[ubuntu/focal-updates] ghostscript 9.50~dfsg-5ubuntu4.13 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Mon Jul 15 12:59:36 UTC 2024
ghostscript (9.50~dfsg-5ubuntu4.13) focal-security; urgency=medium
* SECURITY UPDATE: heap-based pointer disclosure via constructed BaseFont
name
- debian/patches/CVE-2024-29508.patch: review printing of pointers in
base/gsfont.c, base/gsicc_cache.c, base/gsmalloc.c, base/gxclmem.c,
base/gxcpath.c, base/gxpath.c, base/szlibc.c, devices/gdevupd.c,
devices/vector/gdevpdtb.c, psi/ialloc.c, psi/igc.c, psi/igcstr.c,
psi/iinit.c, psi/imainarg.c, psi/isave.c, psi/iutil.c.
- debian/patches/CVE-2024-29508-2.patch: remove extra arguments in
devices/gdevupd.c.
- CVE-2024-29508
Date: 2024-07-10 17:03:16.043863+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/ghostscript/9.50~dfsg-5ubuntu4.13
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list