Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package ghostscript for openSUSE:Factory checked in at 2024-07-03 20:28:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ghostscript (Old) and /work/SRC/openSUSE:Factory/.ghostscript.new.18349 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "ghostscript" Wed Jul 3 20:28:11 2024 rev:67 rq:1184313 version:10.03.1 Changes: -------- --- /work/SRC/openSUSE:Factory/ghostscript/ghostscript.changes 2024-03-26 19:29:26.813761651 +0100 +++ /work/SRC/openSUSE:Factory/.ghostscript.new.18349/ghostscript.changes 2024-07-03 20:29:25.351137486 +0200 @@ -1,0 +2,23 @@ +Mon Jul 1 11:56:34 UTC 2024 - Johannes Meixner <jsmeix@suse.com> + +- Version upgrade to 10.03.1: + Highlights in this release include: + See 'Recent Changes in Ghostscript' at Ghostscript upstream + https://ghostscript.readthedocs.io/en/gs10.03.1/News.html + * Fixes for CVE-2024-33869, CVE-2023-52722, CVE-2024-33870, + CVE-2024-33871 and CVE-2024-29510 +- Regarding CVE-2024-33869 see bsc#1226946 and + https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=5ae2e3... + https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f5336e... + https://bugs.ghostscript.com/show_bug.cgi?id=707691 +- Regarding CVE-2023-52722 see bsc#1223852 and + https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=afd718... +- Regarding CVE-2024-33870 see bsc#1226944 and + https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=79aef1... + https://bugs.ghostscript.com/show_bug.cgi?id=707686 +- Regarding CVE-2024-33871 see bsc#1225491 and + https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=714588... +- Regarding CVE-2024-29510 see bsc#1226945 and + https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=3b1735... + +------------------------------------------------------------------- Old: ---- ghostscript-10.03.0.tar.xz New: ---- ghostscript-10.03.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ghostscript.spec ++++++ --- /var/tmp/diff_new_pack.h23HD1/_old 2024-07-03 20:29:26.503179651 +0200 +++ /var/tmp/diff_new_pack.h23HD1/_new 2024-07-03 20:29:26.507179798 +0200 @@ -24,13 +24,19 @@ %bcond_without apparmor %endif Name: ghostscript%{psuffix} -Version: 10.03.0 +Version: 10.03.1 Release: 0 Summary: The Ghostscript interpreter for PostScript and PDF License: AGPL-3.0-only Group: Productivity/Office/Other URL: https://www.ghostscript.com/ -Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs10... +# How to manually get Source0: +# Go to https://www.ghostscript.com +# -> "The current Ghostscript release 10.03.1 can be downloaded here" https://www.ghostscript.com/releases/index.html +# -> "Ghostscript" https://www.ghostscript.com/releases/gsdnld.html +# -> "Ghostscript 10.03.1 Source for all platforms / GNU Affero General Public License" = "Ghostscript AGPL Release" +# https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs10... +Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs10... Source10: apparmor_ghostscript # Patch0...Patch9 is for patches from upstream: # Source10...Source99 is for sources from SUSE which are intended for upstream: