-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3582-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Abhijith PA September 25, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : ghostscript Version : 9.27~dfsg-2+deb10u9 CVE ID : CVE-2020-21710 CVE-2020-21890 Vulnerabilities were found in ghostscript, an interpreter for pdf PostScript language, which allows remote attackers to cause denial of service. CVE-2020-21710 Divide by zero caused by custom resolution being too low CVE-2020-21890 Buffer Overflow vulnerability in clj_media_size function. For Debian 10 buster, these problems have been fixed in version 9.27~dfsg-2+deb10u9. We recommend that you upgrade your ghostscript packages. For the detailed security status of ghostscript please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ghostscript Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAmURgn0ACgkQhj1N8u2c KO8wNw//QPwRXi6x8X/xqXhzKamvAjfcj6cSVjePVRY9ul6ltAsr/9cu0SNqgt9o ZhYLUhagdz+LVY/j3Il0cIBbJJwzIOXeZ6p4omuLXIG+jHpvP8at/DmZKHSVxyGE 3z6EeqmBz7L0muE5Q6TMDM5Gx7phEuNE13Koyr11aGV33b+FItiiNfQW1gGcRb36 aPa9Sp/l3q+2qv00xk4TkF1XPdlqO0o15IHeUZqYm8BkO5mrUIsu8ECHYGWRz2Bg 6GRBFZW1HeWusH+9I78orOUoD3fGppUpTg/weKgV6FK5oAeIvkufyZIfrgdOBEOD njDFsENw93o0uYFI2C/SdKM7AJFWZFEbg4mvyYkIpFqan8svfaMHjbtJptESLU0U hTuTtCU5beYMaahUSm6D9e8bkd/KJIZpR+mC+N9RvfSVLGfPsoR457y6Hk99/4bp QmzmIkQNUbXGTqv0Ss07p8hLxu8nDLMWB8q0O2hY0rGbP0esIofMX98RcUig5vNG rZ80IXOVaDwce1L9l/x+R9dWEQNrNGpxGw9jvsEYJVFp31sV2HF70uts2OHp4riJ wHhCfy1/cV0brXPl5jzGwPOQfTy6O4Htw2Yxa6/ehnjLaXWiIOztzZZL1Y1N2kQd RuwfwYtkUdSSCuwUIUj1VEt5akwj4UGywiM2Wng55IWQHILXZsY= =Tpk6 -----END PGP SIGNATURE-----