Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <>
Subject: Accepted ghostscript 10.0.0~dfsg-11+deb12u8 (source) into oldstable-security
Date: Sat, 11 Oct 2025 08:17:29 +0000
Signed by: Salvatore Bonaccorso <carnil@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 05 Oct 2025 10:11:09 +0200
Source: ghostscript
Architecture: source
Version: 10.0.0~dfsg-11+deb12u8
Distribution: bookworm-security
Urgency: high
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 1109270 1116443 1116444
Changes:
 ghostscript (10.0.0~dfsg-11+deb12u8) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Catch a null file pointer closing pdfwrite (CVE-2025-7462)
     (Closes: #1109270)
   * pdfwrite - bounds check some strings (CVE-2025-59799) (Closes: #1116443)
   * pdfwrite - avoid buffer overrun (CVE-2025-59798) (Closes: #1116444)
Checksums-Sha1:
 45f71a36b85cf3e2c3fadf6257b589b452620e38 3022 ghostscript_10.0.0~dfsg-11+deb12u8.dsc
 6122612421398161c7a1dd6704456838905acb0e 110332 ghostscript_10.0.0~dfsg-11+deb12u8.debian.tar.xz
 1a061d58cfe9e2d31e01a7f49b6a26321d78a8f1 6435 ghostscript_10.0.0~dfsg-11+deb12u8_source.buildinfo
Checksums-Sha256:
 8cb8f619dffe09825e56014b9fc34381ba9fa75048b11b00a275abeaf9785cd4 3022 ghostscript_10.0.0~dfsg-11+deb12u8.dsc
 94f131ca44c0c0a9379cb8ad2841b98e15f0bf2a0c157b1fd11f8dbefefe6399 110332 ghostscript_10.0.0~dfsg-11+deb12u8.debian.tar.xz
 06ef574b3180cb0711d12fcf38df0bd8edd8394f67243b89a416301415ea2b93 6435 ghostscript_10.0.0~dfsg-11+deb12u8_source.buildinfo
Files:
 b920842fa2d4d4247cf32ae2c4d0478e 3022 text optional ghostscript_10.0.0~dfsg-11+deb12u8.dsc
 1f17de20dc37263ce870ebd9335f1705 110332 text optional ghostscript_10.0.0~dfsg-11+deb12u8.debian.tar.xz
 e198ebd9718106f795e9c9b17f3f88bb 6435 text optional ghostscript_10.0.0~dfsg-11+deb12u8_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmjiTfhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EuIAP/3+9iCK6U9n+4zddkS82QIlX6LX6P6cJ
t58YBi5NwQda/US6xqoo+1/0r4DnKgqgICsqTNfHxn7T8v2mF5GXpGPAGAbx4Ox2
5NFzqCGrP4XErv4q00E3lJBak+HVH998FI2qFGwmgui7cbTrl9q8gwIIlsXIDAFY
Kw2UyN5wO2XzcdI/0j2e3p/vehQEmJ308TPRwdZ+MwkiaJ/Xk6xuL0fL7HnVJtB7
p3TwD7vSpoli23DWjus6+IdpLdvTZ0Jm2UJhUq0GMQHGWR5mHs5jUYAtODWVRvom
PjHwyYvI115UlbBn02aFkeLLLXX7HKxadCkuwzSU5JnXISBmvdR3PTjgbWplc1hu
p4etZPOQWcY7R1IeKpdigjHaK7IF1O+1NVBZfwEUowYztoXuhWVslNeVYchGjEHg
Yi/tjJ7Erb1Q1fzKTsm0qBqSOkJihCg2D+BHjGR8SjjZEswGUhYoAkmNOZVpytBV
IXP2ixcBabkdOqBoDGQyxA4vmSVOPnOYfxe99LuMa6CtEZCNOGLMUA5AvmA8oykx
8FxTOGqmx7m+ed0C8sPJ8XlFiO66buZVP8sCRNIrW1GWe5L+aCrLoaCbuvPTSe/u
ozeQvzL22I7iu3WfWSHSyu503N9V5aYXKb1zfMq81wo2iD5Z+kSC8Ul1tkS3s9Ub
1EF9areWh9Ul
=7gNI
-----END PGP SIGNATURE-----

News for package ghostscript