-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 10 Nov 2024 13:20:08 +0100
Source: ghostscript
Binary: ghostscript ghostscript-dbgsym ghostscript-x libgs-dev libgs10 libgs10-dbgsym
Architecture: amd64
Version: 10.0.0~dfsg-11+deb12u6
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 ghostscript - interpreter for the PostScript language and for PDF
 ghostscript-x - transitional package for ghostscript
 libgs-dev  - interpreter for the PostScript language and for PDF - Development
 libgs10    - interpreter for the PostScript language and for PDF - Library
Changes:
 ghostscript (10.0.0~dfsg-11+deb12u6) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Check for overflow validating format string (CVE-2024-46953)
   * Fix filenameforall completion cleanup
   * Don't leave a dangling pointer on the stack
   * PostScript interpreter - Null dangling references on stack
   * PostScript interpreter - fix buffer length check (CVE-2024-46956)
   * PS interpreter review colour code for stack pointers
   * PS interpreter - check Indexed colour space index (CVE-2024-46955)
   * PS interpreter - check the type of the Pattern Implementation
     (CVE-2024-46951)
   * PDF interpreter - sanitise W array values in Xref streams (CVE-2024-46952)
Checksums-Sha1:
 c68cc02cdffcff727e189d65d71cbb65b2ad9ca4 5880 ghostscript-dbgsym_10.0.0~dfsg-11+deb12u6_amd64.deb
 344e0455e7021bac7e3875e29756485cf138f79d 28280 ghostscript-x_10.0.0~dfsg-11+deb12u6_amd64.deb
 37cc03da2f8599b9049cabee2113d85fd9b6c5f9 12065 ghostscript_10.0.0~dfsg-11+deb12u6_amd64-buildd.buildinfo
 6e1b0bffe2604c59bef9fada4a2a64147b51334d 57460 ghostscript_10.0.0~dfsg-11+deb12u6_amd64.deb
 84d4b5680f4089d8d01c916a72a2add608cfed1b 39820 libgs-dev_10.0.0~dfsg-11+deb12u6_amd64.deb
 edaa3a69e69a0d535c8a1d22170da0b44c725288 9707048 libgs10-dbgsym_10.0.0~dfsg-11+deb12u6_amd64.deb
 115d0aeecf0bdce581202157b000624a6edcf4d7 2466824 libgs10_10.0.0~dfsg-11+deb12u6_amd64.deb
Checksums-Sha256:
 1c62cb46828ed67b9325069c93aee826d23129cfa6e191a9be1a3b2269bf515b 5880 ghostscript-dbgsym_10.0.0~dfsg-11+deb12u6_amd64.deb
 cce6f4d1de779f2456cf28cbe171fce5dc4791de97b201ff19990c7ef00f4a2d 28280 ghostscript-x_10.0.0~dfsg-11+deb12u6_amd64.deb
 875d81d32a4c6874d2bb30596e7e632ab304f441478ff946da279189ae3d5a6e 12065 ghostscript_10.0.0~dfsg-11+deb12u6_amd64-buildd.buildinfo
 0cb6c6293b84307424503e87fbf8210fbda7c000a9e3f75a15c7dbd46552aa23 57460 ghostscript_10.0.0~dfsg-11+deb12u6_amd64.deb
 c693794f5dbe6d89f145379488723a8bf78c2c94cef2bc9b50a606f451d98a0f 39820 libgs-dev_10.0.0~dfsg-11+deb12u6_amd64.deb
 b939896627ac3392e59c18a70a951e2e91f76df7722918b6836034bf6f1137ca 9707048 libgs10-dbgsym_10.0.0~dfsg-11+deb12u6_amd64.deb
 f31e1f73dd1f0c7da0e1f3a00007272cd94598f0a216d5a1245b57a648b4c8c6 2466824 libgs10_10.0.0~dfsg-11+deb12u6_amd64.deb
Files:
 14f511a21d8764650d40039477e3ddd8 5880 debug optional ghostscript-dbgsym_10.0.0~dfsg-11+deb12u6_amd64.deb
 b78e964e9b53dc6891e71577770e6d84 28280 oldlibs optional ghostscript-x_10.0.0~dfsg-11+deb12u6_amd64.deb
 85b85d778e0a2de6c809180b41aba9c6 12065 text optional ghostscript_10.0.0~dfsg-11+deb12u6_amd64-buildd.buildinfo
 20554a35d3b1f01153d57db0df2ca21b 57460 text optional ghostscript_10.0.0~dfsg-11+deb12u6_amd64.deb
 7b76d613b366c86adf4dc5026cd341ab 39820 libdevel optional libgs-dev_10.0.0~dfsg-11+deb12u6_amd64.deb
 9d88242f6358a0d3fd227ca8f3b71f66 9707048 debug optional libgs10-dbgsym_10.0.0~dfsg-11+deb12u6_amd64.deb
 7c51c94991ae2d788be5600f67468000 2466824 libs optional libgs10_10.0.0~dfsg-11+deb12u6_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE4Unr4QHS5Yi4rr9Q3KGKEAtjIVgFAmcwrngACgkQ3KGKEAtj
IViKew/+KpHkejagl/D36dTNHv/2SJ89BEyQVOPhfj6pwj4piFc4IePWuhvowzr+
JurXArlLEdS12342qvpYHZdtTLW6NynB8woZQnh5ZnhW1jU/A7Rjv/kUFZsVcuck
hyT7jyLkRWaeOX0hZMoQriu/YoRrtLNxnBG+qJ9R/AtS7K6rnsU0h5lkVBhEhw/y
0OFjm5Ck798yhOFuzAIija1QL5mAY+GALX3dtaZV9XFoTSN4YjPVit9Fk43UHJnO
zqmcb2ghoDraNjnctvTU3vwj8fmbOLNwilmlU1Kh3JS+on4xzJqUQiOO6sQk3T/s
KAG5xXamDHj5SzxBvCwh1+cDWluDb+A9v1d7/5Lo1Iz7j72IAsL225KgGSWDIw1M
vI6lvXpqYZqWGCyELc/Hwb4NSBjHmEAik2AixuCaHFtYCP6WSOnd77bnh2YwxCPM
s38w1Insck3busGkBpjm6rXfvJwiZK1iv88dDhVEAZaeYNSso4ha9DmU46Y/4MqL
wHG7EL/hBtie1HHdnqhKP4XffcON4RCJLKa0oVTTFpStMfCnedwKPxgheRGZYsfh
qi16vWcrgG5jypAa9LnUj89G9aDJr6xo84zLXJdgQ+tZ0FcPbmZLlWJaLbL/kfXa
TTXlfZ0RPKK4mn9qtQ3qsGPs7Gi79TGjBuIu+IcaH31uy02uzM4=
=bUQM
-----END PGP SIGNATURE-----