[SECURITY] Fedora 33 Update: xmlgraphics-commons-2.6-1.fc33

Apache XML Graphics Commons is a library that consists of several reusable components used by Apache Batik and Apache FOP. Many of these components can easily be used separately outside the domains of SVG and XSL-FO. You will find components such as a PDF library, an RTF library, Graphics2D...

Important: ghostscript

Issue Overview: Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code. CVE-2018-17183 Artifex Ghostscript 9.25 and earlier allows...

CVE-2021-26953

An issue was discovered in the postscript crate before 0.14.0 for Rust. It might allow attackers to obtain sensitive information from uninitialized memory locations via a user-provided Read implementation...

CVE-2021-26953

An issue was discovered in the postscript crate before 0.14.0 for Rust. It might allow attackers to obtain sensitive information from uninitialized memory locations via a user-provided Read implementation...

Information disclosure

An issue was discovered in the postscript crate before 0.14.0 for Rust. It might allow attackers to obtain sensitive information from uninitialized memory locations via a user-provided Read implementation...

CVE-2021-26953

The CVE-2021-26953 issue affects the Rust crate postscript, prior to version 0.14.0. Affected functionality passes an uninitialized buffer to a user-provided Read implementation, allowing potential information disclosure from uninitialized memory. The underlying cause is exposing an uninitialized...

CVE-2021-26953

An issue was discovered in the postscript crate before 0.14.0 for Rust. It might allow attackers to obtain sensitive information from uninitialized memory locations via a user-provided Read implementation...

CVE-2020-17422

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

Foxit Studio Photo 缓冲区错误漏洞

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. A remote code execution vulnerability exists in the handling of EPS files in Foxit Studio Photo 3.6.6.930 and earlier versions. The vulnerability stems from a lack of proper validation of user-supplied dat...

EulerOS 2.0 SP5 : ghostscript (EulerOS-SA-2021-1193)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a...

airust (=0.1.6), font (>=0.2.0 <=0.3.2) +6 more potentially affected by CVE-2021-26953 via postscript (>=0.10.1 <=0.11.1)

postscript CARGO version =0.10.1, =0.2.0, =0.0.2, =0.1.0, =0.15.0, =0.1.0, =0.6.3 - text =0.0.4 Source cves: CVE-2021-26953 Source advisory: OSV:RUSTSEC-2021-0017...

openSUSE Security Update : gimp (openSUSE-2020-2357)

This update for gimp fixes the following issues : Security issue fixed : - CVE-2017-17787: Fixed an out-of-bounds read in the PSP importer bsc1073628. Non-security issue fixed : - Fixed a software crash while importing a PostScript file bsc1178726. This update was imported from the...

[SECURITY] Fedora 33 Update: dia-0.97.3-16.fc33

The Dia drawing program can be used to draw different types of diagrams, and includes support for UML static structure diagrams class diagrams, entity relationship modeling, and network diagrams. Dia can load and save diagrams to a custom file format, can load and save in .xml format, and can...

Fedora: Security Advisory for dia (FEDORA-2020-cbc0754798)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: dia-0.97.3-16.fc32

The Dia drawing program can be used to draw different types of diagrams, and includes support for UML static structure diagrams class diagrams, entity relationship modeling, and network diagrams. Dia can load and save diagrams to a custom file format, can load and save in .xml format, and can...

USN-4686-1: Ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly handled certain image files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary co...

OPENSUSE-SU-2020:2357-1 Security update for gimp

This update for gimp fixes the following issues: Security issue fixed: - CVE-2017-17787: Fixed an out-of-bounds read in the PSP importer bsc1073628. Non-security issue fixed: - Fixed a software crash while importing a PostScript file bsc1178726. This update was imported from the SUSE:SLE-15:Updat...

Virtuozzo 7 : ghostscript / ghostscript-cups / ghostscript-doc / etc (VZLSA-2019-2586)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Denial Of Service (DoS)

ghostscript is vulnerable to denial of service. A NULL pointer dereference in devices/gdevtsep.c allows a remote attacker to cause a denial of service via a malicious postscript file...

MGASA-2020-0414 Updated lilypond package fixes a security vulnerability

It was discovered that Lilypond, a program for typesetting sheet music, did not restrict the inclusion of Postscript and SVG commands when operating in safe mode, which could result in the execution of arbitrary code when rendering a typesheet file with embedded Postscript code. CVE-2020-17353...