Finding fresh policy Processing upload ghostscript_10.02.1~dfsg1-ok4_source.changes Beginning processing. Verifying signature on ghostscript_10.02.1~dfsg1-ok4_source.changes Verifying signature on ghostscript_10.02.1~dfsg1-ok4.dsc Performing DSC verification. ghostscript_10.02.1~dfsg1-ok4_source.buildinfo can be unsigned. Verifying the changes file. Verifying files in upload. Verifying source file ghostscript_10.02.1~dfsg1-ok4.dsc ghostscript_10.02.1~dfsg1.orig.tar.xz found in Primary Archive for openKylin Verifying uploaded source package by unpacking it. Copying copyright contents. Found changelog Cleaning up source tree. Done Verifying source file ghostscript_10.02.1~dfsg1.orig.tar.xz Verifying source file ghostscript_10.02.1~dfsg1-ok4.debian.tar.xz Verifying buildinfo file ghostscript_10.02.1~dfsg1-ok4_source.buildinfo Finding and applying overrides. Checking for ghostscript/10.02.1~dfsg1-ok4 source ancestry Finished checking upload. Creating queue entry ghostscript diff from 10.02.1~dfsg1-ok2 to 10.02.1~dfsg1-ok4 requested Setting it to UNAPPROVED Building recipients list. Adding recipient: 'Cibot ' Sent a mail: Subject: [openkylin/nile-proposed] ghostscript 10.02.1~dfsg1-ok4 (Waiting for approval) Sender: OKBS notice Recipients: Cibot Bcc: Local Root Body: ghostscript (10.02.1~dfsg1-ok4) nile; urgency=medium * SECURITY UPDATE: stack-based buffer overflow via long PDF filter name - debian/patches/CVE-2024-29506.patch: don't allow PDF files with bad Filters to overflow the debug buffer in pdf/pdf_file.c. - CVE-2024-29506 * SECURITY UPDATE: stack- based buffer overflows - debian/patches/CVE-2024-29507.patch: bounds checks when using CIDFont related params in pdf/pdf_font.c, pdf/pdf_warnings.h. - CVE-2024-29507 * SECURITY UPDATE: heap-based pointer disclosure via constructed BaseFont name - debian/patches/CVE-2024-29508.patch: review printing of pointers in base/gsfont.c, base/gsicc_cache.c, base/gsmalloc.c, base/gxclmem.c, base/gxcpath.c, base/gxpath.c, base/szlibc.c, devices/gdevupd.c, devices/vector/gdevpdtb.c, psi/ialloc.c, psi/igc.c, psi/igcstr.c, psi/iinit.c, psi/imainarg.c, psi/isave.c, psi/iutil.c. - debian/patches/CVE-2024-29508-2.patch: fix compiler warning in optimised build in base/gsicc_cache.c. - debian/patches/CVE-2024- 29508-3.patch: remove extra arguments in devices/gdevupd.c. - CVE-2024-29508 * SECURITY UPDATE: heap-based overflow via PDFPassword with null byte - debian/patches/CVE-2024- 29509.patch: don't use strlen on passwords in pdf/pdf_sec.c. - CVE-2024-29509 * SECURITY UPDATE: directory traversal issue via OCRLanguage - debian/patches/CVE-2024-29511.patch: reject OCRLanguage changes after SAFER enabled in devices/gdevocr.c, devices/gdevpdfocr.c, devices/vector/gdevpdfp.c. - debian/patches/CVE-2024-29511-2.patch: original fix was overly aggressive in devices/gdevocr.c, devices/gdevpdfocr.c, devices/vector/gdevpdf.c, devices/vector/gdevpdfp.c. - CVE-2024- 29511 Date: Tue, 05 Nov 2024 11:37:45 +0800 Changed-By: liubo01 Maintainer: openKylin Developers Signed-By: Cibot https://build.openkylin.top/openkylin/+source/ghostscript/10.02.1~dfsg1-ok4 == OK: ghostscript_10.02.1~dfsg1.orig.tar.xz OK: ghostscript_10.02.1~dfsg1-ok4.debian.tar.xz OK: ghostscript_10.02.1~dfsg1-ok4.dsc -> Component: main Section: text This upload awaits approval by a distro manager No announcement sent Thank you for your contribution to openKylin. -- You are receiving this email because you made this upload. Committing the transaction and any mails associated with this upload.