Format: 1.8
Date: Tue, 05 Nov 2024 11:37:45 +0800
Source: ghostscript
Binary: ghostscript ghostscript-dbgsym libgs-dev libgs10 libgs10-dbgsym
Architecture: riscv64
Version: 10.02.1~dfsg1-ok4
Distribution: nile-proposed
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@9841544ed7ef>
Changed-By: liubo01 <liubo01@kylinos.cn>
Description:
ghostscript - interpreter for the PostScript language and for PDF
libgs-dev - interpreter for the PostScript language and for PDF - Development
libgs10 - interpreter for the PostScript language and for PDF - Library
Changes:
ghostscript (10.02.1~dfsg1-ok4) nile; urgency=medium
.
* SECURITY UPDATE: stack-based buffer overflow via long PDF filter
name - debian/patches/CVE-2024-29506.patch: don't allow PDF
files with bad Filters to overflow the debug buffer in
pdf/pdf_file.c. - CVE-2024-29506 * SECURITY UPDATE: stack-
based buffer overflows - debian/patches/CVE-2024-29507.patch:
bounds checks when using CIDFont related params in
pdf/pdf_font.c, pdf/pdf_warnings.h. - CVE-2024-29507 *
SECURITY UPDATE: heap-based pointer disclosure via constructed
BaseFont name - debian/patches/CVE-2024-29508.patch: review
printing of pointers in base/gsfont.c, base/gsicc_cache.c,
base/gsmalloc.c, base/gxclmem.c, base/gxcpath.c,
base/gxpath.c, base/szlibc.c, devices/gdevupd.c,
devices/vector/gdevpdtb.c, psi/ialloc.c, psi/igc.c, psi/igcstr.c,
psi/iinit.c, psi/imainarg.c, psi/isave.c, psi/iutil.c. -
debian/patches/CVE-2024-29508-2.patch: fix compiler warning in
optimised build in base/gsicc_cache.c. - debian/patches/CVE-2024-
29508-3.patch: remove extra arguments in devices/gdevupd.c.
- CVE-2024-29508 * SECURITY UPDATE: heap-based overflow via
PDFPassword with null byte - debian/patches/CVE-2024-
29509.patch: don't use strlen on passwords in pdf/pdf_sec.c.
- CVE-2024-29509 * SECURITY UPDATE: directory traversal issue via
OCRLanguage - debian/patches/CVE-2024-29511.patch: reject
OCRLanguage changes after SAFER enabled in devices/gdevocr.c,
devices/gdevpdfocr.c, devices/vector/gdevpdfp.c. -
debian/patches/CVE-2024-29511-2.patch: original fix was overly
aggressive in devices/gdevocr.c, devices/gdevpdfocr.c,
devices/vector/gdevpdf.c, devices/vector/gdevpdfp.c. - CVE-2024-
29511
Checksums-Sha1:
c5e066621d2d9d907f67dda08df7c1db67fb3253 6248 ghostscript-dbgsym_10.02.1~dfsg1-ok4_riscv64.deb
021a4fc1d65db52aff3e97a61dbea94ec9c3ae08 11148 ghostscript_10.02.1~dfsg1-ok4_riscv64.buildinfo
3e730ca19fbdf663fb471aa5ea9778c0ca8d91f0 42536 ghostscript_10.02.1~dfsg1-ok4_riscv64.deb
1c19048062263d8c19b40049cef1dd047d889e87 31200 libgs-dev_10.02.1~dfsg1-ok4_riscv64.deb
92e7f1b94a1e0a7d95679120d341c81094707ef0 23552460 libgs10-dbgsym_10.02.1~dfsg1-ok4_riscv64.deb
6a8742f539aa9494a0b5a3acb0a16c3ee5eb341c 4142752 libgs10_10.02.1~dfsg1-ok4_riscv64.deb
Checksums-Sha256:
61ca7d4a1b4ea79778768381bae2005bd960226001ad40a53cb853a6eeccd544 6248 ghostscript-dbgsym_10.02.1~dfsg1-ok4_riscv64.deb
370f0c4af3abbcb7c3a35edc74ca3588ff1c5869368499d18f7a6c2b030d35d8 11148 ghostscript_10.02.1~dfsg1-ok4_riscv64.buildinfo
3aad70d8ccde6e049e58ea361eab976041ac756936a539295496383697fdf7e6 42536 ghostscript_10.02.1~dfsg1-ok4_riscv64.deb
c3004c0fa5c6686c611756e6f1b39282f72dd5d5b7b06e5afb21e2bb3a81f9bb 31200 libgs-dev_10.02.1~dfsg1-ok4_riscv64.deb
d6ab2edaefc6334ef507ff09dda374320b66a1a7369d68035e3af73c87b8dd5f 23552460 libgs10-dbgsym_10.02.1~dfsg1-ok4_riscv64.deb
3b28302a8a5d550f6d4a958381559657021af03ed076c89f39fd3fcaf6c9c847 4142752 libgs10_10.02.1~dfsg1-ok4_riscv64.deb
Files:
0ae9e507947581e3f4b127a15ba74528 6248 debug optional ghostscript-dbgsym_10.02.1~dfsg1-ok4_riscv64.deb
997760fc73b0d44c6f24fa9404f0bedc 11148 text optional ghostscript_10.02.1~dfsg1-ok4_riscv64.buildinfo
d6ac04935d21bd1b506f0309d7120e19 42536 text optional ghostscript_10.02.1~dfsg1-ok4_riscv64.deb
b0c80019fc1fe7022be53779e20b5622 31200 libdevel optional libgs-dev_10.02.1~dfsg1-ok4_riscv64.deb
decc2495e3b03d812d79087183a610fe 23552460 debug optional libgs10-dbgsym_10.02.1~dfsg1-ok4_riscv64.deb
8b9318c1d91f3c484b7ef73d998e0cab 4142752 libs optional libgs10_10.02.1~dfsg1-ok4_riscv64.deb