Bug 13209

Summary: [fix 21] ghostscript: fixed CVE-2023-28879
Product: [ROSA-based products] ROSA Fresh Reporter: Mikhail Novosyolov <m.novosyolov>
Component: Packages from MainAssignee: ROSA Linux Bugs <bugs>
Status: VERIFIED FIXED QA Contact: ROSA Linux Bugs <bugs>
Severity: critical    
Priority: High CC: e.malashin, v.potapov
Version: AllFlags: v.potapov: qa_verified+
v.potapov: published+
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Platform: 2021.1 ROSA Vulnerability identifier:
RPM Package: ISO-related:
Bad POT generating: Upstream:

Description Mikhail Novosyolov 2023-04-13 21:30:51 MSK 
********* QA ADVISORY *********

ghostscript 9.54.0-8
- applied minimal fix of CVE-2023-28879
(did not apply regression-potential additional hardening)
https://www.opennet.ru/opennews/art.shtml?num=58965

https://abf.io/build_lists/4421145
https://abf.io/build_lists/4421146
https://abf.io/build_lists/4421147
https://abf.io/build_lists/4421148
https://abf.io/build_lists/4421149
Comment 1 e.malashin@rosalinux.ru 2023-04-17 17:21:07 MSK 
The update sent to testings
Comment 2 Vladimir Potapov 2023-04-20 13:08:08 MSK 
ghostscript-9.54.0-8
https://abf.io/build_lists/4421145
https://abf.io/build_lists/4421146
https://abf.io/build_lists/4421147
https://abf.io/build_lists/4421148
https://abf.io/build_lists/4421149
***************************** Advisory ******************
- applied minimal fix of CVE-2023-28879
(did not apply regression-potential additional hardening)
*********************************************************
QA Verified