[ubuntu/plucky-proposed] ghostscript 10.03.1~dfsg1-0ubuntu3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue Nov 12 18:41:23 UTC 2024
ghostscript (10.03.1~dfsg1-0ubuntu3) plucky; urgency=medium
* SECURITY UPDATE: incorrect Pattern Implementation type handling
- debian/patches/CVE-2024-46951.patch: check the type of the Pattern
Implementation in psi/zcolor.c.
- CVE-2024-46951
* SECURITY UPDATE: Buffer overflow in PDF XRef stream
- debian/patches/CVE-2024-46952.patch: sanitise W array values in Xref
streams in pdf/pdf_xref.c.
- CVE-2024-46952
* SECURITY UPDATE: output filename overflow
- debian/patches/CVE-2024-46953.patch: check for overflow validating
format string for the output file name in base/gsdevice.c.
- CVE-2024-46953
* SECURITY UPDATE: directory escape via overlong encodings
- debian/patches/CVE-2024-46954.patch: fix decode_utf8 to forbid
overlong encodings in base/gp_utf8.c.
- CVE-2024-46954
* SECURITY UPDATE: Out of bounds read when reading color
- debian/patches/CVE-2024-46955.patch: check Indexed colour space index
in psi/zcolor.c.
- CVE-2024-46955
* SECURITY UPDATE: incorrect buffer length check
- debian/patches/CVE-2024-46956.patch: fix length check in psi/zfile.c.
- CVE-2024-46956
Date: Wed, 06 Nov 2024 11:08:51 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/ghostscript/10.03.1~dfsg1-0ubuntu3
-------------- next part --------------
Format: 1.8
Date: Wed, 06 Nov 2024 11:08:51 -0500
Source: ghostscript
Built-For-Profiles: noudeb
Architecture: source
Version: 10.03.1~dfsg1-0ubuntu3
Distribution: plucky
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
ghostscript (10.03.1~dfsg1-0ubuntu3) plucky; urgency=medium
.
* SECURITY UPDATE: incorrect Pattern Implementation type handling
- debian/patches/CVE-2024-46951.patch: check the type of the Pattern
Implementation in psi/zcolor.c.
- CVE-2024-46951
* SECURITY UPDATE: Buffer overflow in PDF XRef stream
- debian/patches/CVE-2024-46952.patch: sanitise W array values in Xref
streams in pdf/pdf_xref.c.
- CVE-2024-46952
* SECURITY UPDATE: output filename overflow
- debian/patches/CVE-2024-46953.patch: check for overflow validating
format string for the output file name in base/gsdevice.c.
- CVE-2024-46953
* SECURITY UPDATE: directory escape via overlong encodings
- debian/patches/CVE-2024-46954.patch: fix decode_utf8 to forbid
overlong encodings in base/gp_utf8.c.
- CVE-2024-46954
* SECURITY UPDATE: Out of bounds read when reading color
- debian/patches/CVE-2024-46955.patch: check Indexed colour space index
in psi/zcolor.c.
- CVE-2024-46955
* SECURITY UPDATE: incorrect buffer length check
- debian/patches/CVE-2024-46956.patch: fix length check in psi/zfile.c.
- CVE-2024-46956
Checksums-Sha1:
355a4b676d304d1e7d6173d905bd2dbf96c71f17 2910 ghostscript_10.03.1~dfsg1-0ubuntu3.dsc
e9b40574e08b30bbeafaf7fe57af7c1652216823 90680 ghostscript_10.03.1~dfsg1-0ubuntu3.debian.tar.xz
70b0c4810145eb7476c6445ff5199969550989f0 17243 ghostscript_10.03.1~dfsg1-0ubuntu3_source.buildinfo
Checksums-Sha256:
09f4eacc213a49a952a00547bc66050884a27e72d76c45ab60daa0657cf5ee08 2910 ghostscript_10.03.1~dfsg1-0ubuntu3.dsc
3ee3bc94235195d628ac97642e1c213f798f18af0db74050632b14c8bb4936d0 90680 ghostscript_10.03.1~dfsg1-0ubuntu3.debian.tar.xz
1d848280dfd141a569495abd9d912ad6a3d1c311d11bf07c65a3e41705320ad4 17243 ghostscript_10.03.1~dfsg1-0ubuntu3_source.buildinfo
Files:
03a7b434c580a9e08edd46abc448eb90 2910 text optional ghostscript_10.03.1~dfsg1-0ubuntu3.dsc
87c9cc3594b2fde7d83daf3c94044bf4 90680 text optional ghostscript_10.03.1~dfsg1-0ubuntu3.debian.tar.xz
84b5f9d050317fdc4103d80ba59a9dbc 17243 text optional ghostscript_10.03.1~dfsg1-0ubuntu3_source.buildinfo
Original-Maintainer: Debian Printing Team <debian-printing at lists.debian.org>
More information about the plucky-changes
mailing list