Univention Bugzilla – Bug 51897
ghostscript: Multiple issues (4.4)
Last modified: 2020-08-26 16:35:40 CEST
New Debian ghostscript 9.26a~dfsg-0+deb9u7 fixes: This update addresses the following issues: * buffer overflow in lprn_is_black() in contrib/lips4/gdevlprn.c could result in a DoS via a crafted PDF file (CVE-2020-16287) * buffer overflow in pj_common_print_page() in devices/gdevpjet.c could result in a DoS via a crafted PDF file (CVE-2020-16288) * buffer overflow in cif_print_page() in devices/gdevcif.c could result in a DoS via a crafted PDF file (CVE-2020-16289) * buffer overflow in jetp3852_print_page() in devices/gdev3852.c could result in a DoS via a crafted PDF file (CVE-2020-16290) * buffer overflow in contrib/gdevdj9.c could result in a DoS via a crafted PDF file (CVE-2020-16291) * buffer overflow in mj_raster_cmd() in contrib/japanese/gdevmjc.c could result in a DoS via a crafted PDF file (CVE-2020-16292) * A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c could result in a DoS via a crafted PDF file (CVE-2020-16293) * buffer overflow in epsc_print_page() in devices/gdevepsc.c could result in a DoS via a crafted PDF file (CVE-2020-16294) * A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c could result in a DoS via a crafted PDF file (CVE-2020-16295) * buffer overflow in GetNumWrongData() in contrib/lips4/gdevlips.c could result in a DoS via a crafted PDF file (CVE-2020-16296) * buffer overflow in FloydSteinbergDitheringC() in contrib/gdevbjca.c could result in a DoS via a crafted PDF file (CVE-2020-16297) * buffer overflow in mj_color_correct() in contrib/japanese/gdevmjc.c could result in a DoS via a crafted PDF file (CVE-2020-16298) * division by zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c could result in a DoS via a crafted PDF file (CVE-2020-16299) * buffer overflow in tiff12_print_page() in devices/gdevtfnx.c could result in a DoS via a crafted PDF file (CVE-2020-16300) * buffer overflow in okiibm_print_page1() in devices/gdevokii.c could result in a DoS via a crafted PDF file (CVE-2020-16301) * buffer overflow in jetp3852_print_page() in devices/gdev3852.c could result in a privilege escalation via a crafted PDF file (CVE-2020-16302) * use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c could result in a privilege escalation via a crafted PDF file (CVE-2020-16303) * buffer overflow in image_render_color_thresh() in base/gxicolor.c could result in a DoS via a crafted PDF file (CVE-2020-16304) * buffer overflow in pcx_write_rle() in contrib/japanese/gdev10v.c could result in a DoS via a crafted PDF file (CVE-2020-16305) * A null pointer dereference vulnerability in devices/gdevtsep.c could result in a DoS via a crafted postscript file (CVE-2020-16306) * A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c could result in a DoS via a crafted postscript file (CVE-2020-16307) * buffer overflow in p_print_image() in devices/gdevcdj.c could result in a DoS via a crafted PDF file (CVE-2020-16308) * buffer overflow in lxm5700m_print_page() in devices/gdevlxm.c could result in a DoS via a crafted PDF file (CVE-2020-16309) * division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c could result in a DoS via a crafted PDF file (CVE-2020-16310) * buffer overflow in GetNumSameData() in contrib/lips4/gdevlips.c could result in a DoS via a crafted PDF file (CVE-2020-17538)
--- mirror/ftp/4.4/unmaintained/4.4-3/source/ghostscript_9.26a~dfsg-0+deb9u6.dsc +++ apt/ucs_4.4-0-errata4.4-5/source/ghostscript_9.26a~dfsg-0+deb9u7.dsc @@ -1,3 +1,83 @@ +9.26a~dfsg-0+deb9u7 [Thu, 20 Aug 2020 16:04:00 +0200] Sylvain Beucler <beuc@debian.org>: + + * Non-maintainer upload by the LTS Security Team. + * CVE-2020-16287: a buffer overflow vulnerability in lprn_is_black() in + contrib/lips4/gdevlprn.c allows a remote attacker to cause a denial of + service via a crafted PDF file. + * CVE-2020-16288: a buffer overflow vulnerability in + pj_common_print_page() in devices/gdevpjet.c allows a remote attacker + to cause a denial of service via a crafted PDF file. + * CVE-2020-16289: a buffer overflow vulnerability in cif_print_page() in + devices/gdevcif.c allows a remote attacker to cause a denial of + service via a crafted PDF file. + * CVE-2020-16290: a buffer overflow vulnerability in + jetp3852_print_page() in devices/gdev3852.c allows a remote attacker + to cause a denial of service via a crafted PDF file. + * CVE-2020-16291: a buffer overflow vulnerability in contrib/gdevdj9.c + allows a remote attacker to cause a denial of service via a crafted + PDF file. + * CVE-2020-16292: a buffer overflow vulnerability in mj_raster_cmd() in + contrib/japanese/gdevmjc.c allows a remote attacker to cause a denial + of service via a crafted PDF file. + * CVE-2020-16293: a null pointer dereference vulnerability in + compose_group_nonknockout_nonblend_isolated_allmask_common() in + base/gxblend.c allows a remote attacker to cause a denial of service + via a crafted PDF file. + * CVE-2020-16294: a buffer overflow vulnerability in epsc_print_page() + in devices/gdevepsc.c allows a remote attacker to cause a denial of + service via a crafted PDF file. + * CVE-2020-16295: a null pointer dereference vulnerability in + clj_media_size() in devices/gdevclj.c allows a remote attacker to + cause a denial of service via a crafted PDF file. + * CVE-2020-16296: a buffer overflow vulnerability in GetNumWrongData() + in contrib/lips4/gdevlips.c allows a remote attacker to cause a denial + of service via a crafted PDF file. + * CVE-2020-16297: a buffer overflow vulnerability in + FloydSteinbergDitheringC() in contrib/gdevbjca.c allows a remote + attacker to cause a denial of service via a crafted PDF file. + * CVE-2020-16298: a buffer overflow vulnerability in mj_color_correct() + in contrib/japanese/gdevmjc.c allows a remote attacker to cause a + denial of service via a crafted PDF file. + * CVE-2020-16299: a Division by Zero vulnerability in bj10v_print_page() + in contrib/japanese/gdev10v.c allows a remote attacker to cause a + denial of service via a crafted PDF file. + * CVE-2020-16300: a buffer overflow vulnerability in tiff12_print_page() + in devices/gdevtfnx.c allows a remote attacker to cause a denial of + service via a crafted PDF file. + * CVE-2020-16301: a buffer overflow vulnerability in + okiibm_print_page1() in devices/gdevokii.c allows a remote attacker to + cause a denial of service via a crafted PDF file. + * CVE-2020-16302: a buffer overflow vulnerability in + jetp3852_print_page() in devices/gdev3852.c allows a remote attacker + to escalate privileges via a crafted PDF file. + * CVE-2020-16303: a use-after-free vulnerability in + xps_finish_image_path() in devices/vector/gdevxps.c allows a remote + attacker to escalate privileges via a crafted PDF file. + * CVE-2020-16304: a buffer overflow vulnerability in + image_render_color_thresh() in base/gxicolor.c allows a remote + attacker to escalate privileges via a crafted eps file. + * CVE-2020-16305: a buffer overflow vulnerability in pcx_write_rle() in + contrib/japanese/gdev10v.c allows a remote attacker to cause a denial + of service via a crafted PDF file. + * CVE-2020-16306: a null pointer dereference vulnerability in + devices/gdevtsep.c allows a remote attacker to cause a denial of + service via a crafted postscript file. + * CVE-2020-16307: a null pointer dereference vulnerability in + devices/vector/gdevtxtw.c and psi/zbfont.c allows a remote attacker to + cause a denial of service via a crafted postscript file. + * CVE-2020-16308: a buffer overflow vulnerability in p_print_image() in + devices/gdevcdj.c allows a remote attacker to cause a denial of + service via a crafted PDF file. + * CVE-2020-16309: a buffer overflow vulnerability in + lxm5700m_print_page() in devices/gdevlxm.c allows a remote attacker to + cause a denial of service via a crafted eps file. + * CVE-2020-16310: a division by zero vulnerability in dot24_print_page() + in devices/gdevdm24.c allows a remote attacker to cause a denial of + service via a crafted PDF file. + * CVE-2020-17538: a buffer overflow vulnerability in GetNumSameData() in + contrib/lips4/gdevlips.c allows a remote attacker to cause a denial of + service via a crafted PDF file. + 9.26a~dfsg-0+deb9u6 [Wed, 13 Nov 2019 21:01:12 +0100] Salvatore Bonaccorso <carnil@debian.org>: * Non-maintainer upload by the Security Team. <http://10.200.17.11/4.4-5/#3440152646181977033>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-5] 29cf84b881 Bug #51897: ghostscript 9.26a~dfsg-0+deb9u7 doc/errata/staging/ghostscript.yaml | 42 ++++++++++++++++++------------------- 1 file changed, 21 insertions(+), 21 deletions(-) [4.4-5] e0912c56f6 Bug #51897: ghostscript 9.26a~dfsg-0+deb9u7 doc/errata/staging/ghostscript.yaml | 91 +++++++++++++++++++++++++++++++++++++ 1 file changed, 91 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x715>