Finding fresh policy Processing upload ghostscript_10.02.1~dfsg1-ok4_source.changes Beginning processing. Verifying signature on ghostscript_10.02.1~dfsg1-ok4_source.changes Verifying signature on ghostscript_10.02.1~dfsg1-ok4.dsc Performing DSC verification. ghostscript_10.02.1~dfsg1-ok4_source.buildinfo can be unsigned. Verifying the changes file. Verifying files in upload. Verifying source file ghostscript_10.02.1~dfsg1-ok4.dsc ghostscript_10.02.1~dfsg1.orig.tar.xz found in Primary Archive for openKylin Verifying uploaded source package by unpacking it. Copying copyright contents. Found changelog Cleaning up source tree. Done Verifying source file ghostscript_10.02.1~dfsg1.orig.tar.xz Verifying source file ghostscript_10.02.1~dfsg1-ok4.debian.tar.xz Verifying buildinfo file ghostscript_10.02.1~dfsg1-ok4_source.buildinfo Finding and applying overrides. Checking for ghostscript/10.02.1~dfsg1-ok4 source ancestry ghostscript: (source) NEW Finished checking upload. Creating queue entry ghostscript diff from 10.02.1~dfsg1-ok4 (in Openkylin) to 10.02.1~dfsg1-ok4 requested Setting it to ACCEPTED Creating PENDING publishing record. Created amd64 build of ghostscript 10.02.1~dfsg1-ok4 in openkylin nile RELEASE [341654] in jenkins-ci-open-mr-12987 (2510) Created arm64 build of ghostscript 10.02.1~dfsg1-ok4 in openkylin nile RELEASE [341655] in jenkins-ci-open-mr-12987 (2510) Created i386 build of ghostscript 10.02.1~dfsg1-ok4 in openkylin nile RELEASE [341656] in jenkins-ci-open-mr-12987 (2510) Created loong64 build of ghostscript 10.02.1~dfsg1-ok4 in openkylin nile RELEASE [341657] in jenkins-ci-open-mr-12987 (2510) Created riscv64 build of ghostscript 10.02.1~dfsg1-ok4 in openkylin nile RELEASE [341658] in jenkins-ci-open-mr-12987 (2510) Created rv64g build of ghostscript 10.02.1~dfsg1-ok4 in openkylin nile RELEASE [341659] in jenkins-ci-open-mr-12987 (2510) Building recipients list. Adding recipient: 'Cibot ' Sent a mail: Subject: [~cibot/openkylin/jenkins-ci-open-mr-12987/nile] ghostscript 10.02.1~dfsg1-ok4 (Accepted) Sender: OKBS notice Recipients: Cibot Bcc: Local Root Body: Accepted: OK: ghostscript_10.02.1~dfsg1.orig.tar.xz OK: ghostscript_10.02.1~dfsg1-ok4.debian.tar.xz OK: ghostscript_10.02.1~dfsg1-ok4.dsc -> Component: main Section: text ghostscript (10.02.1~dfsg1-ok4) nile; urgency=medium * SECURITY UPDATE: stack-based buffer overflow via long PDF filter name - debian/patches/CVE-2024-29506.patch: don't allow PDF files with bad Filters to overflow the debug buffer in pdf/pdf_file.c. - CVE-2024-29506 * SECURITY UPDATE: stack- based buffer overflows - debian/patches/CVE-2024-29507.patch: bounds checks when using CIDFont related params in pdf/pdf_font.c, pdf/pdf_warnings.h. - CVE-2024-29507 * SECURITY UPDATE: heap-based pointer disclosure via constructed BaseFont name - debian/patches/CVE-2024-29508.patch: review printing of pointers in base/gsfont.c, base/gsicc_cache.c, base/gsmalloc.c, base/gxclmem.c, base/gxcpath.c, base/gxpath.c, base/szlibc.c, devices/gdevupd.c, devices/vector/gdevpdtb.c, psi/ialloc.c, psi/igc.c, psi/igcstr.c, psi/iinit.c, psi/imainarg.c, psi/isave.c, psi/iutil.c. - debian/patches/CVE-2024-29508-2.patch: fix compiler warning in optimised build in base/gsicc_cache.c. - debian/patches/CVE-2024- 29508-3.patch: remove extra arguments in devices/gdevupd.c. - CVE-2024-29508 * SECURITY UPDATE: heap-based overflow via PDFPassword with null byte - debian/patches/CVE-2024- 29509.patch: don't use strlen on passwords in pdf/pdf_sec.c. - CVE-2024-29509 * SECURITY UPDATE: directory traversal issue via OCRLanguage - debian/patches/CVE-2024-29511.patch: reject OCRLanguage changes after SAFER enabled in devices/gdevocr.c, devices/gdevpdfocr.c, devices/vector/gdevpdfp.c. - debian/patches/CVE-2024-29511-2.patch: original fix was overly aggressive in devices/gdevocr.c, devices/gdevpdfocr.c, devices/vector/gdevpdf.c, devices/vector/gdevpdfp.c. - CVE-2024- 29511 -- https://build.openkylin.top/~cibot/+archive/openkylin/jenkins-ci-open-mr-12987 You are receiving this email because you made this upload. Committing the transaction and any mails associated with this upload.