[Git][security-tracker-team/security-tracker][master] 2 commits: Upstream have changed and refactored function `finish_copydevice`

Abhijith PA (@abhijith) abhijith at debian.org
Mon Sep 25 09:39:41 BST 2023 


Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5a34f392 by Abhijith PA at 2023-09-25T14:01:46+05:30
Upstream have changed and refactored function `finish_copydevice`
Backporting to 9.27 is not worth when the IjsServer security risk
is documented.

- - - - -
f325a4b6 by Abhijith PA at 2023-09-25T14:09:07+05:30
Add a commit reference for CVE-2020-21890

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -604,6 +604,7 @@ CVE-2023-43115 (In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL ca
 	- ghostscript 10.02.0~dfsg-1
 	[bookworm] - ghostscript <no-dsa> (Minor issue; documented risks, can be fixed in later update)
 	[bullseye] - ghostscript <no-dsa> (Minor issue; documented risks, can be fixed in later update)
+	[buster] - ghostscript <ignored> (Minor issue; documented risks, have done refactoring in later versions)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=707051
 	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=e59216049cac290fb437a04c4f41ea46826cfba5
 	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=8b0f20002536867bd73ff4552408a72597190cbe (ghostpdl-10.02.0rc2)
@@ -224469,6 +224470,7 @@ CVE-2020-21891
 CVE-2020-21890 (Buffer Overflow vulnerability in clj_media_size function in devices/gd ...)
 	- ghostscript 9.51~dfsg-1
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701846
+	NOTE: Fixed by: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=dbdb5f8527007b482d4e6037b558dbf3e6a06d3a (ghostpdl-9.51rc1)
 	NOTE: Fixed by: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=494eeedf73d13fac5710e56f3a8fb2e7e2379d73 (ghostpdl-9.51rc1)
 CVE-2020-21889
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/60c7ef977b672cb5dd863a70026cda4046d92ace...f325a4b6afa94467e41112e417846ec9059f1e05

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/60c7ef977b672cb5dd863a70026cda4046d92ace...f325a4b6afa94467e41112e417846ec9059f1e05
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230925/32a3333f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list