Описание
Security update for ghostscript-library
This update for ghostscript fixes the following issues:
- CVE-2016-8602: Insufficient parameter check in .sethalftone5 (bsc#1004237)
Список пакетов
SUSE Linux Enterprise Server 11 SP4
ghostscript-fonts-other-8.62-32.41.1
ghostscript-fonts-rus-8.62-32.41.1
ghostscript-fonts-std-8.62-32.41.1
ghostscript-library-8.62-32.41.1
ghostscript-omni-8.62-32.41.1
ghostscript-x11-8.62-32.41.1
libgimpprint-4.2.7-32.41.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
ghostscript-fonts-other-8.62-32.41.1
ghostscript-fonts-rus-8.62-32.41.1
ghostscript-fonts-std-8.62-32.41.1
ghostscript-library-8.62-32.41.1
ghostscript-omni-8.62-32.41.1
ghostscript-x11-8.62-32.41.1
libgimpprint-4.2.7-32.41.1
SUSE Linux Enterprise Software Development Kit 11 SP4
ghostscript-devel-8.62-32.41.1
ghostscript-ijs-devel-8.62-32.41.1
libgimpprint-devel-4.2.7-32.41.1
Ссылки
- Link for SUSE-SU-2016:2723-1
- E-Mail link for SUSE-SU-2016:2723-1
- SUSE Security Ratings
- SUSE Bug 1004237
- SUSE CVE CVE-2016-8602 page
Описание
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:ghostscript-fonts-other-8.62-32.41.1
SUSE Linux Enterprise Server 11 SP4:ghostscript-fonts-rus-8.62-32.41.1
SUSE Linux Enterprise Server 11 SP4:ghostscript-fonts-std-8.62-32.41.1
SUSE Linux Enterprise Server 11 SP4:ghostscript-library-8.62-32.41.1
Ссылки
- CVE-2016-8602
- SUSE Bug 1001951
- SUSE Bug 1004237
- SUSE Bug 1036453