Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted ghostscript 9.53.3~dfsg-7+deb11u10 (source) into oldstable-security
Date: Mon, 07 Apr 2025 19:40:20 +0000
Signed by: Adrian Bunk <bunk@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 31 Mar 2025 14:13:42 +0300
Source: ghostscript
Architecture: source
Version: 9.53.3~dfsg-7+deb11u10
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian Printing Team <debian-printing@lists.debian.org>
Changed-By: Adrian Bunk <bunk@debian.org>
Changes:
 ghostscript (9.53.3~dfsg-7+deb11u10) bullseye-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2025-27830: Buffer overflow via serialization of DollarBlend
   * CVE-2025-27831: Unicode decoding overrun
   * CVE-2025-27832: Integer overflow leading to buffer overflow
   * CVE-2025-27835: Confusion between bytes and shorts
   * CVE-2025-27836: Buffer overflow in bj10v device
Checksums-Sha1:
 3f9bffa079eae6926c05524ddf5e11c617d5702a 2713 ghostscript_9.53.3~dfsg-7+deb11u10.dsc
 9ce4415e5f37d858b5eb4d11040cf4079f2129c6 23948068 ghostscript_9.53.3~dfsg.orig.tar.xz
 d2f06d643e710891bbd91739e6198de01cd831ab 136364 ghostscript_9.53.3~dfsg-7+deb11u10.debian.tar.xz
Checksums-Sha256:
 5506d9ffc281f167ae7bb6207cb8b0918bce916e2a93b6ea9e580cbe18917c86 2713 ghostscript_9.53.3~dfsg-7+deb11u10.dsc
 678f99fc6cca9a224f49891b8db5d9a325b8b3fbbffa9f29d44bac9f54603f3d 23948068 ghostscript_9.53.3~dfsg.orig.tar.xz
 a008102304a59627b46a16934caed17216bec616a5823f0f1110044b42afe74a 136364 ghostscript_9.53.3~dfsg-7+deb11u10.debian.tar.xz
Files:
 8016c4e20d2d3c66e088dd0c98b40456 2713 text optional ghostscript_9.53.3~dfsg-7+deb11u10.dsc
 653da2a0bebf9949634c137da72d1e26 23948068 text optional ghostscript_9.53.3~dfsg.orig.tar.xz
 e9a3c8a3b8d703949b89af93b4901f62 136364 text optional ghostscript_9.53.3~dfsg-7+deb11u10.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmf0JfoACgkQiNJCh6LY
mLEQTBAAy9CU5xQ3Op1PNGnXqDVtgIoEuuPQX0Evd+qstDToRHcxY73Y8nrwuj7U
tXU5WJbciqiJt1ZegfE56igqC7XOAR1tYuEAaTN2/BcqZy+w49K5PlobtgOsbEqs
0DFuQpMOSWZI7hRMqKJvB7QTNZLHj+TXrYoAbnPWPMub8ifknVg3GZzaYhFrT5Lp
JsGZqaxBKl+P2Zd4DzOVnF/XYRHY2e6c1r9ndgGnBCc7dOPwiJaAsFiu4XFnJn7S
jbfNwM6QW9PieHcMCW4krZ9ZNFf4b902GgTSIKBJ5H73ioCrsjUFbUCLubSPGFOW
xBdz3q/7RhtgXhGIANP1kB1Q1VmaMOvH8UE95CXJEgwg53VKMYvo/mjTWOTOVYMt
j1jnvRaWpdtXCLMtQ4mVKTZiGV/3GbdpSU2YVXyeg59iF06n/r766henpWkoyICT
WT0ofY+dBKZXLIVrG9wmAPm8rCS4jQA8nbz5Ubbre56zW8qJS4kdwI9cuZMVmZEq
soEDq1X2Ilo5/PUM8dy/0waa6cu8H3omu/J5w5T9EXfbDrmAdySTZhPUDsoWnueC
O3P3nLGXrlf7vlbbrTKqF5kDEelIHSJHQIVcmzhR7Amcp6UqgiRMzn7XUHfA8I94
vWc8RHSwpT6mGDFWliDI2Wr3+hmmJsXkX3KeqqIqjx3EUScZraE=
=qhO1
-----END PGP SIGNATURE-----

News for package ghostscript