Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker
Commits: bb242bbb by Abhijith PA at 2024-02-25T14:24:35+05:30 This CVE is due to a regression introduced in 9.50 https://bugs.ghostscript.com/show_bug.cgi?id=701877 https://git.ghostscript.com/?p=ghostpdl.git;h=da03855bf9ca18eab05d4ac870d73f457758a77f ghostscript in buster not backported this patch. - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -4426,6 +4426,7 @@ CVE-2023-52425 (libexpat through 2.5.0 allows a denial of service (resource cons NOTE: Merge commit: https://github.com/libexpat/libexpat/commit/34b598c5f594b015c513c73f06e7ced3323edbf1 CVE-2020-36773 (Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-a ...) - ghostscript 9.53.0~dfsg-1 + [buster] - ghostscript <not-affected> (regression introduced in version 9.50) NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=702229 NOTE: Fixed by: http://www.ghostscript.com/cgi-bin/findgit.cgi?8c7bd787defa071c96289b7da9397f673fddb874 (ghostpdl-9.53.0rc1) CVE-2018-25098 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in blockmaso ...) ===================================== data/dla-needed.txt ===================================== @@ -106,9 +106,6 @@ frr (Abhijith PA) NOTE: 20231119: Added by Front-Desk (apo) NOTE: 20240206: Continuing fixing the remaining issues (abhijith) -- -ghostscript (Abhijith PA) - NOTE: 20240212: Added by Front-Desk (lamby) --- gnutls28 (guilhem) NOTE: 20240122: Added by Front-Desk (Beuc) NOTE: 20240122: Incomplete fix for CVE-2023-5981/DLA-3660-1 (Beuc/front-desk) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bb242bbb9429518387c46f3219a8d190aac64911 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bb242bbb9429518387c46f3219a8d190aac64911 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits