diff -Nru ghostscript-10.01.2~dfsg1/debian/changelog ghostscript-10.01.2~dfsg1/debian/changelog
--- ghostscript-10.01.2~dfsg1/debian/changelog	2023-08-16 19:08:15.000000000 +0000
+++ ghostscript-10.01.2~dfsg1/debian/changelog	2023-09-21 15:06:57.000000000 +0000
@@ -1,3 +1,12 @@
+ghostscript (10.01.2~dfsg1-0ubuntu2) mantic; urgency=medium
+
+  * SECURITY UPDATE: buffer overflow
+    - debian/patches/CVE-2023-38559.patch: bounds check the buffer prior to
+      deferencing the pointer in devn_pcx_write_rle() in base/gdevdevn.c.
+    - CVE-2023-38559
+
+ -- Allen Huang <allen.huang@canonical.com>  Thu, 21 Sep 2023 17:06:57 +0200
+
 ghostscript (10.01.2~dfsg1-0ubuntu1) mantic; urgency=low
 
   * Merge from Debian unstable. Remaining changes:
diff -Nru ghostscript-10.01.2~dfsg1/debian/control ghostscript-10.01.2~dfsg1/debian/control
--- ghostscript-10.01.2~dfsg1/debian/control	2023-08-16 18:29:34.000000000 +0000
+++ ghostscript-10.01.2~dfsg1/debian/control	2023-09-21 15:06:57.000000000 +0000
@@ -1,7 +1,8 @@
 Source: ghostscript
 Section: text
 Priority: optional
-Maintainer: Debian QA Group <packages@qa.debian.org>
+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
+XSBC-Original-Maintainer: Debian QA Group <packages@qa.debian.org>
 Build-Depends:
  debhelper-compat (= 13),
  dh-linktree,
diff -Nru ghostscript-10.01.2~dfsg1/debian/patches/CVE-2023-38559.patch ghostscript-10.01.2~dfsg1/debian/patches/CVE-2023-38559.patch
--- ghostscript-10.01.2~dfsg1/debian/patches/CVE-2023-38559.patch	1970-01-01 00:00:00.000000000 +0000
+++ ghostscript-10.01.2~dfsg1/debian/patches/CVE-2023-38559.patch	2023-09-21 15:06:57.000000000 +0000
@@ -0,0 +1,24 @@
+From d81b82c70bc1fb9991bb95f1201abb5dea55f57f Mon Sep 17 00:00:00 2001
+From: Chris Liddell <chris.liddell@artifex.com>
+Date: Mon, 17 Jul 2023 14:06:37 +0100
+Subject: [PATCH] Bug 706897: Copy pcx buffer overrun fix from
+ devices/gdevpcx.c
+
+Bounds check the buffer, before dereferencing the pointer.
+---
+ base/gdevdevn.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Index: ghostscript-10.01.2~dfsg1/base/gdevdevn.c
+===================================================================
+--- ghostscript-10.01.2~dfsg1.orig/base/gdevdevn.c	2023-09-21 17:04:53.390425875 +0200
++++ ghostscript-10.01.2~dfsg1/base/gdevdevn.c	2023-09-21 17:04:53.386425628 +0200
+@@ -1964,7 +1964,7 @@
+         byte data = *from;
+ 
+         from += step;
+-        if (data != *from || from == end) {
++        if (from >= end || data != *from) {
+             if (data >= 0xc0)
+                 gp_fputc(0xc1, file);
+         } else {
diff -Nru ghostscript-10.01.2~dfsg1/debian/patches/series ghostscript-10.01.2~dfsg1/debian/patches/series
--- ghostscript-10.01.2~dfsg1/debian/patches/series	2023-08-16 18:29:34.000000000 +0000
+++ ghostscript-10.01.2~dfsg1/debian/patches/series	2023-09-21 15:06:57.000000000 +0000
@@ -8,3 +8,4 @@
 2007_suggest_install_ghostscript-doc_in_code.patch
 2008_mention_ghostscript-x_in_docs.patch
 2010_add_build_timestamp_setting.patch
+CVE-2023-38559.patch