SUSE-SU-2022:0088-3

Опубликовано: 31 янв. 2023

Источник: suse-cvrf

Описание

Security update for ghostscript

This update for ghostscript fixes the following issues:

CVE-2021-45944: Fixed use-after-free in sampled_data_sample (bsc#1194303)
CVE-2021-45949: Fixed heap-based buffer overflow in sampled_data_finish (bsc#1194304)

Список пакетов

SUSE Enterprise Storage 6

ghostscript-9.52-161.1

ghostscript-devel-9.52-161.1

ghostscript-x11-9.52-161.1

SUSE Enterprise Storage 7

ghostscript-9.52-161.1

ghostscript-devel-9.52-161.1

ghostscript-x11-9.52-161.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

ghostscript-9.52-161.1

ghostscript-devel-9.52-161.1

ghostscript-x11-9.52-161.1

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

ghostscript-9.52-161.1

ghostscript-devel-9.52-161.1

ghostscript-x11-9.52-161.1

SUSE Linux Enterprise Server 15 SP1-LTSS

ghostscript-9.52-161.1

ghostscript-devel-9.52-161.1

ghostscript-x11-9.52-161.1

SUSE Linux Enterprise Server 15 SP2-LTSS

ghostscript-9.52-161.1

ghostscript-devel-9.52-161.1

ghostscript-x11-9.52-161.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

ghostscript-9.52-161.1

ghostscript-devel-9.52-161.1

ghostscript-x11-9.52-161.1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

ghostscript-9.52-161.1

ghostscript-devel-9.52-161.1

ghostscript-x11-9.52-161.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20220088-3/
Link for SUSE-SU-2022:0088-3
https://lists.suse.com/pipermail/sle-security-updates/2023-January/013607.html
E-Mail link for SUSE-SU-2022:0088-3
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1194303
SUSE Bug 1194303
https://bugzilla.suse.com/1194304
SUSE Bug 1194304
https://www.suse.com/security/cve/CVE-2021-45944/
SUSE CVE CVE-2021-45944 page
https://www.suse.com/security/cve/CVE-2021-45949/
SUSE CVE CVE-2021-45949 page

Описание

Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).

Затронутые продукты

SUSE Enterprise Storage 6:ghostscript-9.52-161.1

SUSE Enterprise Storage 6:ghostscript-devel-9.52-161.1

SUSE Enterprise Storage 6:ghostscript-x11-9.52-161.1

SUSE Enterprise Storage 7:ghostscript-9.52-161.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-45944.html
CVE-2021-45944
https://bugzilla.suse.com/1194303
SUSE Bug 1194303

Описание

Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).

Затронутые продукты

SUSE Enterprise Storage 6:ghostscript-9.52-161.1

SUSE Enterprise Storage 6:ghostscript-devel-9.52-161.1

SUSE Enterprise Storage 6:ghostscript-x11-9.52-161.1

SUSE Enterprise Storage 7:ghostscript-9.52-161.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-45949.html
CVE-2021-45949
https://bugzilla.suse.com/1194304
SUSE Bug 1194304

SUSE-SU-2022:0088-3

Описание

Список пакетов

SUSE Enterprise Storage 6

SUSE Enterprise Storage 7

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server 15 SP2-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

Ссылки

Уязвимость: CVE-2021-45944

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2021-45949

Описание

Затронутые продукты

Ссылки