Your message dated Mon, 29 Sep 2025 14:36:16 +0000
with message-id <[email protected]>
and subject line Bug#1116443: fixed in ghostscript 10.06.0~dfsg-1
has caused the Debian Bug report #1116443,
regarding ghostscript: CVE-2025-59799
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1116443: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116443
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: ghostscript
Version: 10.05.1~dfsg-3
Severity: important
Tags: security upstream
Forwarded: https://bugs.ghostscript.com/show_bug.cgi?id=708517
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Control: found -1 10.05.1~dfsg-1
Control: found -1 10.0.0~dfsg-11+deb12u7
Control: found -1 10.0.0~dfsg-11
Hi,
The following vulnerability was published for ghostscript.
CVE-2025-59799[0]:
| Artifex Ghostscript through 10.05.1 has a stack-based buffer
| overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a
| large size value.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-59799
https://www.cve.org/CVERecord?id=CVE-2025-59799
[1] https://bugs.ghostscript.com/show_bug.cgi?id=708517
[2]
https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=6dab38fb211f15226c242ab7a83fa53e4b0ff781
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: ghostscript
Source-Version: 10.06.0~dfsg-1
Done: Steve M. Robbins <[email protected]>
We believe that the bug you reported is fixed in the latest version of
ghostscript, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Steve M. Robbins <[email protected]> (supplier of updated ghostscript package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 29 Sep 2025 08:37:38 -0500
Source: ghostscript
Binary: ghostscript ghostscript-dbgsym ghostscript-doc libgs-common libgs-dev
libgs10 libgs10-common libgs10-dbgsym
Architecture: source amd64 all
Version: 10.06.0~dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Printing Team <[email protected]>
Changed-By: Steve M. Robbins <[email protected]>
Description:
ghostscript - interpreter for the PostScript language and for PDF
ghostscript-doc - interpreter for the PostScript language and for PDF -
Documentati
libgs-common - interpreter for the PostScript language and for PDF - ICC
profile
libgs-dev - interpreter for the PostScript language and for PDF - Development
libgs10 - interpreter for the PostScript language and for PDF - Library
libgs10-common - interpreter for the PostScript language and for PDF - common
file
Closes: 1116443 1116444
Changes:
ghostscript (10.06.0~dfsg-1) unstable; urgency=medium
.
* New upstream version
- Closes: #1116443, #1116444.
* Standards-Version: 4.7.2 (routine-update)
* Reorder sequence of d/control fields by cme (routine-update)
* Remove trailing whitespace in debian/changelog (routine-update)
Update lintian override info format in d/source/lintian-overrides on line
2-12, 15.
* [c267038] Remove patches applied upstream
Checksums-Sha1:
0b6ba2e0a203cc84216a6441afb7ad7f87a06949 2860 ghostscript_10.06.0~dfsg-1.dsc
72d07cd350dbbff4c9c207ddbfe746c419e6fe8b 28869496
ghostscript_10.06.0~dfsg.orig.tar.xz
f862007ac87745529c9ec473f3c8e3e1711a23f8 85108
ghostscript_10.06.0~dfsg-1.debian.tar.xz
b9b59b4176abc11a698e4bfc4c1856aba4ae17d6 6284
ghostscript-dbgsym_10.06.0~dfsg-1_amd64.deb
931e3dc0289405f14fa2574d2f05626a8ec76c98 11691588
ghostscript-doc_10.06.0~dfsg-1_all.deb
6b806ba4ee23aa06894e596ac34405ebbd634c39 14196
ghostscript_10.06.0~dfsg-1_amd64.buildinfo
816f588cd74b76a39fb0420db5a81f357e567506 50464
ghostscript_10.06.0~dfsg-1_amd64.deb
a502ab4075b853753f6aeb3d26ae1504c3a1b62f 148532
libgs-common_10.06.0~dfsg-1_all.deb
b9509771ea614caef2cc718a2e6a96e1ee039af3 39372
libgs-dev_10.06.0~dfsg-1_amd64.deb
eb295b86fd609505c85f361eecdac3218a381fbe 479216
libgs10-common_10.06.0~dfsg-1_all.deb
6241dcc4bc1abdd6fa9c18cebdaaa8b783aa1a56 11197596
libgs10-dbgsym_10.06.0~dfsg-1_amd64.deb
ab8d7558004184c2956dc9c4dd1ead5ce85e03a2 2904656
libgs10_10.06.0~dfsg-1_amd64.deb
Checksums-Sha256:
f4e4c29454ef97ffe636523978c220be1040863a74fdfecbe3c046af3bcbcdf4 2860
ghostscript_10.06.0~dfsg-1.dsc
3c6fa910fb104b247f2dada7e2e01f169d1476f6b9b195ce69388042057aeb84 28869496
ghostscript_10.06.0~dfsg.orig.tar.xz
8901537de9f5ad4b8235afe36ec2a7a47e2760a4b4c564c6aafab103306603c8 85108
ghostscript_10.06.0~dfsg-1.debian.tar.xz
4b0a131a07c86db6edfc8d8a6be9ddd6f158857a0cd7f3517e25e503672ae693 6284
ghostscript-dbgsym_10.06.0~dfsg-1_amd64.deb
49b2ec13e958ee563d84c990a20bff5aa18ec17697516cd21828770be82e74e4 11691588
ghostscript-doc_10.06.0~dfsg-1_all.deb
c84e2e2f703bad446c751d66b5d93043d8bbe41709530f2539f7bcfcfa9ca261 14196
ghostscript_10.06.0~dfsg-1_amd64.buildinfo
c58fda6cd2ff53fabe02b05dee736fe4612e7d914c163d46e07a6f7c9f5d790e 50464
ghostscript_10.06.0~dfsg-1_amd64.deb
b3ded3505447ae61ba18c61af1cd24d9e6c9e85c02702f01cf63fae8d426756e 148532
libgs-common_10.06.0~dfsg-1_all.deb
b22ac64cbe2f7159011e66e034f9db49de6404ea0a79ea03cadba18c2b63adcd 39372
libgs-dev_10.06.0~dfsg-1_amd64.deb
2004a236b1f3755f650627af8124fc0dabb8b78bcc0f82e8a1c8a27066d9db56 479216
libgs10-common_10.06.0~dfsg-1_all.deb
3dd67041d9caa3036371f845443f060fd169f26a4bacdea1fdfff2b67156b8fc 11197596
libgs10-dbgsym_10.06.0~dfsg-1_amd64.deb
a3cc4ccfacb5cea0f79fc3dffc0c2ebdf350434aa5ead8eca4580f6d8a050638 2904656
libgs10_10.06.0~dfsg-1_amd64.deb
Files:
52029b55b98bd9614b03daf2fd260d1b 2860 text optional
ghostscript_10.06.0~dfsg-1.dsc
a980b670f21523e3433f955d6c02c24f 28869496 text optional
ghostscript_10.06.0~dfsg.orig.tar.xz
0f9309f3c842c037ca4a2799061f4a61 85108 text optional
ghostscript_10.06.0~dfsg-1.debian.tar.xz
8d8e8d022a17dc59a4a2c95da2f2988c 6284 debug optional
ghostscript-dbgsym_10.06.0~dfsg-1_amd64.deb
f08f8170b33c4b8ba0b93a575b021351 11691588 doc optional
ghostscript-doc_10.06.0~dfsg-1_all.deb
1345d39d669d8ad8bb982dd4124c49b2 14196 text optional
ghostscript_10.06.0~dfsg-1_amd64.buildinfo
f7591e23af1031b9d35b7be46ed204dc 50464 text optional
ghostscript_10.06.0~dfsg-1_amd64.deb
4edf4e281d83d31d944c9bf857da28ef 148532 libs optional
libgs-common_10.06.0~dfsg-1_all.deb
81a78d03779b5d08da7bf970404d24eb 39372 libdevel optional
libgs-dev_10.06.0~dfsg-1_amd64.deb
18bde41c9f738c07ede238f77d5e9f40 479216 libs optional
libgs10-common_10.06.0~dfsg-1_all.deb
c2d2e19d7ab347319c60c271debfafbe 11197596 debug optional
libgs10-dbgsym_10.06.0~dfsg-1_amd64.deb
9166e35a5efaf545e7eded51413f2c7a 2904656 libs optional
libgs10_10.06.0~dfsg-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQJDBAEBCgAtFiEEy89k8fa3rclNjyokyeVeL63I9LkFAmjajQkPHHNtckBkZWJp
YW4ub3JnAAoJEMnlXi+tyPS5W2IQAIZ/5ojyjXWZ9UcNW0TD7eZUxJ48rMegFojh
Mm1NcKRsDp2JvG2GTpayubhgfLXcdVj93RI9O7+o/nVJqDuGtx0tziX2RRRi9w+P
0HFrEEbjIvUvLovgoEOvIvw3tmD8g8cQ+YS/ouxbOPlkqUXSsMsXPMBTbdBWsMNW
0xQQ4cQE74B+uhgktoJ5az+cgd+8Sil6g+5xLyXlU92tVb7z+dW3Am3Xh3orEZzv
JGNv6WcJPDWZcR5PenmztVIE7iPu7wdAAhQgRcXxgWci3/B33U5EtnukxZrqMVVD
iSrlKYwzadIfw08E1aBk2CmM3+KP4UVEljXSLF62MGHV09Y85Ol9D5ML0jXwMuh/
A+PblXFtyW7kD9fYlne8HDScY42Umy6wh+fd7wG2UYJMXPdl90peMrOr5ELCxZqa
NpbNIWaCxDAVMAq+LIV2D5kUAV2816aZFAJGfPlig/+mkYEkyHhixg2SxoUlfuaF
Z+kPL/7QhTK7oKMa1gvMOB/xYQXituQqAGGAV7ydA27kQHJiibRuIogPnm8UaDWK
4Teu0IvLIR+Mp94sU29pb1v/wcH5J2B9RyHoR+SedoBnVvGT0CQcGKdRYNdOj45S
uXs4544cGD089PPyJBxn5ZujEF4fBoBhBmm/R8ApfYy35YzjMUQYBbxlenzCIzgn
vLXfxoNV
=QqXe
-----END PGP SIGNATURE-----
pgpHgln2v8etO.pgp
Description: PGP signature
--- End Message ---
