-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 26 Mar 2025 10:10:35 +0100
Source: ghostscript
Binary: ghostscript ghostscript-dbgsym ghostscript-x libgs-dev libgs10 libgs10-dbgsym
Architecture: armhf
Version: 10.0.0~dfsg-11+deb12u7
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-06) <buildd_arm64-arm-ubc-06@buildd.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 ghostscript - interpreter for the PostScript language and for PDF
 ghostscript-x - transitional package for ghostscript
 libgs-dev  - interpreter for the PostScript language and for PDF - Development
 libgs10    - interpreter for the PostScript language and for PDF - Library
Changes:
 ghostscript (10.0.0~dfsg-11+deb12u7) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix confusion between bytes and shorts (CVE-2025-27835)
   * Avoid integer overflow leading to buffer overflow (CVE-2025-27832)
   * PCL interpreter - fix decode_glyph for Unicode
   * Prevent Unicode decoding overrun (CVE-2025-27831)
   * Fix potential print buffer overflow (CVE-2025-27836)
   * Fix potential Buffer overflow with DollarBlend (CVE-2025-27830)
   * Cope with double byte chars in TTF scanning code
   * Check TTF name size before copying to buffer. (CVE-2025-27833)
   * PDF interpreter - Guard against unsigned int overflow (CVE-2025-27834)
   * Fix Coverity IDs 457699 and 457700
Checksums-Sha1:
 21606d5051a0ca7c711a07bbeb1191039c42594b 6188 ghostscript-dbgsym_10.0.0~dfsg-11+deb12u7_armhf.deb
 faf307eac7b219bf073a543e5babe1a105d9019f 28512 ghostscript-x_10.0.0~dfsg-11+deb12u7_armhf.deb
 4c5005cda1d19153dbb10c21863e899003e86920 11941 ghostscript_10.0.0~dfsg-11+deb12u7_armhf-buildd.buildinfo
 2704974535be3c79f99cdb06649c036d46334834 57460 ghostscript_10.0.0~dfsg-11+deb12u7_armhf.deb
 0d886c8a3a9c5784ddb913d2cf2de47a126c4cbe 40044 libgs-dev_10.0.0~dfsg-11+deb12u7_armhf.deb
 f52c76805393353a24bf5a5c81448187886a8068 9452596 libgs10-dbgsym_10.0.0~dfsg-11+deb12u7_armhf.deb
 933070fbfe142c285065b45cd40a2a23332ca8b4 2102172 libgs10_10.0.0~dfsg-11+deb12u7_armhf.deb
Checksums-Sha256:
 789b47c61c48e2fe6dd0485761c39ee5b60a42707e078afa98e6d0082d056227 6188 ghostscript-dbgsym_10.0.0~dfsg-11+deb12u7_armhf.deb
 f46771b0c9b39aad53c3b3ba03890e8adeee8ee6db8da178f97562187e5fb412 28512 ghostscript-x_10.0.0~dfsg-11+deb12u7_armhf.deb
 993495be04eead48ae9b61dd91907834983e75f77c7fa65a8e680d1939281607 11941 ghostscript_10.0.0~dfsg-11+deb12u7_armhf-buildd.buildinfo
 315ae34004b1b4156119643f7d594f836059c21be94c95955d8a5202d0d9d781 57460 ghostscript_10.0.0~dfsg-11+deb12u7_armhf.deb
 0b038994d3c17742699160285a2a9f0f17544f34177441f44336c0d2b581d30c 40044 libgs-dev_10.0.0~dfsg-11+deb12u7_armhf.deb
 afa4322baed0fcb739e72312a930c15211e46b434001fe8fe41a9ad7aea64e82 9452596 libgs10-dbgsym_10.0.0~dfsg-11+deb12u7_armhf.deb
 ddd51073c291443572db2da67bebbd4e3293e58fc5f2373b2013363c32e802b4 2102172 libgs10_10.0.0~dfsg-11+deb12u7_armhf.deb
Files:
 815eaa8a6f436e658f6bbfe7c8b4aa85 6188 debug optional ghostscript-dbgsym_10.0.0~dfsg-11+deb12u7_armhf.deb
 3098ac235b550470f94618a1a9edae7f 28512 oldlibs optional ghostscript-x_10.0.0~dfsg-11+deb12u7_armhf.deb
 4583d06f1a4ec1dd97d0cd69002e254e 11941 text optional ghostscript_10.0.0~dfsg-11+deb12u7_armhf-buildd.buildinfo
 aaf9ff9b223b24ca7ad0f624ce5882a6 57460 text optional ghostscript_10.0.0~dfsg-11+deb12u7_armhf.deb
 e53bbac867c9f3bcca6c6e367a5d580f 40044 libdevel optional libgs-dev_10.0.0~dfsg-11+deb12u7_armhf.deb
 8e6f3f6726d2348f46f0afa38656027e 9452596 debug optional libgs10-dbgsym_10.0.0~dfsg-11+deb12u7_armhf.deb
 6042260e7bdf35637a4ceb9dbcdbb16b 2102172 libs optional libgs10_10.0.0~dfsg-11+deb12u7_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEErcTbumGV7Ig2iXlfQdxRZ9J7nEgFAmfj05YACgkQQdxRZ9J7
nEgHXQ//QsOXavANaMgtkCQwPDGjfonFRgUUo3S8dPmpTGvdKocrBAG8Xmn273tn
HklUtfMeBDlAxg+BPkZ38yyfX9Far2U8mW71guCb1zzKw07PUCRaIgB9qIYqLeoV
n/10ngLeEFo7Kvyi+cYn12M21SeUnE8Jil7RgMxkms28b52D03JBCm1r258ikBsP
v+5yKgB2xoAwOEMzdY6SY+Mjl5Q8DzSd1cxFKlIMyPUluT6GUdYjbEL1Z/GGS3tr
3d3jCvG0JFZlNWmJjeCmUmcQ8S83fZWLaf7FgYb2YR/7vAubHtDsMe9VT5ripcm+
Ms216WKpU/0tGLn3Q2l16wLu0ManE4O/3KtRVF05xilhpX3E5qmGKTT/QkhU6d39
kxrLAHkEXXozyvZcWJ0QklDXjqRyMEA5sTlEmrq2IZNvZRrqSz4wR+1jJmYntbsE
DRDNqcGwGII6Nc1sxqhlwwo9Vn7718StNtoJHQGlJe5yY4XpXMvnIE+kgL2f4sNB
sM7yG2NYwcOZ4EQPiu31qzcMBTHRaYsjItMgm4DthCJERV4JeAtvPhQwkSOGepYp
PlQbCn1KJZJnx3JQ21cuPO1F8EZv37405cZ6G6yaLEcRrNfTp9oEd9Rgsh7VXsR1
6ZCiWjeKk7lUes5aQRWvhNFqVyqZ3M40hrS8MUBrbJagkb3xQOY=
=fYq6
-----END PGP SIGNATURE-----