60 matches found
OPENSUSE-SU-2022:0088-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2021-45944: Fixed use-after-free in sampleddatasample bsc1194303 - CVE-2021-45949: Fixed heap-based buffer overflow in sampleddatafinish bsc1194304...
MGASA-2021-0436 Updated ghostscript packages fix security vulnerability
Trivial -dSAFER bypass in 9.55. CVE-2021-3781...
OPENSUSE-SU-2021:1273-1 Security update for ghostscript
This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection bsc1190381 Also a hardening fix was added: - Link as position independent executable bsc1184123 This update was imported from the SUSE:SLE-15:Update upda...
OPENSUSE-SU-2021:3044-1 Security update for ghostscript
This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection bsc1190381 Also a hardening fix was added: - Link as position independent executable bsc1184123...
OPENSUSE-SU-2020:1146-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - fixed CVE-2020-15900 Memory Corruption SAFER Sandbox Breakout cf. https://bugs.ghostscript.com/showbug.cgi?id=702582 bsc1174415 This update was imported from the SUSE:SLE-15:Update update project...
OPENSUSE-SU-2019:2534-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2019-14869: Fixed a possible dSAFER escape which could have allowed an attacker to gain high privileges by a specially crafted Postscript code bsc1156275. This update was imported from the SUSE:SLE-15:Update update project...
OPENSUSE-SU-2019:2223-1 Security update for ghostscript
This update for ghostscript fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. bsc1129180 - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators...
SUSE-SU-2019:2348-1 Security update for ghostscript
This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file bsc1144621...
SUSE SLED15 / SLES15 Security Update : ghostscript (SUSE-SU-2018:2976-1)
This update for ghostscript to version 9.25 fixes the following issues : These security issues were fixed : CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 CVE-2018-15909: Prevent type confusio...
SUSE-SU-2018:4087-1 Security update for ghostscript
This update for ghostscript to version 9.26 fixes the following issues: Security issues fixed: - CVE-2018-19475: Fixed bypass of an intended access restriction in psi/zdevice2.c bsc1117327 - CVE-2018-19476: Fixed bypass of an intended access restriction in psi/zicc.c bsc1117313 - CVE-2018-19477:...
SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2018:2975-1)
This update for ghostscript to version 9.25 fixes the following issues : These security issues were fixed : CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 CVE-2018-15909: Prevent type confusio...
MGASA-2018-0378 Updated ghostscript packages fix security vulnerabilities
Updated ghostscript packages fix several security vulnerabilities including: In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files CVE-2018-15908. In Artifex Ghostscript 9.23 before 2018-08-24, a typ...
SUSE-SU-2018:1884-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2018-10194: The settextdistance function did not prevent overflows in text-positioning calculation, which allowed remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted P...
SUSE-SU-2018:0407-1 Security update for ghostscript
This update for ghostscript fixes several issues. These security issues were fixed: - CVE-2017-9835: The gsallocrefarray function allowed remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScri...
MGASA-2017-0355 Updated ghostscript packages fix security vulnerabilities
The InsMIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash or possibly have unspecified other impact via a crafted document. CVE-2017-9611 The InsIP function in base/ttinterp.c...
SUSE-SU-2017:1138-1 Security update for ghostscript
This update for ghostscript fixes the following security vulnerabilities: CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. bsc1036453 CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misused to...
SUSE-SU-2016:2493-1 Security update for ghostscript-library
This update for ghostscript-library fixes the following issues: - Multiple security vulnerabilities have been discovered where ghostscript's '-dsafer' flag did not provide sufficient protection against unintended access to the file system. Thus, a machine that would process a specially crafted...
MGASA-2015-0308 Updated ghostscript package fixes security vulnerability
GhostScript is vulnerable to an integer overflow when processing a crafted PostScript file using the ps2pdf command CVE-2015-3228...
Important: Red Hat Security Advisory: ghostscript security update
A ghostscript package fixing a command execution vulnerability is now available. GNU Ghostscript is an interpreter for the PostScript language, and is often used when printing to printers that do not have their own built-in PostScript interpreter. A flaw has been discovered in the way Ghostscript...
Important: Red Hat Security Advisory: ghostscript security update
Updated packages are available for GNU Ghostscript, which fix a vulnerability found during PostScript interpretation. Ghostscript is a program for displaying PostScript files or printing them to non-PostScript printers. An untrusted PostScript file can cause ghostscript to execute arbitrary...