Bug#994011: ghostscript: CVE-2021-3781

To: Jonas Smedegaard <jonas@jones.dk>
Cc: 994011@bugs.debian.org, team@security.debian.org
Subject: Bug#994011: ghostscript: CVE-2021-3781
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 10 Sep 2021 14:17:14 +0200
Message-id: <[🔎] YTtMyoL6Ne6qkJ3p@eldamar.lan>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 994011@bugs.debian.org
In-reply-to: <[🔎] 163121498247.1724258.3373577554778644131@auryn.jones.dk>
References: <[🔎] 163120800815.3136053.10230330501661325113.reportbug@eldamar.lan> <[🔎] 163120800815.3136053.10230330501661325113.reportbug@eldamar.lan> <[🔎] 163121098206.1724258.4595470530000890584@auryn.jones.dk> <[🔎] YTpV0i1UAZhvtljP@eldamar.lan> <[🔎] 163121498247.1724258.3373577554778644131@auryn.jones.dk> <[🔎] 163120800815.3136053.10230330501661325113.reportbug@eldamar.lan>

Hi Jonas,

On Thu, Sep 09, 2021 at 09:16:22PM +0200, Jonas Smedegaard wrote:
> Quoting Salvatore Bonaccorso (2021-09-09 20:43:30)
> > Hi Jonas,
> > 
> > On Thu, Sep 09, 2021 at 08:09:42PM +0200, Jonas Smedegaard wrote:
> > > Hi Salvatore,
> > > 
> > > Quoting Salvatore Bonaccorso (2021-09-09 19:20:08)
> > > > The following vulnerability was published for ghostscript.
> > > > 
> > > > CVE-2021-3781[0].
> > > 
> > > I have prepared a package fixing this issue, available at 
> > > https://salsa.debian.org/printing-team/ghostscript/-/tree/debian/bullseye
> > > 
> > > Please tell how I should proceed with it - or feel free to proceed 
> > > yourself from here.
> > 
> > I did actually already uploaded earlier today to the embargoed queues,
> > waiting for the builds of mips64el and s390x yet, but then hope to
> > release the DSA soon.
> 
> Excellent!

DSA 4972-1 released for it.

Regards,
Salvatore

Reply to:

References:
- Bug#994011: ghostscript: CVE-2021-3781
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Bug#994011: ghostscript: CVE-2021-3781
  - From: Jonas Smedegaard <jonas@jones.dk>
- Bug#994011: ghostscript: CVE-2021-3781
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Bug#994011: ghostscript: CVE-2021-3781
  - From: Jonas Smedegaard <jonas@jones.dk>

Prev by Date: ghostscript_9.54.0~dfsg-2_source.changes ACCEPTED into experimental
Next by Date: Bug#588455: marked as done (samba: 'panic action' script called for /usr/sbin/smbd)
Previous by thread: Bug#994011: ghostscript: CVE-2021-3781
Next by thread: Bug#994011: marked as done (ghostscript: CVE-2021-3781)
Index(es):
- Date
- Thread