-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 09 May 2024 22:20:16 +0200 Source: ghostscript Architecture: source Version: 10.0.0~dfsg-11+deb12u4 Distribution: bookworm-security Urgency: high Maintainer: Debian QA Group Changed-By: Salvatore Bonaccorso Changes: ghostscript (10.0.0~dfsg-11+deb12u4) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * In SAFER (default) don't allow eexec seeds other than the Type 1 standard (CVE-2023-52722) * Uniprint device - prevent string configuration changes when SAFER (CVE-2024-29510) * Bug #707691 (CVE-2024-33869) * Bug 707691 part 2 (CVE-2024-33869) * Bug #707686 (CVE-2024-33870) * OPVP device - prevent unsafe parameter change with SAFER (CVE-2024-33871) Checksums-Sha1: 85c205e0c905b532f711523a39d3414ce9955798 3019 ghostscript_10.0.0~dfsg-11+deb12u4.dsc 591cf81ed897f429c4443aa08697d1de2501ef86 91408 ghostscript_10.0.0~dfsg-11+deb12u4.debian.tar.xz 961eebf08fa5cf68b2244de539d229aca07e5285 7310 ghostscript_10.0.0~dfsg-11+deb12u4_source.buildinfo Checksums-Sha256: e026b4b48ad6054b5a415423b96285996d29911c2f223fe87270e056df3699cc 3019 ghostscript_10.0.0~dfsg-11+deb12u4.dsc a85238f34446c9be57b0cadb051556ee7cffdaca411c7ab0873351574976359d 91408 ghostscript_10.0.0~dfsg-11+deb12u4.debian.tar.xz a8b568ac51f1ebec005adbd0d9fca597783c81a0c21efddbc9a9ee0a56c88783 7310 ghostscript_10.0.0~dfsg-11+deb12u4_source.buildinfo Files: 6f56ab0d8b70dc221930dc1ea2530366 3019 text optional ghostscript_10.0.0~dfsg-11+deb12u4.dsc 874a5e9a5304cb023e93348d875eb4e8 91408 text optional ghostscript_10.0.0~dfsg-11+deb12u4.debian.tar.xz 72c4ae32db5dc4af479efb1c20e10ec8 7310 text optional ghostscript_10.0.0~dfsg-11+deb12u4_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmY+FuZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EnncP/0Bd7zLgFSUX3s4vaOlZ0jKHN/vMuP95 7JrbDRzp7LGgwvU8fkkRU8OnYaVqpiZ1V6MjuDYuIE5wPznKSkXZfWDJUOO4xHd6 Ih1l6Jw0cspoo3FRvlsBTTRiJ0iaLQPtTDP4lum4NlurUd3maMZV3Q8vNaiKV3k6 tcRkI/VbTjS6Yl8hZ8PJo+UDss90WKludE8GrD8bIgkr6+kmDqI7hWsAM1cMSE76 OSxf2mXC1crfOxeBFALPpVcQz+HfGVxjVQQz/L5Bsfhsr2l0kg9RuiHIa9nUT4lo 4ywsHg0wzsIDjwg8eD97pHXjO9LGycVVvUCW6dxbUYJyXPGmugF1fyHQawbUSVUK h/HjyIyyC0k6I1hh2Z5iLLgv+C03ow5yCW+Pi1OKHjKpM25rdvDipI+peSQFfcWh 398sYg4Rszu7re4sGGNmewIabQhILBf/aeI73ODNb7gqKPW/No0m3Ve5hHkRYt7q 0r00Pf0SiuFX+P1oyuBu3f/ntMzT0wTSi/YPxI7ZC/tqAG/coxIoK7l+HBZpimrh qfQejwWuTUFR1sH4VZUnl1K5Im8TMrPxHKcJ8tUX2zPUs4mEVRpkRK7e933fXLQH WVIp3d8GaBMP6/l4xCwfwqy64Acf/EqODL1llBnsRVEv+JBADgpACwqjN4/oU8mO pIyh1eTh24L5 =fXni -----END PGP SIGNATURE-----