Change logs for ghostscript source package in Nile.bedrock
-
ghostscript (10.02.1~dfsg1-ok6) nile; urgency=medium
* Bug号:无
* 需求号:无
* 其他改动说明:构建 nile-sp2 版本
* 其他改动影响域:无
-- jiangdingyuan <email address hidden> Wed, 13 Aug 2025 15:31:46 +0800
-
ghostscript (10.02.1~dfsg1-ok4) nile; urgency=medium
* SECURITY UPDATE: stack-based buffer overflow via long PDF filter
name - debian/patches/CVE-2024-29506.patch: don't allow PDF
files with bad Filters to overflow the debug buffer in
pdf/pdf_file.c. - CVE-2024-29506 * SECURITY UPDATE: stack-
based buffer overflows - debian/patches/CVE-2024-29507.patch:
bounds checks when using CIDFont related params in
pdf/pdf_font.c, pdf/pdf_warnings.h. - CVE-2024-29507 *
SECURITY UPDATE: heap-based pointer disclosure via constructed
BaseFont name - debian/patches/CVE-2024-29508.patch: review
printing of pointers in base/gsfont.c, base/gsicc_cache.c,
base/gsmalloc.c, base/gxclmem.c, base/gxcpath.c,
base/gxpath.c, base/szlibc.c, devices/gdevupd.c,
devices/vector/gdevpdtb.c, psi/ialloc.c, psi/igc.c, psi/igcstr.c,
psi/iinit.c, psi/imainarg.c, psi/isave.c, psi/iutil.c. -
debian/patches/CVE-2024-29508-2.patch: fix compiler warning in
optimised build in base/gsicc_cache.c. - debian/patches/CVE-2024-
29508-3.patch: remove extra arguments in devices/gdevupd.c.
- CVE-2024-29508 * SECURITY UPDATE: heap-based overflow via
PDFPassword with null byte - debian/patches/CVE-2024-
29509.patch: don't use strlen on passwords in pdf/pdf_sec.c.
- CVE-2024-29509 * SECURITY UPDATE: directory traversal issue via
OCRLanguage - debian/patches/CVE-2024-29511.patch: reject
OCRLanguage changes after SAFER enabled in devices/gdevocr.c,
devices/gdevpdfocr.c, devices/vector/gdevpdfp.c. -
debian/patches/CVE-2024-29511-2.patch: original fix was overly
aggressive in devices/gdevocr.c, devices/gdevpdfocr.c,
devices/vector/gdevpdf.c, devices/vector/gdevpdfp.c. - CVE-2024-
29511
-- liubo01 <email address hidden> Tue, 05 Nov 2024 11:37:45 +0800
