CentOS Errata and Security Advisory CESA-2008:0155
Ghostscript is a program for displaying PostScript files, or printing them
to non-PostScript printers.
Chris Evans from the Google Security Team reported a stack-based buffer
overflow flaw in Ghostscript’s zseticcspace() function. An attacker could
create a malicious PostScript file that would cause Ghostscript to execute
arbitrary code when opened. (CVE-2008-0411)
These updated packages also fix a bug, which prevented the pxlmono printer
driver from producing valid output on Red Hat Enterprise Linux 4.
All users of ghostscript are advised to upgrade to these updated packages,
which contain a backported patch to resolve these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-February/076878.html
https://lists.centos.org/pipermail/centos-announce/2008-February/076879.html
https://lists.centos.org/pipermail/centos-announce/2008-February/076882.html
https://lists.centos.org/pipermail/centos-announce/2008-February/076883.html
https://lists.centos.org/pipermail/centos-announce/2008-February/076887.html
https://lists.centos.org/pipermail/centos-announce/2008-February/076888.html
https://lists.centos.org/pipermail/centos-announce/2008-February/076892.html
https://lists.centos.org/pipermail/centos-announce/2008-February/076893.html
https://lists.centos.org/pipermail/centos-announce/2008-March/076902.html
https://lists.centos.org/pipermail/centos-announce/2008-March/076903.html
Affected packages:
ghostscript
ghostscript-devel
ghostscript-gtk
hpijs
Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0155
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 3 | i386 | ghostscript | <Â 7.05-32.1.13 | ghostscript-7.05-32.1.13.i386.rpm |
CentOS | 3 | i386 | ghostscript-devel | <Â 7.05-32.1.13 | ghostscript-devel-7.05-32.1.13.i386.rpm |
CentOS | 3 | i386 | hpijs | <Â 1.3-32.1.13 | hpijs-1.3-32.1.13.i386.rpm |
CentOS | 3 | i386 | ghostscript | <Â 7.05-32.1.13 | ghostscript-7.05-32.1.13.i386.rpm |
CentOS | 3 | x86_64 | ghostscript | <Â 7.05-32.1.13 | ghostscript-7.05-32.1.13.x86_64.rpm |
CentOS | 3 | x86_64 | ghostscript-devel | <Â 7.05-32.1.13 | ghostscript-devel-7.05-32.1.13.x86_64.rpm |
CentOS | 3 | x86_64 | hpijs | <Â 1.3-32.1.13 | hpijs-1.3-32.1.13.x86_64.rpm |
CentOS | 3 | ia64 | ghostscript | <Â 7.05-32.1.13 | ghostscript-7.05-32.1.13.ia64.rpm |
CentOS | 3 | ia64 | ghostscript-devel | <Â 7.05-32.1.13 | ghostscript-devel-7.05-32.1.13.ia64.rpm |
CentOS | 3 | ia64 | hpijs | <Â 1.3-32.1.13 | hpijs-1.3-32.1.13.ia64.rpm |