[ubuntu/focal-updates] ghostscript 9.50~dfsg-5ubuntu4.10 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Wed Sep 13 12:58:17 UTC 2023


ghostscript (9.50~dfsg-5ubuntu4.10) focal-security; urgency=medium

  * SECURITY UPDATE: Divide By Zero
    - debian/patches/CVE-2020-21710-1.patch: add a zero check for
      bytes_per_space before using it for division in eps_print_page() in
      devices/gdevepsn.c.
    - debian/patches/CVE-2020-21710-2.patch: add a zero check for
      bytes_per_space before using it for division in epsc_print_page() in
      devices/gdevepsc.c
    - CVE-2020-21710
  * SECURITY UPDATE: Out-of-Bounds Write
    - debian/patches/CVE-2020-21890-pre.patch: add the float res assignment
      in clj_get_params() in devices/gdevclj.c.
    - debian/patches/CVE-2020-21890.patch: change the variable for division
      to use res instead of fres.data that could be uninitialized, in
      clj_media_size() in devices/gdevclj.c.
    - CVE-2020-21890

Date: 2023-09-12 15:32:08.589981+00:00
Changed-By: Rodrigo Figueiredo Zaiden <rodrigo.zaiden at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/ghostscript/9.50~dfsg-5ubuntu4.10
-------------- next part --------------
Sorry, changesfile not available.


More information about the Focal-changes mailing list