-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 24 Aug 2024 21:29:52 +0200 Source: ghostscript Binary: ghostscript ghostscript-dbgsym ghostscript-x libgs-dev libgs10 libgs10-dbgsym Architecture: ppc64el Version: 10.0.0~dfsg-11+deb12u5 Distribution: bookworm-security Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) Changed-By: Salvatore Bonaccorso Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-x - transitional package for ghostscript libgs-dev - interpreter for the PostScript language and for PDF - Development libgs10 - interpreter for the PostScript language and for PDF - Library Changes: ghostscript (10.0.0~dfsg-11+deb12u5) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * review printing of pointers (CVE-2024-29508) * Fix compiler warning in optimised build * Coverity IDs 414141 & 414145 * Don't allow PDF files with bad Filters to overflow the debug buffer (CVE-2024-29506) * Don't use strlen on passwords (CVE-2024-29509) * Bounds checks when using CIDFont related params (CVE-2024-29507) Checksums-Sha1: 8a8ad78a48b503ae9480697eacf273b19cff66c6 5944 ghostscript-dbgsym_10.0.0~dfsg-11+deb12u5_ppc64el.deb 14f93c77ac24cc4b1716839705ee3f04e04e42e5 28048 ghostscript-x_10.0.0~dfsg-11+deb12u5_ppc64el.deb 248cc85d55fa1d90c2e56ffb25344abb15932132 12000 ghostscript_10.0.0~dfsg-11+deb12u5_ppc64el-buildd.buildinfo 93e15fca8f3773ed3683b2d56fa60bab87af002e 57336 ghostscript_10.0.0~dfsg-11+deb12u5_ppc64el.deb cfc6eb1d17a3d1794004ba564b7010e4f90e0f0e 39588 libgs-dev_10.0.0~dfsg-11+deb12u5_ppc64el.deb f3c1a065960be28817da140cf1869703b4061aa8 9744396 libgs10-dbgsym_10.0.0~dfsg-11+deb12u5_ppc64el.deb 91eb23b301069d0b451a634a8bffc1a732aed34f 2613328 libgs10_10.0.0~dfsg-11+deb12u5_ppc64el.deb Checksums-Sha256: 6f93ebc70a539ccf02ba0b064cc386cc3e394367eb708878541391cd3cb9f6e5 5944 ghostscript-dbgsym_10.0.0~dfsg-11+deb12u5_ppc64el.deb b9f19408cbc0f0279c82e2f9d9d831a746193d8817c0d90ce1d20d85115b0376 28048 ghostscript-x_10.0.0~dfsg-11+deb12u5_ppc64el.deb a4089fa6a5f824e83c66f89055cad4ec6db8ea27421c51160cf443a41286f760 12000 ghostscript_10.0.0~dfsg-11+deb12u5_ppc64el-buildd.buildinfo 29f9085e83ed45f4b9c24f1d1c4ef929fbac35a4c6359bd14f4371b607bc8790 57336 ghostscript_10.0.0~dfsg-11+deb12u5_ppc64el.deb cf881cf170d3102e486ff2af02b006445704e6c950bf5ddfea22dd350e0d3675 39588 libgs-dev_10.0.0~dfsg-11+deb12u5_ppc64el.deb a4ae795406d6a092fc285dfed97145ff5f1a9c490798a0e0ee7e5cc151e210cd 9744396 libgs10-dbgsym_10.0.0~dfsg-11+deb12u5_ppc64el.deb 7a6f970c6504ccb67ac6577b9ef3590fa19c19007681926b4163fd2c02184326 2613328 libgs10_10.0.0~dfsg-11+deb12u5_ppc64el.deb Files: 802ed81effff466417734d8d6f51b033 5944 debug optional ghostscript-dbgsym_10.0.0~dfsg-11+deb12u5_ppc64el.deb 0dd7c0de891fe076ce840c536b410e58 28048 oldlibs optional ghostscript-x_10.0.0~dfsg-11+deb12u5_ppc64el.deb 7021633ea59e0c654393e7aee5b66b19 12000 text optional ghostscript_10.0.0~dfsg-11+deb12u5_ppc64el-buildd.buildinfo 0d3192b860d3ccdbcc25064c74f5ac87 57336 text optional ghostscript_10.0.0~dfsg-11+deb12u5_ppc64el.deb 7c9f8d9b183b5b175fea57d43d07e870 39588 libdevel optional libgs-dev_10.0.0~dfsg-11+deb12u5_ppc64el.deb 2a0c93bc467335d36e5d2e1dcf36abd8 9744396 debug optional libgs10-dbgsym_10.0.0~dfsg-11+deb12u5_ppc64el.deb db9d0ec65d83368bf01141efe4f754c9 2613328 libs optional libgs10_10.0.0~dfsg-11+deb12u5_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE0YcVZfZCWQv84jpRNcqbeolus3sFAmbLLA8ACgkQNcqbeolu s3t0rQ/+OerauLzScsVE2Ipo3+lIMmqAR6QCUvngnlkkvvbO2PoHis92I/f0UHh3 NjnlSa5wqQ8MLsvWM1xompl+PRtnqaEMVoLss2MbUPoS6VfeJCK4DlUMYuefljuj mwPEWJR8FbLv+07Vad3tPoRmLXFqAeA7Xu+3lr/saA78t8+M84nI5qwHIWDkMvVD TbH6i2zsIta6wqquvCn7olFf8VwKbNrmGKnQKRK7dLVYgNnc56GewouQ2S/xla6m Nz/qlphsNCYsW+4ttkvYkctmH29SH15pHO9/Kavp0tUWys0GJaXs7MtZPymYiTyC kJKvUd3o+FgOZLsG237XPguR9No99G+nmjZ1psORjifkKAsXlUclRNldwgO3KnZm yXtajzLsZ4ECgHyYpFPUE/ac840tvjkV6Yl2mONLvgRMmlo3fbwplBzE0FBj19QY GgRfB5dWJc0nb0N8qA3iC7rbjnmT+q2lsUCz9LzGf0P2rrYVWNlB+Pu/sJT7iz9n 6GIW+lVGndyYa/nDI0OiXnVz3HiXvBmsDg7YTbyyMAIELk4cfcNuZAQ0vkrMpkko /wx4KAYn2HpmlvzA4kWN2VCQtk4HUbjySO7LLz2T5noNviVoXN29qufKAVh8hB6t Q/ENHcYVcobOZ1KssPGI5ZW2dwynjnHEgLq1edowmBcacd3UqAw= =fm5Q -----END PGP SIGNATURE-----