80 matches found
OESA-2024-2357 ghostscript security update
Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: VUL-0: CVE-2024-46951: ghostscript: Arbitrary code execution via unchecked "Implementation" pointer in "Pattern"...
[SECURITY] [DLA 3931-1] ghostscript security update
Debian LTS Advisory DLA-3931-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton October 22, 2024 https://wiki.debian.org/LTS Package : ghostscript Version : 9.53.3dfsg-7+deb11u8 CVE ID : CVE-2024-29508 A heap-based pointer disclosure problem was found in Ghostscript, ...
[SECURITY] [DSA 5760-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5760-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 29, 2024 https://www.debian.org/security/faq -...
DSA-5760-1 ghostscript - security update
Bulletin has no description...
MGASA-2024-0192 Updated ghostscript packages fix security vulnerabilities
Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed...
SUSE-SU-2024:1590-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2023-52722: Do not allow eexec seeds other than the Type 1 standard while using SAFER mode bsc1223852...
SUSE-SU-2024:0921-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - Fixed segfaults in gsheapfreeobject — ref:00D1igLOd.500Tr4BRgx:ref bsc1219357. Previously fixed security issue: - CVE-2020-36773: Fixed out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c for txtwrite bsc1219554...
SUSE-SU-2023:4917-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2023-46751: Fixed dangling pointer in gdevprnopenprinterseekable bsc1217871...
MGASA-2023-0290 Updated ghostscript packages fix security vulnerability
The updated packages fix a security vulnerability: In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated...
SUSE-SU-2023:3938-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2023-43115: Fixed remote code execution via crafted PostScript documents in gdevijs.c b sc1215466...
MGASA-2023-0260 Updated ghostscript packages fix security vulnerability
Ghostscript through 10.01.2 mishandles permission validation for pipe devices with the %pipe% prefix or the | pipe character prefix. CVE-2023-36664 A buffer overflow flaw was found in base/gdevdevn.c:1973 in devnpcxwriterle in ghostscript. This issue may allow a local attacker to cause a denial o...
SUSE-SU-2023:3439-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2023-38559: Fixed out-of-bounds read in devnpcxwriterle that could result in DoS bsc1213637...
MGASA-2023-0134 Updated ghostscript packages fix security vulnerability
In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then...
SUSE-SU-2022:0088-3 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2021-45944: Fixed use-after-free in sampleddatasample bsc1194303 - CVE-2021-45949: Fixed heap-based buffer overflow in sampleddatafinish bsc1194304...
OPENSUSE-SU-2022:0088-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2021-45944: Fixed use-after-free in sampleddatasample bsc1194303 - CVE-2021-45949: Fixed heap-based buffer overflow in sampleddatafinish bsc1194304...
MGASA-2021-0436 Updated ghostscript packages fix security vulnerability
Trivial -dSAFER bypass in 9.55. CVE-2021-3781...
OPENSUSE-SU-2021:1273-1 Security update for ghostscript
This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection bsc1190381 Also a hardening fix was added: - Link as position independent executable bsc1184123 This update was imported from the SUSE:SLE-15:Update upda...
OPENSUSE-SU-2021:3044-1 Security update for ghostscript
This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection bsc1190381 Also a hardening fix was added: - Link as position independent executable bsc1184123...
OPENSUSE-SU-2020:1146-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - fixed CVE-2020-15900 Memory Corruption SAFER Sandbox Breakout cf. https://bugs.ghostscript.com/showbug.cgi?id=702582 bsc1174415 This update was imported from the SUSE:SLE-15:Update update project...
OPENSUSE-SU-2019:2534-1 Security update for ghostscript
This update for ghostscript fixes the following issues: - CVE-2019-14869: Fixed a possible dSAFER escape which could have allowed an attacker to gain high privileges by a specially crafted Postscript code bsc1156275. This update was imported from the SUSE:SLE-15:Update update project...