_font.c, pdf/pdf_warnings.h.     - CVE-2024-29507   *
    SECURITY UPDATE: heap-based pointer disclosure via constructed
    BaseFont     name     - debian/patches/CVE-2024-29508.patch: review
    printing of pointers in       base/gsfont.c, base/gsicc_cache.c,
    base/gsmalloc.c, base/gxclmem.c,       base/gxcpath.c,
    base/gxpath.c, base/szlibc.c, devices/gdevupd.c,
    devices/vector/gdevpdtb.c, psi/ialloc.c, psi/igc.c, psi/igcstr.c,
    psi/iinit.c, psi/imainarg.c, psi/isave.c, psi/iutil.c.     -
    debian/patches/CVE-2024-29508-2.patch: fix compiler warning in
    optimised build in base/gsicc_cache.c.     - debian/patches/CVE-2024-
    29508-3.patch: remove extra arguments in       devices/gdevupd.c.
    - CVE-2024-29508   * SECURITY UPDATE: heap-based overflow via
    PDFPassword with null byte     - debian/patches/CVE-2024-
    29509.patch: don't use strlen on passwords in       pdf/pdf_sec.c.
    - CVE-2024-29509   * SECURITY UPDATE: directory traversal issue via
    OCRLanguage     - debian/patches/CVE-2024-29511.patch: reject
    OCRLanguage changes after       SAFER enabled in devices/gdevocr.c,
    devices/gdevpdfocr.c,       devices/vector/gdevpdfp.c.     -
    debian/patches/CVE-2024-29511-2.patch: original fix was overly
    aggressive in devices/gdevocr.c, devices/gdevpdfocr.c,
    devices/vector/gdevpdf.c, devices/vector/gdevpdfp.c.     - CVE-2024-
    29511

 -- liubo01 <email address hidden>  Tue, 05 Nov 2024 11:37:45 +0800

Upload details

Uploaded by:
liubo01
Sponsored by:
Cibot
Uploaded to:
Nile V2.0
Original maintainer:
Openkylin Developers
Architectures:
any all
Section:
text
Urgency:
Medium Urgency

Publishing See full publishing history

Series Pocket Published Component Section
Nile V2.0 release main text
Nile V2.0 proposed main text

Downloads

File Size SHA-256 Checksum
ghostscript_10.02.1~dfsg1.orig.tar.xz 51.6 MiB be748526dc3c6c45c9b192805dfeeec0c90f36f0ee2078c6503ecbe36fcba202
ghostscript_10.02.1~dfsg1-ok4.debian.tar.xz 202.8 KiB 9d40791ca3ad7c154b6471b4263b461e74ce39b9fb563ff64f2bed52c7b499bb
ghostscript_10.02.1~dfsg1-ok4.dsc 2.5 KiB 5cbd9f724a687c1c508c06f845bdd174db8e3c1c43788c743e6a005b496cffde

View changes file

Binary packages built by this source

ghostscript: interpreter for the PostScript language and for PDF

 GPL Ghostscript is used for PostScript/PDF preview and printing.
 Usually as a back-end to a program such as ghostview,
 it can display PostScript and PDF documents in an X11 environment.
 .
 Furthermore, it can render PostScript and PDF files as graphics
 to be printed on non-PostScript printers.
 Supported printers include common dot-matrix, inkjet and laser models.
 .
 The suggested texlive-binaries package is only required when using dvipdf.

ghostscript-dbgsym: debug symbols for ghostscript
ghostscript-doc: interpreter for the PostScript language and for PDF - Documentation

 GPL Ghostscript is used for PostScript/PDF preview and printing.
 Usually as a back-end to a program such as ghostview,
 it can display PostScript and PDF documents in an X11 environment.
 .
 This package contains documentation for GPL Ghostscript,
 mainly targeted developers and advanced users.

libgs-common: interpreter for the PostScript language and for PDF - ICC profiles

 GPL Ghostscript is used for PostScript/PDF preview and printing.
 Usually as a back-end to a program such as ghostview,
 it can display PostScript and PDF documents in an X11 environment.
 .
 This package provides common ICC profiles.

libgs-dev: interpreter for the PostScript language and for PDF - Development Files

 GPL Ghostscript is used for PostScript/PDF preview and printing.
 Usually as a back-end to a program such as ghostview,
 it can display PostScript and PDF documents in an X11 environment.
 .
 This package provides the development files
 for the GPL Ghostscript library
 which makes the facilities of GPL Ghostscript available
 to applications.

libgs10: interpreter for the PostScript language and for PDF - Library

 GPL Ghostscript is used for PostScript/PDF preview and printing.
 Usually as a back-end to a program such as ghostview,
 it can display PostScript and PDF documents in an X11 environment.
 .
 This package provides the Ghostscript library
 which makes the facilities of GPL Ghostscript available
 to applications.

libgs10-common: interpreter for the PostScript language and for PDF - common files

 GPL Ghostscript is used for PostScript/PDF preview and printing.
 Usually as a back-end to a program such as ghostview,
 it can display PostScript and PDF documents in an X11 environment.
 .
 This package provides common architecture-independent files
 needed by the GPL Ghostscript library.
 .
 By default, GPL Ghostscript uses a font from the fonts-droid package
 to approximate glyphs in PDFs
 for which the requested CJK TrueType font is missing.
 If the fonts-droid package is not installed,
 these glyphs will be rendered as bullets.

libgs10-dbgsym: debug symbols for libgs10