Univention Bugzilla – Bug 55168
ghostscript: Multiple issues (5.0)
Last modified: 2022-09-08 11:44:00 CEST
New Debian ghostscript 9.27~dfsg-2+deb10u6 fixes: This update addresses the following issue: * A heap-based buffer over write vulnerability was found in GhostScript's lp8000_print_page() function in gdevlp8k.c file. An attacker could trick a user to open a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service. (CVE-2020-27792)
--- mirror/ftp/pool/main/g/ghostscript/ghostscript_9.27~dfsg-2+deb10u5.dsc +++ apt/ucs_5.0-0-errata5.0-2/source/ghostscript_9.27~dfsg-2+deb10u6.dsc @@ -1,3 +1,12 @@ +9.27~dfsg-2+deb10u6 [Sat, 03 Sep 2022 23:19:16 +0200] Markus Koschany <apo@debian.org>: + + * Non-maintainer upload by the LTS team. + * Fix CVE-2020-27792: + A heap-based buffer over write vulnerability was found in GhostScript's + lp8000_print_page() function in gdevlp8k.c file. An attacker could trick a + user to open a crafted PDF file, triggering the heap buffer overflow that + could lead to memory corruption or a denial of service. + 9.27~dfsg-2+deb10u5 [Tue, 04 Jan 2022 16:46:59 +0100] Salvatore Bonaccorso <carnil@debian.org>: * Non-maintainer upload by the Security Team. <http://piuparts.knut.univention.de/5.0-2/#7467599451999482522>
OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-2] 440e763da9 Bug #55168: ghostscript 9.27~dfsg-2+deb10u6 doc/errata/staging/ghostscript.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) [5.0-2] 26b3bf2ed9 Bug #55168: ghostscript 9.27~dfsg-2+deb10u6 doc/errata/staging/ghostscript.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x409>