-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 24 Aug 2024 21:29:52 +0200 Source: ghostscript Binary: ghostscript-doc libgs-common libgs10-common libgs9-common Architecture: all Version: 10.0.0~dfsg-11+deb12u5 Distribution: bookworm-security Urgency: high Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Salvatore Bonaccorso Description: ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati libgs-common - interpreter for the PostScript language and for PDF - ICC profile libgs10-common - interpreter for the PostScript language and for PDF - common file libgs9-common - transitional package for libgs-common Changes: ghostscript (10.0.0~dfsg-11+deb12u5) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * review printing of pointers (CVE-2024-29508) * Fix compiler warning in optimised build * Coverity IDs 414141 & 414145 * Don't allow PDF files with bad Filters to overflow the debug buffer (CVE-2024-29506) * Don't use strlen on passwords (CVE-2024-29509) * Bounds checks when using CIDFont related params (CVE-2024-29507) Checksums-Sha1: 4a2fd90f990bf3f1e887ea540e10f2491b9a68e9 7710648 ghostscript-doc_10.0.0~dfsg-11+deb12u5_all.deb e6096754a51e65fde74f357b143320df1376361d 13356 ghostscript_10.0.0~dfsg-11+deb12u5_all-buildd.buildinfo 5c3402cf413dfd478b00e1a55d3cf86538ccc0c8 148976 libgs-common_10.0.0~dfsg-11+deb12u5_all.deb 78bc61e8660ea0c35a35f5179f65f43cb685448e 586356 libgs10-common_10.0.0~dfsg-11+deb12u5_all.deb 463b3aec1f91d470b3feba9934df6a1faa426077 28028 libgs9-common_10.0.0~dfsg-11+deb12u5_all.deb Checksums-Sha256: 9ea8fbd72bf3f83e41ae73f87360e51d7b23b23ea476e4b004a376b0b5002d16 7710648 ghostscript-doc_10.0.0~dfsg-11+deb12u5_all.deb 4457ead5e990a63264c32bed60e8be1db7ec59e17d28ebd96fca9362d58dfb06 13356 ghostscript_10.0.0~dfsg-11+deb12u5_all-buildd.buildinfo 1230a674f9385e30992f46444690dd91e3a0e1263f0d8b59fa3593dfc6467fd6 148976 libgs-common_10.0.0~dfsg-11+deb12u5_all.deb 36d55048ee10a234b61b674755ed6bd92021d561839930851e78f8c97add174f 586356 libgs10-common_10.0.0~dfsg-11+deb12u5_all.deb fbd6d3562c729edc8adf68599357d1f5b6735e0fa8ddd234b06135b64d28a843 28028 libgs9-common_10.0.0~dfsg-11+deb12u5_all.deb Files: 38438d99a24e33de49de479d62da2766 7710648 doc optional ghostscript-doc_10.0.0~dfsg-11+deb12u5_all.deb 1022276feb27eed7e3ee91945467debd 13356 text optional ghostscript_10.0.0~dfsg-11+deb12u5_all-buildd.buildinfo 36b978428decbd34222c1502c14fd3ac 148976 libs optional libgs-common_10.0.0~dfsg-11+deb12u5_all.deb 9d5a7c5ef77badca75864d9c3756500d 586356 libs optional libgs10-common_10.0.0~dfsg-11+deb12u5_all.deb 743f51dfecef8a126ef3e9b4ba59dbc5 28028 oldlibs optional libgs9-common_10.0.0~dfsg-11+deb12u5_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEQsM0t1ygJv2xcx3e4cagXJhOTXsFAmbLLHMACgkQ4cagXJhO TXtzvw//UGj/atCwYaMspLoi/pbn/NFqzUqeA6ToAI0T8VWgjbN+0Lo36VEUK/DQ W7ug37rP6OmSeuJ8l5vyxMYAx5+Jpjxxm0BGXEbRCAo0ByoAU6VGPi71H5unw/nL /CIvzDPlpHo8pspiV6nkC6h1/In0d67cMtH15LcxoQ56lI4/1nyY7r7T8TAzNAF7 e/LvlMlWUXDz9JlK0DT4uPf/djoimJXogPx1XIQzBmp4sja0/rVh3gPq9zvq8SW9 6qWGSDIF7qwBEy9yGJsXN+nMMEZwOfLdws/cbaxB5eiIzcGMgeKnhW96GjWu/bVj 3QSqNcbcAxuyC0Gj7jQeVp10mh4mew5mUyPrYYnOolJSGyjL6LU87jdY8OSGm5V7 FfxzUMUSJE0u1iNHxm+emGONOwNailcSVQYJ84Jo9O72OaVq3XrND5YXIISKjCso 1Xlw9u5pa1CY9t1YiRPp2UDN4MgfiZ6TcdigELtWvhVesOtrHDVQjoCcgLxEHdID VCbTrRzjqVKkxmM0/bgUxf+kzxmSnQnl9BapHj0e6Fp6z1btXI2vLp6bZazfEinR kjG6dC+ccTbIbdINC9Ek2SLVzs6xs1hblVFtBVyVDcchww7jW8Tfuy5d1QeoaBFC kfYD8n/Ol1gabfslU3TNhnw1stcQdnTcm5tb6x5gk1FUkCbwbUM= =VXIF -----END PGP SIGNATURE-----