Описание
Security update for ghostscript
This update for ghostscript fixes the following issues:
- CVE-2021-45944: Fixed use-after-free in sampled_data_sample (bsc#1194303)
- CVE-2021-45949: Fixed heap-based buffer overflow in sampled_data_finish (bsc#1194304)
Список пакетов
SUSE Linux Enterprise Server 12 SP5
ghostscript-9.52-23.48.1
ghostscript-devel-9.52-23.48.1
ghostscript-x11-9.52-23.48.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
ghostscript-9.52-23.48.1
ghostscript-devel-9.52-23.48.1
ghostscript-x11-9.52-23.48.1
SUSE Linux Enterprise Software Development Kit 12 SP5
ghostscript-devel-9.52-23.48.1
Ссылки
- Link for SUSE-SU-2022:0081-1
- E-Mail link for SUSE-SU-2022:0081-1
- SUSE Security Ratings
- SUSE Bug 1194303
- SUSE Bug 1194304
- SUSE CVE CVE-2021-45944 page
- SUSE CVE CVE-2021-45949 page
Описание
Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:ghostscript-9.52-23.48.1
SUSE Linux Enterprise Server 12 SP5:ghostscript-devel-9.52-23.48.1
SUSE Linux Enterprise Server 12 SP5:ghostscript-x11-9.52-23.48.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:ghostscript-9.52-23.48.1
Ссылки
- CVE-2021-45944
- SUSE Bug 1194303
Описание
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:ghostscript-9.52-23.48.1
SUSE Linux Enterprise Server 12 SP5:ghostscript-devel-9.52-23.48.1
SUSE Linux Enterprise Server 12 SP5:ghostscript-x11-9.52-23.48.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:ghostscript-9.52-23.48.1
Ссылки
- CVE-2021-45949
- SUSE Bug 1194304