Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5a34f392 by Abhijith PA at 2023-09-25T14:01:46+05:30 Upstream have changed and refactored function `finish_copydevice` Backporting to 9.27 is not worth when the IjsServer security risk is documented. - - - - - f325a4b6 by Abhijith PA at 2023-09-25T14:09:07+05:30 Add a commit reference for CVE-2020-21890 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -604,6 +604,7 @@ CVE-2023-43115 (In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL ca - ghostscript 10.02.0~dfsg-1 [bookworm] - ghostscript <no-dsa> (Minor issue; documented risks, can be fixed in later update) [bullseye] - ghostscript <no-dsa> (Minor issue; documented risks, can be fixed in later update) + [buster] - ghostscript <ignored> (Minor issue; documented risks, have done refactoring in later versions) NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=707051 NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=e59216049cac290fb437a04c4f41ea46826cfba5 NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=8b0f20002536867bd73ff4552408a72597190cbe (ghostpdl-10.02.0rc2) @@ -224469,6 +224470,7 @@ CVE-2020-21891 CVE-2020-21890 (Buffer Overflow vulnerability in clj_media_size function in devices/gd ...) - ghostscript 9.51~dfsg-1 NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701846 + NOTE: Fixed by: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=dbdb5f8527007b482d4e6037b558dbf3e6a06d3a (ghostpdl-9.51rc1) NOTE: Fixed by: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=494eeedf73d13fac5710e56f3a8fb2e7e2379d73 (ghostpdl-9.51rc1) CVE-2020-21889 RESERVED View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/60c7ef977b672cb5dd863a70026cda4046d92ace...f325a4b6afa94467e41112e417846ec9059f1e05 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/60c7ef977b672cb5dd863a70026cda4046d92ace...f325a4b6afa94467e41112e417846ec9059f1e05 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits