[Buildroot] [PATCH v2] package/ghostscript: security bump to v10.06.0
Julien Olivain
ju.o at free.fr
Fri Oct 3 17:15:36 UTC 2025
On 03/10/2025 14:54, Titouan Christophe via buildroot wrote:
> This fixes the following vulnerabilities:
> - CVE-2025-59798:
> Artifex Ghostscript through 10.05.1 has a stack-based buffer
> overflow
> in pdf_write_cmap in devices/vector/gdevpdtw.c.
> https://www.cve.org/CVERecord?id=CVE-2025-59798
>
> - CVE-2025-59799:
> Artifex Ghostscript through 10.05.1 has a stack-based buffer
> overflow
> in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large
> size
> value.
> https://www.cve.org/CVERecord?id=CVE-2025-59799
>
> - CVE-2025-59800:
> In Artifex Ghostscript through 10.05.1, ocr_begin_page in
> devices/gdevpdfocr.c has an integer overflow that leads to a heap-
> based buffer overflow in ocr_line8.
> https://www.cve.org/CVERecord?id=CVE-2025-59800
>
> - CVE-2025-59801:
> In Artifex GhostXPS before 10.06.0, there is a stack-based buffer
> overflow in xps_unpredict_tiff in xpstiff.c because the
> samplesperpixel value is not checked.
> https://www.cve.org/CVERecord?id=CVE-2025-59801
>
> Also remove patch that is now applied upstream, and add new patch from
> upstream to fix a compilation issue on 32bits platforms
>
> Signed-off-by: Titouan Christophe <titouan.christophe at mind.be>
Applied to master, thanks.
For info, I also included the changes from my v1 review that
you might have overlooked. See:
https://patchwork.ozlabs.org/project/buildroot/patch/20250930104038.58702-1-titouan.christophe@mind.be/
https://gitlab.com/buildroot.org/buildroot/-/commit/6f984089c0ff103fca50617c9fa033eaadf61e51
Best regards,
Julien.
More information about the buildroot
mailing list