From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------ Debian Security Advisory DSA-1746-1
[email protected] http://www.debian.org/security/ Steffen Joeris
March 20, 2009
http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : ghostscript
Vulnerability : several vulnerabilities
Problem type : local (remote)
Debian-specific: no
CVE Ids : CVE-2009-0583 CVE-2009-0584
Two security issues have been discovered in ghostscript, the GPL
Ghostscript PostScript/PDF interpreter. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2009-0583
Jan Lieskovsky discovered multiple integer overflows in the ICC library,
which allow the execution of arbitrary code via crafted ICC profiles in PostScript files with embedded images.
CVE-2009-0584
Jan Lieskovsky discovered insufficient upper-bounds checks on certain
variable sizes in the ICC library, which allow the execution of
arbitrary code via crafted ICC profiles in PostScript files with
embedded images.
For the stable distribution (lenny), these problems have been fixed in
version 8.62.dfsg.1-3.2lenny1.
For the oldstable distribution (etch), these problems have been fixed
in version 8.54.dfsg.1-5etch2. Please note that the package in oldstable
is called gs-gpl.
For the testing distribution (squeeze) and the unstable distribution
(sid), these problems will be fixed soon.
We recommend that you upgrade your ghostscript/gs-gpl packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Debian (oldstable)
- ------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1.orig.tar.gz
Size/MD5 checksum: 11695732 05938e26bfa8769e28cf2bb38efd9673
http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch2.diff.gz
Size/MD5 checksum: 222025 2c1bc048ef7c965631c44e4f5fdf2421
http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch2.dsc
Size/MD5 checksum: 837 548225280e3ea0cc9f0752a0b84ee16a
Architecture independent packages:
http://security.debian.org/pool/updates/main/g/gs-gpl/gs_8.54.dfsg.1-5etch2_all.deb
Size/MD5 checksum: 14404 acbacfffd7964c8d7e2efc6d7b0c5fff
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch2_alpha.deb
Size/MD5 checksum: 5838820 d4e38d1dbc1265ca2b4ad8e49b8700cb
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch2_amd64.deb
Size/MD5 checksum: 5617322 f9d719e1c72e869f0aa530057d5da244
arm architecture (ARM)
http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch2_arm.deb
Size/MD5 checksum: 5509682 3581a6fa9c7e1b7eecb139a69bad831d
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch2_hppa.deb
Size/MD5 checksum: 5766684 408f1bc20285d13ebdaa1e92be345004
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch2_i386.deb
Size/MD5 checksum: 5526514 3f23df691da756cd3dbd7a56b1f7baae
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch2_ia64.deb
Size/MD5 checksum: 6551116 f0204f85d0c2342ce1df8a877b09ee68
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch2_mips.deb
Size/MD5 checksum: 5737602 48b8a1cd5c68383cb2bd673845a26a4c
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch2_mipsel.deb
Size/MD5 checksum: 5744092 cc66db4d6319f3115bebbe7a530950e0
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch2_powerpc.deb
Size/MD5 checksum: 5581730 cacef2383b679cecc01b5f8b039c6a5f
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch2_s390.deb
Size/MD5 checksum: 5536144 043ff8f2871620435156699cb28ab897
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/g/gs-gpl/gs-gpl_8.54.dfsg.1-5etch2_sparc.deb
Size/MD5 checksum: 5460146 74f43838cbe0cc7e33e75f46a3ea209a
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny1.dsc
Size/MD5 checksum: 1535 2f2559433a5e6996e514dafcca7dd69c
http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1-3.2lenny1.diff.gz
Size/MD5 checksum: 100462 83f637fa1b723157588d60b00a6b3a24
http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript_8.62.dfsg.1.orig.tar.gz
Size/MD5 checksum: 12212309 42fc1b31aa745c3765c2fcd2da243236
Architecture independent packages:
http://security.debian.org/pool/updates/main/g/ghostscript/gs_8.62.dfsg.1-3.2lenny1_all.deb
Size/MD5 checksum: 28512 ade6aa8af31b6bac6c452ea151db60b8
http://security.debian.org/pool/updates/main/g/ghostscript/gs-common_8.62.dfsg.1-3.2lenny1_all.deb
Size/MD5 checksum: 28726 10ba84f9f9385457a238ed77d89ed5c1
http://security.debian.org/pool/updates/main/g/ghostscript/ghostscript-doc_8.62.dfsg.1-3.2lenny1_all.deb
Size/MD5 checksum: 2790286 6c42b8804fe67c08afac4844c132c885
http://security.debian.org/pool/updates/main/g/ghostscript/gs-esp_8.62.dfsg.1-3.2lenny1_all.deb
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)