-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 24 Aug 2024 21:29:52 +0200 Source: ghostscript Binary: ghostscript ghostscript-dbgsym ghostscript-x libgs-dev libgs10 libgs10-dbgsym Architecture: mipsel Version: 10.0.0~dfsg-11+deb12u5 Distribution: bookworm-security Urgency: high Maintainer: mips64el Build Daemon (mipsel-osuosl-02) Changed-By: Salvatore Bonaccorso Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-x - transitional package for ghostscript libgs-dev - interpreter for the PostScript language and for PDF - Development libgs10 - interpreter for the PostScript language and for PDF - Library Changes: ghostscript (10.0.0~dfsg-11+deb12u5) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * review printing of pointers (CVE-2024-29508) * Fix compiler warning in optimised build * Coverity IDs 414141 & 414145 * Don't allow PDF files with bad Filters to overflow the debug buffer (CVE-2024-29506) * Don't use strlen on passwords (CVE-2024-29509) * Bounds checks when using CIDFont related params (CVE-2024-29507) Checksums-Sha1: 5460a103701288a3a97c3046d73a35e816ceb26d 6192 ghostscript-dbgsym_10.0.0~dfsg-11+deb12u5_mipsel.deb a0551c8c45c37417ba115ab59a81fe7bc2186ab0 28048 ghostscript-x_10.0.0~dfsg-11+deb12u5_mipsel.deb 73cbbc963d70f28a31f63548a3769581a3cc4623 11821 ghostscript_10.0.0~dfsg-11+deb12u5_mipsel-buildd.buildinfo a216561bd4aed2aa2ca79cda524356240e4009bd 57300 ghostscript_10.0.0~dfsg-11+deb12u5_mipsel.deb 01d6459e045a2b33cc3073f88ad194e60befeabc 39576 libgs-dev_10.0.0~dfsg-11+deb12u5_mipsel.deb e6243c04606d83a0c751fbf3b1012de7fd006528 9659016 libgs10-dbgsym_10.0.0~dfsg-11+deb12u5_mipsel.deb 5f045842ee9a654da8b639c9eae04a1b2ce25fa3 2245420 libgs10_10.0.0~dfsg-11+deb12u5_mipsel.deb Checksums-Sha256: 4d1a02e35cd7a24952fdfb7a0d53503b5c59950cda2f24208e1d3d17322ad43f 6192 ghostscript-dbgsym_10.0.0~dfsg-11+deb12u5_mipsel.deb d669ca66215e5aaae6303bc7decae54d8ada3ffdd4db460a1cb36e96c11eabe3 28048 ghostscript-x_10.0.0~dfsg-11+deb12u5_mipsel.deb 2c45fa52e2eb9886ba92e6e4a5dc4643de505258ec86606095586bb7e90b40b2 11821 ghostscript_10.0.0~dfsg-11+deb12u5_mipsel-buildd.buildinfo 78e1ed8fe3b95593a18ed809b87d1a516d8d37dbac376c1cf42555704c309626 57300 ghostscript_10.0.0~dfsg-11+deb12u5_mipsel.deb b08efcf18e1145f8595b6a0cfebc08b172ae6b77404d133d8b709c7f84e818a1 39576 libgs-dev_10.0.0~dfsg-11+deb12u5_mipsel.deb 59e1b085f0108772e9768b6f136da2c0e7b9c7084272e8c6093e6800dd81505c 9659016 libgs10-dbgsym_10.0.0~dfsg-11+deb12u5_mipsel.deb 573e0018c1ec65a07363c2dc798ab8dfdf863637eb846a43a5c19fc8a3876097 2245420 libgs10_10.0.0~dfsg-11+deb12u5_mipsel.deb Files: fdfef3bef4c07bbfce86c6f8aeb41d12 6192 debug optional ghostscript-dbgsym_10.0.0~dfsg-11+deb12u5_mipsel.deb 9b83385cbbe817b2bf0c531b3bbbb502 28048 oldlibs optional ghostscript-x_10.0.0~dfsg-11+deb12u5_mipsel.deb 134ce3250db8d7319a6314cb6740f448 11821 text optional ghostscript_10.0.0~dfsg-11+deb12u5_mipsel-buildd.buildinfo 3f1c71f37dddca6f2e4d10554fcd9119 57300 text optional ghostscript_10.0.0~dfsg-11+deb12u5_mipsel.deb 383391bf59c87731a53afb3c3ef99570 39576 libdevel optional libgs-dev_10.0.0~dfsg-11+deb12u5_mipsel.deb 0af277b26b3950225218d799273f2a7f 9659016 debug optional libgs10-dbgsym_10.0.0~dfsg-11+deb12u5_mipsel.deb 5830e4e2eff8d5afb1e44b1317e0c41e 2245420 libs optional libgs10_10.0.0~dfsg-11+deb12u5_mipsel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEDr2J+AJzKxM96x4w+k4sZ5IEFbUFAmbLNvEACgkQ+k4sZ5IE FbVuKhAAtpIG2jTUJz2eJ/5dQ9LY6Zd2qymU3luIsBn/R/jrLeV6xHkyiaa2v5vZ h8x3gnBriVcnA+t3EOZZaG3lm+oz0T4Uajw8ADiBCm3rfNCxCmxp0kJcXyF/su+Z P1l9xq8bC6ALYKAn0C1PaIQJ1C+r/Fv0XZdI5PJx4JyAZ/x9c+9o+meva8OBL4Hg E95PPn9EVqpX+DdMG0i7RsTld7Kugd/bkKN8PULLNVekJlwJkTdHDtd75ylGwozV N08ghbXPOC48RKyEX0ytydPEr3x7nhpke0Aw1UQnwQym75LyjkP7aiIZyagmnTh4 WLDQwM/sR9ZwT1WPCsPQk7GY1nzHS5+C8ExibpI+2212Bxm6NNQNXfkXR4GsUysI /MfIndP+DmJvz4Vps4zHTUXFJJbC5Ulc30lUo6cr/V4mCbZ434xRCWO2TLVKPyrz 6G9JOMewp49m/shnAqUOUysfjAdzdrUNflOHrD4nl9WHqKYWnTa8aVZY2KlC9hzm 9LSeZLv+JCJtrGoP88d42//3at+WeA9Wd13naJp+YHZsaLkeUPvzXUUhOFJ/rm6F 6GajSqKD/bNi3Th5884JNGbJLSdd7aLzKmfgtYrk80K2T9r3+rILDMugMRYFJKsB O/fB1e2pyc/mAYuyocXvH8S2BKW/jyz7Qr8IJ/qyqOkFhkz5pSo= =ynmA -----END PGP SIGNATURE-----