diff --git a/debian/changelog b/debian/changelog
index 1c6e6a019ca32a1401cef6cb8d4b57ee998264e0..77c6af6663987c5583873ad423ee4b61af675285 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+ghostscript (9.50~dfsg-ok5) yangtze; urgency=medium
+
+  * repare CVE-2020-16290 安全更新：修复未正确验证数据边界可能导致缓冲区溢出的漏洞。
+
+ -- rfzhu99 <rfzhu99@whu.edu.cn>  Sat, 15 Jul 2023 13:14:01 +0800
+
 ghostscript (9.50~dfsg-ok4) yangtze; urgency=medium
 
   * another-lin CVE-2020-16288 安全更新：修复缓冲区错误的漏洞。该漏洞源于网络系统或产品在内存上执行操作时，未正确验证数据边界，导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等.
diff --git a/devices/gdev3852.c b/devices/gdev3852.c
index 2222ebe8b7627c5c4025cadce384c0106e79330b..3ae9e5a2ad8a062ca8bc4db331862f0858ce6168 100644
--- a/devices/gdev3852.c
+++ b/devices/gdev3852.c
@@ -77,6 +77,13 @@ jetp3852_print_page(gx_device_printer *pdev, gp_file *prn_stream)
         int lnum;
         int line_size = gdev_mem_bytes_per_scan_line((gx_device *)pdev);
         int num_blank_lines = 0;
+
+        if (line_size > DATA_SIZE) {
+            emprintf2(pdev->memory, "invalid resolution and/or width gives line_size = %d, max. is %d\n",
+                                line_size, DATA_SIZE);
+            return_error(gs_error_rangecheck);
+        }
+
         for ( lnum = 0; lnum < pdev->height; lnum++ ) {
             byte *end_data = data + line_size;
             gdev_prn_copy_scan_lines(pdev, lnum,