Publishing details

• Published on 2024-07-15
• Copied from ubuntu jammy in PPA for Ubuntu Security Proposed by Marc Deslauriers

Changelog

ghostscript (9.55.0~dfsg1-0ubuntu5.9) jammy-security; urgency=medium

  * SECURITY UPDATE: stack-based buffer overflow via long PDF filter name
    - debian/patches/CVE-2024-29506.patch: don't allow PDF files with bad
      Filters to overflow the debug buffer in pdf/pdf_file.c.
    - CVE-2024-29506
  * SECURITY UPDATE: heap-based pointer disclosure via constructed BaseFont
    name
    - debian/patches/CVE-2024-29508.patch: review printing of pointers in
      base/gsfont.c, base/gsicc_cache.c, base/gsmalloc.c, base/gxclmem.c,
      base/gxcpath.c, base/gxpath.c, base/szlibc.c, devices/gdevupd.c,
      devices/vector/gdevpdtb.c, psi/ialloc.c, psi/igc.c, psi/igcstr.c,
      psi/iinit.c, psi/imainarg.c, psi/isave.c, psi/iutil.c.
    - debian/patches/CVE-2024-29508-2.patch: remove extra arguments in
      devices/gdevupd.c.
    - CVE-2024-29508
  * SECURITY UPDATE: heap-based overflow via PDFPassword with null byte
    - debian/patches/CVE-2024-29509.patch: don't use strlen on passwords in
      pdf/pdf_sec.c.
    - CVE-2024-29509
  * SECURITY UPDATE: directory traversal issue via OCRLanguage
    - debian/patches/CVE-2024-29511.patch: reject OCRLanguage changes after
      SAFER enabled in devices/gdevocr.c, devices/gdevpdfocr.c,
      devices/vector/gdevpdfp.c.
    - debian/patches/CVE-2024-29511-2.patch: original fix was overly
      aggressive in devices/gdevocr.c, devices/gdevpdfocr.c,
      devices/vector/gdevpdf.c, devices/vector/gdevpdfp.c.
    - debian/libgs9.symbols: mark some symbols as optional.
    - CVE-2024-29511

 -- Marc Deslauriers <email address hidden>  Thu, 11 Jul 2024 12:07:09 -0400

Builds

• amd64
• arm64
• armhf
• i386
• ppc64el
• riscv64
• s390x

Built packages

• ghostscript interpreter for the PostScript language and for PDF

• ghostscript-dbgsym debug symbols for ghostscript

• ghostscript-doc interpreter for the PostScript language and for PDF - Documentation

• ghostscript-x interpreter for the PostScript language and for PDF - X11 support

• ghostscript-x-dbgsym debug symbols for ghostscript-x

• libgs-dev interpreter for the PostScript language and for PDF - Development Files

• libgs9 interpreter for the PostScript language and for PDF - Library

• libgs9-common interpreter for the PostScript language and for PDF - common files

• libgs9-dbgsym debug symbols for libgs9

Package files

• ghostscript-dbgsym_9.55.0~dfsg1-0ubuntu5.9_amd64.ddeb (6.1 KiB)
• ghostscript-dbgsym_9.55.0~dfsg1-0ubuntu5.9_arm64.ddeb (6.2 KiB)
• ghostscript-dbgsym_9.55.0~dfsg1-0ubuntu5.9_armhf.ddeb (6.1 KiB)
• ghostscript-dbgsym_9.55.0~dfsg1-0ubuntu5.9_i386.ddeb (5.6 KiB)
• ghostscript-dbgsym_9.55.0~dfsg1-0ubuntu5.9_ppc64el.ddeb (6.3 KiB)
• ghostscript-dbgsym_9.55.0~dfsg1-0ubuntu5.9_riscv64.ddeb (6.1 KiB)
• ghostscript-dbgsym_9.55.0~dfsg1-0ubuntu5.9_s390x.ddeb (6.1 KiB)
• ghostscript-doc_9.55.0~dfsg1-0ubuntu5.9_all.deb (6.5 MiB)
• ghostscript-x-dbgsym_9.55.0~dfsg1-0ubuntu5.9_amd64.ddeb (100.6 KiB)
• ghostscript-x-dbgsym_9.55.0~dfsg1-0ubuntu5.9_arm64.ddeb (99.8 KiB)
• ghostscript-x-dbgsym_9.55.0~dfsg1-0ubuntu5.9_armhf.ddeb (102.6 KiB)
• ghostscript-x-dbgsym_9.55.0~dfsg1-0ubuntu5.9_i386.ddeb (96.3 KiB)
• ghostscript-x-dbgsym_9.55.0~dfsg1-0ubuntu5.9_ppc64el.ddeb (111.8 KiB)
• ghostscript-x-dbgsym_9.55.0~dfsg1-0ubuntu5.9_riscv64.ddeb (103.7 KiB)
• ghostscript-x-dbgsym_9.55.0~dfsg1-0ubuntu5.9_s390x.ddeb (100.1 KiB)
• ghostscript-x_9.55.0~dfsg1-0ubuntu5.9_amd64.deb (47.4 KiB)
• ghostscript-x_9.55.0~dfsg1-0ubuntu5.9_arm64.deb (46.9 KiB)
• ghostscript-x_9.55.0~dfsg1-0ubuntu5.9_armhf.deb (44.6 KiB)
• ghostscript-x_9.55.0~dfsg1-0ubuntu5.9_i386.deb (49.5 KiB)
• ghostscript-x_9.55.0~dfsg1-0ubuntu5.9_ppc64el.deb (53.1 KiB)
• ghostscript-x_9.55.0~dfsg1-0ubuntu5.9_riscv64.deb (45.8 KiB)
• ghostscript-x_9.55.0~dfsg1-0ubuntu5.9_s390x.deb (47.4 KiB)
• ghostscript_9.55.0~dfsg1-0ubuntu5.9.debian.tar.xz (175.9 KiB)
• ghostscript_9.55.0~dfsg1-0ubuntu5.9.dsc (2.7 KiB)
• ghostscript_9.55.0~dfsg1-0ubuntu5.9_amd64.deb (48.3 KiB)
• ghostscript_9.55.0~dfsg1-0ubuntu5.9_arm64.deb (48.5 KiB)
• ghostscript_9.55.0~dfsg1-0ubuntu5.9_armhf.deb (48.5 KiB)
• ghostscript_9.55.0~dfsg1-0ubuntu5.9_i386.deb (48.5 KiB)
• ghostscript_9.55.0~dfsg1-0ubuntu5.9_ppc64el.deb (48.8 KiB)
• ghostscript_9.55.0~dfsg1-0ubuntu5.9_riscv64.deb (48.5 KiB)
• ghostscript_9.55.0~dfsg1-0ubuntu5.9_s390x.deb (48.5 KiB)
• ghostscript_9.55.0~dfsg1.orig.tar.xz (51.0 MiB)
• libgs-dev_9.55.0~dfsg1-0ubuntu5.9_amd64.deb (31.1 KiB)
• libgs-dev_9.55.0~dfsg1-0ubuntu5.9_arm64.deb (31.1 KiB)
• libgs-dev_9.55.0~dfsg1-0ubuntu5.9_armhf.deb (31.1 KiB)
• libgs-dev_9.55.0~dfsg1-0ubuntu5.9_i386.deb (31.1 KiB)
• libgs-dev_9.55.0~dfsg1-0ubuntu5.9_ppc64el.deb (31.1 KiB)
• libgs-dev_9.55.0~dfsg1-0ubuntu5.9_riscv64.deb (31.1 KiB)
• libgs-dev_9.55.0~dfsg1-0ubuntu5.9_s390x.deb (31.1 KiB)
• libgs9-common_9.55.0~dfsg1-0ubuntu5.9_all.deb (734.8 KiB)
• libgs9-dbgsym_9.55.0~dfsg1-0ubuntu5.9_amd64.ddeb (22.9 MiB)
• libgs9-dbgsym_9.55.0~dfsg1-0ubuntu5.9_arm64.ddeb (22.5 MiB)
• libgs9-dbgsym_9.55.0~dfsg1-0ubuntu5.9_armhf.ddeb (23.2 MiB)
• libgs9-dbgsym_9.55.0~dfsg1-0ubuntu5.9_i386.ddeb (21.7 MiB)
• libgs9-dbgsym_9.55.0~dfsg1-0ubuntu5.9_ppc64el.ddeb (25.0 MiB)
• libgs9-dbgsym_9.55.0~dfsg1-0ubuntu5.9_riscv64.ddeb (21.5 MiB)
• libgs9-dbgsym_9.55.0~dfsg1-0ubuntu5.9_s390x.ddeb (22.8 MiB)
• libgs9_9.55.0~dfsg1-0ubuntu5.9_amd64.deb (4.8 MiB)
• libgs9_9.55.0~dfsg1-0ubuntu5.9_arm64.deb (4.7 MiB)
• libgs9_9.55.0~dfsg1-0ubuntu5.9_armhf.deb (4.4 MiB)
• libgs9_9.55.0~dfsg1-0ubuntu5.9_i386.deb (5.1 MiB)
• libgs9_9.55.0~dfsg1-0ubuntu5.9_ppc64el.deb (6.0 MiB)
• libgs9_9.55.0~dfsg1-0ubuntu5.9_riscv64.deb (4.5 MiB)
• libgs9_9.55.0~dfsg1-0ubuntu5.9_s390x.deb (4.6 MiB)