1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4372-1] ghostscript security update

    From Salvatore Bonaccorso@1:229/2 to All on Sat Jan 26 15:50:01 2019
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4372-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 26, 2019 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : ghostscript
    CVE ID : CVE-2019-6116

    Tavis Ormandy discovered a vulnerability in Ghostscript, the GPL
    PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed (despite the -dSAFER sandbox being enabled).

    For the stable distribution (stretch), this problem has been fixed in
    version 9.26a~dfsg-0+deb9u1.

    We recommend that you upgrade your ghostscript packages.

    For the detailed security status of ghostscript please refer to its
    security tracker page at: https://security-tracker.debian.org/tracker/ghostscript

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlxMczFfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Q1MRAAlCetloIVfSnNj8TX8cRElftZYu8q1YY4XR8vH4Hv3gro2rvjdpy1j7qF ruj3tqVvnVN14m3FUpV6g3OSgqacZBtteffMeDJEhHVsD2cfEisApWMog+F7Fc4o rVz5kIXGC7tkLgGR2UVq+Tytdim/t7qZxdXgDavXJatiB7B53SHznFcEYfpUtOVe ZyfBlQsdu46xsxYU+hx/6XIoRjCwtgvlXvUecnRDmEYbcqCqjCCcd5cqw8yt2Gmy 2f3WzxNxkXrVH0ClW9Fu3045IjEzru4o9T9yBBZMUA4XSllHrAjvQ0ObysEyltwd 2xCiJMRfHdjg18ugT4Qj3J56KrfUMHS8k3sPj7TORNo12doMO5zVdZxSLzVxD1Mx xkKsGYomTUh0T93N9NGEres41FvRRgmq0lbzRXzn2QsvbMxGyxIMG05zgaehP93A Zae2dLJ3abWXV5snuRPuvXVrscDlXvpaz5iebVEPWEIXaI3tzQeqDmy87AzaMVv1 70m59E8UTiu6YIpm2NdbqMMA4SH9b1U6ym549PSZMnrO248uku7fk1Jtx5Qn1cH5 Ot//Jg4AXMF8DU3MaPvVYQlg5xfcJTJaUYvMiYVMHuUf/oMSPyKoKvPKMHPtC6oO u5lmXWV72u0q7nsgf8l+ONVQZUaaGQV3TYE12HM2sDWGv+y4qI4=
    =gkMQ
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)