Processed: retitle 1053019 to coco-java: FTBFS with OpenJDK 21 due to unsupported javac source/target level 7
Processing commands for cont...@bugs.debian.org: > retitle 1053019 coco-java: FTBFS with OpenJDK 21 due to unsupported javac > source/target level 7 Bug #1053019 [src:coco-java] coco-java: FTBFS with default Java 21 Changed Bug title to 'coco-java: FTBFS with OpenJDK 21 due to unsupported javac source/target level 7' from 'coco-java: FTBFS with default Java 21'. > thanks Stopping processing here. Please contact me if you need assistance. -- 1053019: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053019 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: retitle 1053018 to closure-compiler: FTBFS with OpenJDK 21 due to javadoc errors
Processing commands for cont...@bugs.debian.org: > retitle 1053018 closure-compiler: FTBFS with OpenJDK 21 due to javadoc errors Bug #1053018 [src:closure-compiler] closure-compiler: FTBFS with default Java 21 Changed Bug title to 'closure-compiler: FTBFS with OpenJDK 21 due to javadoc errors' from 'closure-compiler: FTBFS with default Java 21'. > thanks Stopping processing here. Please contact me if you need assistance. -- 1053018: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053018 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processing of ghostscript_10.0.0~dfsg-11+deb12u2_source.changes
ghostscript_10.0.0~dfsg-11+deb12u2_source.changes uploaded successfully to localhost along with the files: ghostscript_10.0.0~dfsg-11+deb12u2.dsc ghostscript_10.0.0~dfsg-11+deb12u2.debian.tar.xz ghostscript_10.0.0~dfsg-11+deb12u2_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org)
ghostscript_10.0.0~dfsg-11+deb12u2_source.changes ACCEPTED into proposed-updates->stable-new
Thank you for your contribution to Debian. Mapping bookworm to stable. Mapping stable to proposed-updates. Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 29 Sep 2023 14:33:30 +0200 Source: ghostscript Architecture: source Version: 10.0.0~dfsg-11+deb12u2 Distribution: bookworm Urgency: medium Maintainer: Debian QA Group Changed-By: Salvatore Bonaccorso Closes: 1043033 Changes: ghostscript (10.0.0~dfsg-11+deb12u2) bookworm; urgency=medium . * Non-maintainer upload. * Copy pcx buffer overrun fix from devices/gdevpcx.c (CVE-2023-38559) (Closes: #1043033) * IJS device - try and secure the IJS server startup (CVE-2023-43115) Checksums-Sha1: a36dd604e265a585f35066817cd9fb6adb452ad8 3019 ghostscript_10.0.0~dfsg-11+deb12u2.dsc 7564abe828336f78229e65c2192fdfc71bb733a5 87996 ghostscript_10.0.0~dfsg-11+deb12u2.debian.tar.xz 28cc778cddc52864ce1475672159a88be1eccb12 7225 ghostscript_10.0.0~dfsg-11+deb12u2_source.buildinfo Checksums-Sha256: 8a42d9e7c037612cd0079f5a3727a8f6bae9c797354046273d8d38b7aedee323 3019 ghostscript_10.0.0~dfsg-11+deb12u2.dsc 9e84aaa85d25dd525e70724554f68b37011e68c85c2e54119beb414dcce70bf5 87996 ghostscript_10.0.0~dfsg-11+deb12u2.debian.tar.xz 1b059057afd237a2473a833530223337069189393db0ad65212065657d1c4419 7225 ghostscript_10.0.0~dfsg-11+deb12u2_source.buildinfo Files: 4c84a6f30c7c192c774312a9b4236108 3019 text optional ghostscript_10.0.0~dfsg-11+deb12u2.dsc a2b618cc53bdeef787d4c168fa764bb8 87996 text optional ghostscript_10.0.0~dfsg-11+deb12u2.debian.tar.xz 62f2b9ac9de0320e8c89743fb6a41a02 7225 text optional ghostscript_10.0.0~dfsg-11+deb12u2_source.buildinfo -BEGIN PGP SIGNATURE- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmUWxQ1fFIAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EFk4P/jA8kDZqS6LKncDVnvPio3aEQftwSdML ws6jF2fgLjRX9vBrkpzz+4Zuhi7EZFP8j6cX6qP5unjl+yTlXYvQEgYEiuiuq/19 vcrL6PCVRKehJCs25PSzSglSNtyFq510NPDwuILFRfhaa7NTrwHzaLRDB58PVIRv pP4m3jmYVISuo0+rV6TGCHroQ+C9aM/zevhu0ntWBQ6mLi3Qa++4DyXGnmn9od+k nGuOZqiLSzGUdMNv12iUS+M5whUyPjucXZJnoFkatNAezL3B/VX/5m3yrTH3tLq5 UhmZ5yf7ip5U7UKOROVqRdloici6/6BGUGdV8jcZBTBSQhgHb3PdxtJrH0OpbXDd DMeeOE/jYOlkccvguuMFKbxk6yNOay163EDU3/HSaz7nK0/626WZgF5OSPYiUEOl /M4fT+S304X4A+HerEH0KfGefVrXgSY4iuUnIUSmJ9inzLNMlxGDbxqtvGuPrDAb TSEXTxrSIK8SVLwuMO8t/gzkW22/eGnSUxFdDdqSPdK3QIQEKQkgj2TVG8yZshG8 GVhKepxl7Jpwn79ruzq9KRv5udeU68KceJu3MQxV5oZE1WKIej6a3K3nhZE5Rf7J Sv/AzdtVFsOxpBh77rB10t6LpFWlZYmqGnDJhNMuk7JBaWN8g5oInFSRDnsPyKPX lamXTEauzlwH =syul -END PGP SIGNATURE-
Bug#1053239: bookworm-pu: package ghostscript/10.0.0~dfsg-11+deb12u2
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: ghostscr...@packages.debian.org, car...@debian.org
Control: affects -1 + src:ghostscript
Hi stable release managers,
[ Reason ]
Fix two CVEs which we did mark no-dsa (though one might after more
thinking be a candiate). Fix CVE-2023-38559 and CVE-2023-43115.
[ Impact ]
CVE-2023-38559 and CVE-2023-43115 would remain open so far.
[ Tests ]
Performed manual test for CVE-2023-43115.
[ Risks ]
Should be low, following the upstream commits to resolve the issues
which are very targeted.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
[ Changes ]
Apply upstream fixes to address the CVEs. Adjust checks on input and
for the second issue, prevent PostScript programs switching to the IJS
device after SAFER has been activated (and prevent changes to the
IjsServer parameter after SAFER has been activated).
[ Other info ]
None.
Regards,
Salvatore
diff -Nru ghostscript-10.0.0~dfsg/debian/changelog
ghostscript-10.0.0~dfsg/debian/changelog
--- ghostscript-10.0.0~dfsg/debian/changelog2023-07-02 10:50:27.0
+0200
+++ ghostscript-10.0.0~dfsg/debian/changelog2023-09-29 14:33:30.0
+0200
@@ -1,3 +1,12 @@
+ghostscript (10.0.0~dfsg-11+deb12u2) bookworm; urgency=medium
+
+ * Non-maintainer upload.
+ * Copy pcx buffer overrun fix from devices/gdevpcx.c (CVE-2023-38559)
+(Closes: #1043033)
+ * IJS device - try and secure the IJS server startup (CVE-2023-43115)
+
+ -- Salvatore Bonaccorso Fri, 29 Sep 2023 14:33:30 +0200
+
ghostscript (10.0.0~dfsg-11+deb12u1) bookworm-security; urgency=high
* Non-maintainer upload by the Security Team.
diff -Nru
ghostscript-10.0.0~dfsg/debian/patches/0005-Bug-706897-Copy-pcx-buffer-overrun-fix-from-devices-.patch
ghostscript-10.0.0~dfsg/debian/patches/0005-Bug-706897-Copy-pcx-buffer-overrun-fix-from-devices-.patch
---
ghostscript-10.0.0~dfsg/debian/patches/0005-Bug-706897-Copy-pcx-buffer-overrun-fix-from-devices-.patch
1970-01-01 01:00:00.0 +0100
+++
ghostscript-10.0.0~dfsg/debian/patches/0005-Bug-706897-Copy-pcx-buffer-overrun-fix-from-devices-.patch
2023-09-29 14:17:17.0 +0200
@@ -0,0 +1,28 @@
+From: Chris Liddell
+Date: Mon, 17 Jul 2023 14:06:37 +0100
+Subject: Bug 706897: Copy pcx buffer overrun fix from devices/gdevpcx.c
+Origin:
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d81b82c70bc1fb9991bb95f1201abb5dea55f57f
+Bug-Debian: https://bugs.debian.org/1043033
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-38559
+
+Bounds check the buffer, before dereferencing the pointer.
+---
+ base/gdevdevn.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/base/gdevdevn.c b/base/gdevdevn.c
+index 7b14d9c712b4..6351fb77ac75 100644
+--- a/base/gdevdevn.c
b/base/gdevdevn.c
+@@ -1983,7 +1983,7 @@ devn_pcx_write_rle(const byte * from, const byte * end,
int step, gp_file * file
+ byte data = *from;
+
+ from += step;
+-if (data != *from || from == end) {
++if (from >= end || data != *from) {
+ if (data >= 0xc0)
+ gp_fputc(0xc1, file);
+ } else {
+--
+2.40.1
+
diff -Nru
ghostscript-10.0.0~dfsg/debian/patches/0006-IJS-device-try-and-secure-the-IJS-server-startup.patch
ghostscript-10.0.0~dfsg/debian/patches/0006-IJS-device-try-and-secure-the-IJS-server-startup.patch
---
ghostscript-10.0.0~dfsg/debian/patches/0006-IJS-device-try-and-secure-the-IJS-server-startup.patch
1970-01-01 01:00:00.0 +0100
+++
ghostscript-10.0.0~dfsg/debian/patches/0006-IJS-device-try-and-secure-the-IJS-server-startup.patch
2023-09-29 14:22:09.0 +0200
@@ -0,0 +1,58 @@
+From: Ken Sharp
+Date: Thu, 24 Aug 2023 15:24:35 +0100
+Subject: IJS device - try and secure the IJS server startup
+Origin:
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=8b0f20002536867bd73ff4552408a72597190cbe
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-43115
+
+Bug #707051 ""ijs" device can execute arbitrary commands"
+
+The problem is that the 'IJS' device needs to start the IJS server, and
+that is indeed an arbitrary command line. There is (apparently) no way
+to validate it. Indeed, this is covered quite clearly in the comments
+at the start of the source:
+
+ * WARNING: The ijs server can be selected on the gs command line
+ * which is a security risk, since any program can be run.
+
+Previously this used the awful LockSafetyParams hackery, which we
+abandoned some time ago because it simply couldn't be made secure (it
+was implemented in PostScript and was therefore vulnerable to PostScript
+programs).
+
+This commit prevents PostScript programs switching to the IJS device
+after SAFER has be
Bug#1053240: bullseye-pu: package ghostscript/9.53.3~dfsg-7+deb11u6
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: ghostscr...@packages.debian.org, car...@debian.org
Control: affects -1 + src:ghostscript
Hi stable release managers,
[ Reason ]
Fix two CVEs which we did mark no-dsa (though one might after more
thinking be a candiate). Fix CVE-2023-38559 and CVE-2023-43115.
[ Impact ]
CVE-2023-38559 and CVE-2023-43115 would remain open so far.
[ Tests ]
Performed manual test for CVE-2023-43115.
[ Risks ]
Should be low, following the upstream commits to resolve the issues
which are very targeted.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
[ Changes ]
Apply upstream fixes to address the CVEs. Adjust checks on input and
for the second issue, prevent PostScript programs switching to the IJS
device after SAFER has been activated (and prevent changes to the
IjsServer parameter after SAFER has been activated).
[ Other info ]
None.
Regards,
Salvatore
diff -Nru ghostscript-9.53.3~dfsg/debian/changelog
ghostscript-9.53.3~dfsg/debian/changelog
--- ghostscript-9.53.3~dfsg/debian/changelog2023-07-02 11:54:08.0
+0200
+++ ghostscript-9.53.3~dfsg/debian/changelog2023-09-29 14:24:57.0
+0200
@@ -1,3 +1,12 @@
+ghostscript (9.53.3~dfsg-7+deb11u6) bullseye; urgency=medium
+
+ * Non-maintainer upload.
+ * Copy pcx buffer overrun fix from devices/gdevpcx.c (CVE-2023-38559)
+(Closes: #1043033)
+ * IJS device - try and secure the IJS server startup (CVE-2023-43115)
+
+ -- Salvatore Bonaccorso Fri, 29 Sep 2023 14:24:57 +0200
+
ghostscript (9.53.3~dfsg-7+deb11u5) bullseye-security; urgency=high
* Non-maintainer upload by the Security Team.
diff -Nru ghostscript-9.53.3~dfsg/debian/patches/020230717~d81b82c.patch
ghostscript-9.53.3~dfsg/debian/patches/020230717~d81b82c.patch
--- ghostscript-9.53.3~dfsg/debian/patches/020230717~d81b82c.patch
1970-01-01 01:00:00.0 +0100
+++ ghostscript-9.53.3~dfsg/debian/patches/020230717~d81b82c.patch
2023-09-29 14:24:57.0 +0200
@@ -0,0 +1,28 @@
+From: Chris Liddell
+Date: Mon, 17 Jul 2023 14:06:37 +0100
+Subject: Bug 706897: Copy pcx buffer overrun fix from devices/gdevpcx.c
+Origin:
https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d81b82c70bc1fb9991bb95f1201abb5dea55f57f
+Bug-Debian: https://bugs.debian.org/1043033
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-38559
+
+Bounds check the buffer, before dereferencing the pointer.
+---
+ base/gdevdevn.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/base/gdevdevn.c b/base/gdevdevn.c
+index 7b14d9c712b4..6351fb77ac75 100644
+--- a/base/gdevdevn.c
b/base/gdevdevn.c
+@@ -1983,7 +1983,7 @@ devn_pcx_write_rle(const byte * from, const byte * end,
int step, gp_file * file
+ byte data = *from;
+
+ from += step;
+-if (data != *from || from == end) {
++if (from >= end || data != *from) {
+ if (data >= 0xc0)
+ gp_fputc(0xc1, file);
+ } else {
+--
+2.40.1
+
diff -Nru ghostscript-9.53.3~dfsg/debian/patches/020230824~8b0f200.patch
ghostscript-9.53.3~dfsg/debian/patches/020230824~8b0f200.patch
--- ghostscript-9.53.3~dfsg/debian/patches/020230824~8b0f200.patch
1970-01-01 01:00:00.0 +0100
+++ ghostscript-9.53.3~dfsg/debian/patches/020230824~8b0f200.patch
2023-09-29 14:24:57.0 +0200
@@ -0,0 +1,53 @@
+From: Ken Sharp
+Date: Thu, 24 Aug 2023 15:24:35 +0100
+Subject: IJS device - try and secure the IJS server startup
+Origin:
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=8b0f20002536867bd73ff4552408a72597190cbe
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-43115
+
+Bug #707051 ""ijs" device can execute arbitrary commands"
+
+The problem is that the 'IJS' device needs to start the IJS server, and
+that is indeed an arbitrary command line. There is (apparently) no way
+to validate it. Indeed, this is covered quite clearly in the comments
+at the start of the source:
+
+ * WARNING: The ijs server can be selected on the gs command line
+ * which is a security risk, since any program can be run.
+
+Previously this used the awful LockSafetyParams hackery, which we
+abandoned some time ago because it simply couldn't be made secure (it
+was implemented in PostScript and was therefore vulnerable to PostScript
+programs).
+
+This commit prevents PostScript programs switching to the IJS device
+after SAFER has been activated, and prevents changes to the IjsServer
+parameter after SAFER has been activated.
+
+SAFER is activated, unless explicitly disabled, before any user
+PostScript is executed which means that the device and the server
+invocation can only be configured on the command line. This does at
+least p
unadf is marked for autoremoval from testing
unadf 0.7.11a-5 is marked for autoremoval from testing on 2023-10-13 It is affected by these RC bugs: 838248: unadf: CVE-2016-1243 and CVE-2016-1244 https://bugs.debian.org/838248 This mail is generated by: https://salsa.debian.org/release-team/release-tools/-/blob/master/mailer/mail_autoremovals.pl Autoremoval data is generated by: https://salsa.debian.org/qa/udd/-/blob/master/udd/testing_autoremovals_gatherer.pl
