Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2017-2180

Опубликовано: 07 авг. 2017
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2017-2180: ghostscript security and bug fix update (LOW)

[9.07-28]

  • Security fix for CVE-2017-8291 updated to address SIGSEGV

[9.07-27]

  • Added security fix for CVE-2017-8291 (bug #1446063)

[9.07-26]

  • Updated requirements for lcms2 to avoid possible issues in the future

[9.07-25]

  • Added security fix for CVE-2017-7207 (bug #1434353)
  • Added explicit requirement for lcms2 version we are build with (bug #1436273)

[9.07-24]

  • Fix infinite 'for' loop in gdevp14.c file (bug #1424752)

[9.07-23]

  • Fix for regression caused by previous CVE fixes (bug #1411725)

[9.07-22]

  • Fix of SIGSEGV in cid_font_data_param when using ps2pdf (bug #1390847)

[9.07-21]

  • Added security fixes for:
    • CVE-2013-5653 (bug #1380327)
    • CVE-2016-7977 (bug #1380415)
    • CVE-2016-7978 (bug #1382300)
    • CVE-2016-7979 (bug #1382305)
    • CVE-2016-8602 (bug #1383940)

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

ghostscript

9.07-28.el7

ghostscript-cups

9.07-28.el7

ghostscript-devel

9.07-28.el7

ghostscript-doc

9.07-28.el7

ghostscript-gtk

9.07-28.el7

Oracle Linux x86_64

ghostscript

9.07-28.el7

ghostscript-cups

9.07-28.el7

ghostscript-devel

9.07-28.el7

ghostscript-doc

9.07-28.el7

ghostscript-gtk

9.07-28.el7

Связанные CVE

CVE-2017-7207

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2017-7207

CVSS3: 5.5
ubuntu
больше 8 лет назад

The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.

redhat логотип

CVE-2017-7207

CVSS3: 3.3
redhat
больше 8 лет назад

The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.

nvd логотип

CVE-2017-7207

CVSS3: 5.5
nvd
больше 8 лет назад

The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.

debian логотип

CVE-2017-7207

CVSS3: 5.5
debian
больше 8 лет назад

The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscr ...

github логотип

GHSA-3g8x-c82p-r7gj

CVSS3: 5.5
github
больше 3 лет назад

The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.