[SECURITY] [DLA 4118-1] ghostscript security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4118-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
April 07, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : ghostscript
Version : 9.53.3~dfsg-7+deb11u10
CVE ID : CVE-2025-27830 CVE-2025-27831 CVE-2025-27832 CVE-2025-27835
CVE-2025-27836
Multiple vulnerabilities have been fixed in the PostScript/PDF
interpreter Ghostscript.
CVE-2025-27830
Buffer overflow via serialization of DollarBlend
CVE-2025-27831
Unicode decoding overrun
CVE-2025-27832
Integer overflow leading to buffer overflow
CVE-2025-27835
Confusion between bytes and shorts
CVE-2025-27836
Buffer overflow in bj10v device
For Debian 11 bullseye, these problems have been fixed in version
9.53.3~dfsg-7+deb11u10.
We recommend that you upgrade your ghostscript packages.
For the detailed security status of ghostscript please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ghostscript
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmf0OXQACgkQiNJCh6LY
mLHSCA/9FckEEqXGWswpkexNs2Nt83ET0QqXUsFMnNpKRpfZtm6ZB6myOmyK9uYl
3m4e2221OaDxrvSrlZip91w2Nc5sg30g1BB7SNAAx7W27Epa5du0bT1x6xVUYC1e
zx47xAnI2YM3r3AFVK7p3CMStJ0TeqdMunDOS5DgMLkgZuhP9alQUMNh8HXIBwuL
MkBBv2E9HnbFGBBjeXLInu5eRB8TE5gfaaO4J1GXk1y1VzL2dybOAKTlgVv0jg8A
sLpMt+ZPd2RfZxjNJfiDWhlbXzRD0jzxi1ri3ANdsMhzVNQalZrmgHowWKTSxk91
pOzir4Vyi6HAS5Ct+R/FL+fnGyC9P5Ytx6ep8dJB7o6SMwfdFhdJFDKe1Sbak7S5
ETlDdsJj94xynKiux9Kq4+Uk/DKqm+6PMwVVk9Eez4v7yN+7FCjjPxfj4WhDqrkd
g6zjapNbV8BlLb1QdeZ5ku6sjJgdYBt/2fHgVAmXST7XHflRRepTGTTwh0a4YE9k
Rb0romwaYVpQK7rWgJfNPtDYzG/1dA/RJckrpbb/CTKAAsWfMNqRCKUNTs8XDViv
w7CIwy0AsEKvWHA69Uozaq3iqX1sBL4Ns+t68NKcUEpw/U0tzFpFC4CWUmjwi4PM
WM7uCLme4d1TvB+tYKTIEr28TfFLJndL9c57v8v57cxI0xLQcGE=
=0wbA
-----END PGP SIGNATURE-----
Reply to: