Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2016-1050)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3148-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ghostscript security and bug fix update

9.07-28 - Security fix for CVE-2017-8291 updated to address SIGSEGV 9.07-27 - Added security fix for CVE-2017-8291 bug 1446063 9.07-26 - Updated requirements for lcms2 to avoid possible issues in the future 9.07-25 - Added security fix for CVE-2017-7207 bug 1434353 - Added explicit requirement fo...

CVE-2016-7978

Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice...

CVE-2016-7978

GBGhostscript CVE-2016-7978 is a use-after-free caused by a reference leak in .setdevice, enabling remote code execution. The IBM PowerKVM bulletin confirms Ghostscript-related fixes and states PowerKVM 2.1/3.1 are affected, with remediation via updates: PowerKVM 3.1.0.2 update 5 or later (and 2....

Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20170104)

Security Fixes : - It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list...

Oracle Linux 7 : ghostscript (ELSA-2017-0013)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0013 advisory. 9.07-201 - Added security fixes for: - CVE-2013-5653 bug 1380327 - CVE-2016-7977 bug 1380415 - CVE-2016-7978 bug 1382300 - CVE-2016-7979 bug 1382305 -...

CentOS 7 : ghostscript (CESA-2017:0013)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

ghostscript security update

CentOS Errata and Security Advisory CESA-2017:0013 An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

ghostscript security update

9.07-201 - Added security fixes for: - CVE-2013-5653 bug 1380327 - CVE-2016-7977 bug 1380415 - CVE-2016-7978 bug 1382300 - CVE-2016-7979 bug 1382305 - CVE-2016-8602 bug 1383940...

Ubuntu 14.04 LTS / 16.04 LTS : Ghostscript vulnerabilities (USN-3148-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3148-1 advisory. Tavis Ormandy discovered multiple vulnerabilities in the way that Ghostscript processes certain Postscript files. If a user or automated syst...

Fedora 25 : ghostscript (2016-2df27a2224)

This is a rebase of ghostscript package, to address several security issues : - CVE-2016-7977 - .libfile does not honor -dSAFER - CVE-2013-5653 - getenv and filenameforall ignore -dSAFER - CVE-2016-7976 - various userparams allow %pipe% in paths, allowing remote shell - CVE-2016-7978 - reference...

openSUSE Security Update : ghostscript (openSUSE-2016-1237)

This update for ghostscript fixes the following issues : - CVE-2016-8602: Fixes a NULL dereference in .sethalftone5 boo1004237. - CVE-2013-5653, CVE-2016-7978, CVE-2016-7979: Fix multiple -dsafer related CVE's boo1001951. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...

openSUSE: Security Advisory for ghostscript (openSUSE-SU-2016:2648-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for ghostscript-library (openSUSE-SU-2016:2574-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-7978

It was found that the ghostscript function .setdevice suffered a use-after-free vulnerability due to an incorrect reference count. A specially crafted postscript document could trigger code execution in the context of the gs process...

Security update for ghostscript-library (important)

This update for ghostscript-library fixes the following issues: - Multiple security vulnerabilities have been discovered where ghostscript's "-dsafer" flag did not provide sufficient protection against unintended access to the file system. Thus, a machine that would process a specially crafted...

Fedora 24 : ghostscript (2016-53e8aa35f6)

This is a rebase of ghostscript package, to address several security issues : - CVE-2016-7977 - .libfile does not honor -dSAFER - CVE-2013-5653 - getenv and filenameforall ignore -dSAFER - CVE-2016-7976 - various userparams allow %pipe% in paths, allowing remote shell - CVE-2016-7978 - reference...

[SECURITY] [DSA 3691-1] ghostscript security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3691-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 12, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3691-1] ghostscript security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3691-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 12, 2016 https://www.debian.org/security/faq -...