Univention Bugzilla – Full Text Bug Listing |
Summary: | ghostscript: Integeroverflow (4.1) | ||
---|---|---|---|
Product: | UCS | Reporter: | Arvid Requate <requate> |
Component: | Security updates | Assignee: | Arvid Requate <requate> |
Status: | CLOSED FIXED | QA Contact: | Janek Walkenhorst <walkenhorst> |
Severity: | normal | ||
Priority: | P4 | CC: | hahn |
Version: | UCS 4.1 | Flags: | requate:
Patch_Available+
|
Target Milestone: | UCS 4.1-4-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | Security | |
Max CVSS v3 score: | 7.8 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) | ||
Bug Depends on: | 44569 | ||
Bug Blocks: | 42569 |
Description
Arvid Requate
2015-09-28 18:21:11 CEST
The following issues have been reported as fixed in the Debian Jessie package version (9.06~dfsg-2+deb8u3): * Ghostscript information disclosure through getenv, filenameforall (CVE-2013-5653) * various userparams allow %pipe% in paths, allowing remote shell command execution (CVE-2016-7976) * .libfile doesn't check PermitFileReading array, allowing remote file disclosure (CVE-2016-7977) * reference leak in .setdevice allows use-after-free and remote code execution (CVE-2016-7978) * type confusion in .initialize_dsc_parser allows remote code execution (CVE-2016-7979) * type confusion (CVE-2016-8602) An updated Wheezy package is also available: 9.05~dfsg-6.3+deb7u3 Regression fix: 9.05~dfsg-6.3+deb7u4 Upstream Debian package version 9.05~dfsg-6.3+deb7u5 fixes these issues: * Application crash with division by 0 in scan conversion code triggered through crafted content (CVE-2016-10219) * Application crash with a segfault in gx_device_finalize() triggered through crafted content (CVE-2016-10220) * Application crash with a segfault in ref_stack_index() triggered through crafted content (CVE-2017-5951) Upstream Debian package version 9.05~dfsg-6.3+deb7u6 fixes this issue: * Possible execution of arbitrary code or denial of service if a specially crafted Postscript file is processed (CVE-2017-8291) FTBFS: devlibs error: There is no package matching [libgssapi3-dev] and noone provides it, please report bug to d-shlibs maintainer r17558 | Bug #39423: Fix build with heimdal Package: ghostscript Version: 9.05~dfsg-6.3.34.201706271134 Branch: ucs_4.1-0 Scope: errata4.1-4 Advisory: ghostscript.yaml Tests (amd64): OK Advisory: OK |