FEDORA-2024-baca8bae00 — security update for ghostscript

obsolete

ghostscript-10.02.1-11.fc40

FEDORA-2024-baca8bae00 created by zdohnal a year ago for Fedora 40

Security fixes for CVE-2024-29509, CVE-2024-29508, CVE-2024-29507, CVE-2024-29506

This update has been submitted for testing by zdohnal.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'passed'.

a year ago

This update has been pushed to testing.

a year ago

filiperosset commented & provided feedback a year ago

karma

no regressios noted

This update has been obsoleted by ghostscript-10.02.1-12.fc40.

a year ago

Please log in to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

passed

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

14 days

Thresholds

Minimum Karma

Minimum Testing

14 days

Dates

submitted

a year ago

in testing

a year ago

Builds

ghostscript-10.02.1-11.fc40

BZ#2295626 CVE-2024-29506 ghostscript: stack-based buffer overflow in the pdfi_apply_filter()

BZ#2295627 CVE-2024-29508 ghostscript: heap pointer leak in pdf_base_font_alloc()

BZ#2295628 CVE-2024-29509 ghostscript: heap buffer overflow via the PDFPassword parameter

BZ#2295647 CVE-2024-29507 ghostscript: stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters

BZ#2295697 CVE-2024-29506 ghostscript: stack-based buffer overflow in the pdfi_apply_filter() [fedora-all]

BZ#2295700 CVE-2024-29507 ghostscript: stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters [fedora-all]

BZ#2295703 CVE-2024-29508 ghostscript: heap pointer leak in pdf_base_font_alloc() [fedora-all]

BZ#2295704 CVE-2024-29509 ghostscript: heap buffer overflow via the PDFPassword parameter [fedora-all]

ghostscript-10.02.1-11.fc40

Automated Test Results

passed