-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 10 Nov 2024 13:20:08 +0100 Source: ghostscript Binary: ghostscript ghostscript-dbgsym ghostscript-x libgs-dev libgs10 libgs10-dbgsym Architecture: mipsel Version: 10.0.0~dfsg-11+deb12u6 Distribution: bookworm-security Urgency: high Maintainer: mipsel Build Daemon (mipsel-osuosl-03) Changed-By: Salvatore Bonaccorso Description: ghostscript - interpreter for the PostScript language and for PDF ghostscript-x - transitional package for ghostscript libgs-dev - interpreter for the PostScript language and for PDF - Development libgs10 - interpreter for the PostScript language and for PDF - Library Changes: ghostscript (10.0.0~dfsg-11+deb12u6) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * Check for overflow validating format string (CVE-2024-46953) * Fix filenameforall completion cleanup * Don't leave a dangling pointer on the stack * PostScript interpreter - Null dangling references on stack * PostScript interpreter - fix buffer length check (CVE-2024-46956) * PS interpreter review colour code for stack pointers * PS interpreter - check Indexed colour space index (CVE-2024-46955) * PS interpreter - check the type of the Pattern Implementation (CVE-2024-46951) * PDF interpreter - sanitise W array values in Xref streams (CVE-2024-46952) Checksums-Sha1: 80d5ee3063f4c322cb0503df769b76b9dbe9f4dc 6192 ghostscript-dbgsym_10.0.0~dfsg-11+deb12u6_mipsel.deb b770668ff9a24833fb1e3de74d97d9826e10dd0d 28280 ghostscript-x_10.0.0~dfsg-11+deb12u6_mipsel.deb 60cf43e2e16a2568ee0071dfdffe645ed9664fce 11846 ghostscript_10.0.0~dfsg-11+deb12u6_mipsel-buildd.buildinfo a191d1a9af399b92dce6c9f9e8d4827cc10bff5e 57552 ghostscript_10.0.0~dfsg-11+deb12u6_mipsel.deb 1a26ebda036bf18b37f37284d6eec361845acaf0 39812 libgs-dev_10.0.0~dfsg-11+deb12u6_mipsel.deb a16df829f946923e75c51ced7e2664c5821f753b 9659780 libgs10-dbgsym_10.0.0~dfsg-11+deb12u6_mipsel.deb c32fbb24e5a9e01984004f4b327512cac795c688 2246496 libgs10_10.0.0~dfsg-11+deb12u6_mipsel.deb Checksums-Sha256: 67b21498eee3170d9efec210e26c15a8cb4f062b00a79e55cbd9a2d83af7f311 6192 ghostscript-dbgsym_10.0.0~dfsg-11+deb12u6_mipsel.deb 9dbdbc216960937ea25eba06bd02da81f0ebb800f6ace40707f671dcbbda379f 28280 ghostscript-x_10.0.0~dfsg-11+deb12u6_mipsel.deb c896a413057265ff2ff46847484376e4b689f2087976a4e1e3a1c07b7277983c 11846 ghostscript_10.0.0~dfsg-11+deb12u6_mipsel-buildd.buildinfo 721fac07d9263482aa7ca1f5b7212d417fc30e4fd56f9654159826a5c93ec545 57552 ghostscript_10.0.0~dfsg-11+deb12u6_mipsel.deb ba961e01d6e33e04673de7f0aaf58d4037895dfd63338e986c425ced793edfb2 39812 libgs-dev_10.0.0~dfsg-11+deb12u6_mipsel.deb cbb50044e403326161f6f82f3ecc965448d4a57a1bdd17b137933deceb15b974 9659780 libgs10-dbgsym_10.0.0~dfsg-11+deb12u6_mipsel.deb b57544d38ee6a26a875aacf77296ed742881e5ad34a5307cdf10b598a2418c6f 2246496 libgs10_10.0.0~dfsg-11+deb12u6_mipsel.deb Files: 9a2c59a59eb7d38b6e6fb1488609ee49 6192 debug optional ghostscript-dbgsym_10.0.0~dfsg-11+deb12u6_mipsel.deb 00974421d1b75abc70a930b2186f0e12 28280 oldlibs optional ghostscript-x_10.0.0~dfsg-11+deb12u6_mipsel.deb 89c331e713aa77c18e7beec65099837a 11846 text optional ghostscript_10.0.0~dfsg-11+deb12u6_mipsel-buildd.buildinfo 663ad6f836e4edafcce7bd1fe9b1a59c 57552 text optional ghostscript_10.0.0~dfsg-11+deb12u6_mipsel.deb 101b441f9e5d596bce5acc7e7ee4cf60 39812 libdevel optional libgs-dev_10.0.0~dfsg-11+deb12u6_mipsel.deb c27240b7215e088ff5ad352f204767f4 9659780 debug optional libgs10-dbgsym_10.0.0~dfsg-11+deb12u6_mipsel.deb a34450233be3f712ab2ab6078ae9fb7c 2246496 libs optional libgs10_10.0.0~dfsg-11+deb12u6_mipsel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEunmvxaaGKuI+hxxClmZGXOM83t8FAmcwsH4ACgkQlmZGXOM8 3t+lJBAAxrBxwppvqqbSM6D/Eoh0MPpXiQ9vTO3oR3zUAzBObER5hzTKzV79e5Ud vTTq6AJ8dkUgoP3OZzxk3V2rf36x6qT/K3aDfFx3bPfek1ut3D33SO6kpv1mCgKf uN3Qyrbo0fQykQHMfQj93MOLosTIJBCIdRNhV5dtMeJcCPBoEsCzeDiyauLZDJ+M H4qUjw8fBLDxBq1KmgrCZ3lIU0sDUwsmMucBzpw+MBG/D2HAv4CUAJ6ZYWNRrRqP pj+LN1O9b/ALUFM6Hlp8S+7vUQ/s3d/FnTOIl8Ky4wNW4/4Dcb2+E0hES+KBKJqQ h1RBa80M3Uei2ptnZ39kr6mPYP5l5R7n0g0y1EzSfEmaL3+NlQ9t0iuOzB0FYpHj xLrhw65s9unpNsGgTSGi+q3241R6XAP+fdae2wOMt2sc27rMdSrxl4pfMiD/YHZq 2w8dmm/+bPeltWh3PpA+4YTBQKaZS4v1p2t+9nuAtldVV0yUphpP1QPTjqu7Y+2H 8SUQriqTIJvoRZldK15jr99FvcurQgNLHgXann8JYOeHRZgAcGgboCJiKBS37/NK 5TuzpyTaovBEYFYopXJ4RfjWowWZHAzhrFzEXLIsKQmyQtDOIBcshxIP37vH/Dsi q2OCHIJqYADYmGvXC2S8QelGs0vEuZNNQBvbwOGbp2o7S1MI19Q= =NStU -----END PGP SIGNATURE-----