Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2016:2654-1

Опубликовано: 26 окт. 2016
Источник: suse-cvrf

Описание

Security update for ghostscript

This update for ghostscript fixes the following issues:

  • CVE-2016-8602: Insufficient parameter check in .sethalftone5 (bsc#1004237).

Список пакетов

SUSE Linux Enterprise Desktop 12 SP1
ghostscript-9.15-14.1
ghostscript-x11-9.15-14.1
SUSE Linux Enterprise Server 12 SP1
ghostscript-9.15-14.1
ghostscript-x11-9.15-14.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
ghostscript-9.15-14.1
ghostscript-x11-9.15-14.1
SUSE Linux Enterprise Software Development Kit 12 SP1
ghostscript-devel-9.15-14.1

Ссылки

Описание

The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:ghostscript-9.15-14.1
SUSE Linux Enterprise Desktop 12 SP1:ghostscript-x11-9.15-14.1
SUSE Linux Enterprise Server 12 SP1:ghostscript-9.15-14.1
SUSE Linux Enterprise Server 12 SP1:ghostscript-x11-9.15-14.1
Ссылки