Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:1332-1

Опубликовано: 18 мая 2018
Источник: suse-cvrf

Описание

Security update for ghostscript

This update for ghostscript fixes the following issues:

  • CVE-2018-10194: A stack-based buffer overflow was fixed in gdevpdts.c (bsc#1090099)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP3
ghostscript-9.15-23.10.2
ghostscript-x11-9.15-23.10.2
SUSE Linux Enterprise Server 12 SP3
ghostscript-9.15-23.10.2
ghostscript-x11-9.15-23.10.2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
ghostscript-9.15-23.10.2
ghostscript-x11-9.15-23.10.2
SUSE Linux Enterprise Software Development Kit 12 SP3
ghostscript-devel-9.15-23.10.2

Ссылки

Описание

The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.

Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:ghostscript-9.15-23.10.2
SUSE Linux Enterprise Desktop 12 SP3:ghostscript-x11-9.15-23.10.2
SUSE Linux Enterprise Server 12 SP3:ghostscript-9.15-23.10.2
SUSE Linux Enterprise Server 12 SP3:ghostscript-x11-9.15-23.10.2
Ссылки