SUSE-SU-2023:1797-1

Опубликовано: 07 апр. 2023

Источник: suse-cvrf

Описание

Security update for ghostscript

This update for ghostscript fixes the following issues:

CVE-2023-28879: Fixed buffer Overflow in s_xBCPE_process (bsc#1210062).

Список пакетов

SUSE Linux Enterprise Server 12 SP2-BCL

ghostscript-9.52-23.51.1

ghostscript-devel-9.52-23.51.1

ghostscript-x11-9.52-23.51.1

SUSE Linux Enterprise Server 12 SP4-ESPOS

ghostscript-9.52-23.51.1

ghostscript-devel-9.52-23.51.1

ghostscript-x11-9.52-23.51.1

SUSE Linux Enterprise Server 12 SP4-LTSS

ghostscript-9.52-23.51.1

ghostscript-devel-9.52-23.51.1

ghostscript-x11-9.52-23.51.1

SUSE Linux Enterprise Server 12 SP5

ghostscript-9.52-23.51.1

ghostscript-devel-9.52-23.51.1

ghostscript-x11-9.52-23.51.1

SUSE Linux Enterprise Server for SAP Applications 12 SP4

ghostscript-9.52-23.51.1

ghostscript-devel-9.52-23.51.1

ghostscript-x11-9.52-23.51.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5

ghostscript-9.52-23.51.1

ghostscript-devel-9.52-23.51.1

ghostscript-x11-9.52-23.51.1

SUSE Linux Enterprise Software Development Kit 12 SP5

ghostscript-devel-9.52-23.51.1

SUSE OpenStack Cloud 9

ghostscript-9.52-23.51.1

ghostscript-devel-9.52-23.51.1

ghostscript-x11-9.52-23.51.1

SUSE OpenStack Cloud Crowbar 9

ghostscript-9.52-23.51.1

ghostscript-devel-9.52-23.51.1

ghostscript-x11-9.52-23.51.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20231797-1/
Link for SUSE-SU-2023:1797-1
https://lists.suse.com/pipermail/sle-security-updates/2023-April/014433.html
E-Mail link for SUSE-SU-2023:1797-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1210062
SUSE Bug 1210062
https://www.suse.com/security/cve/CVE-2023-28879/
SUSE CVE CVE-2023-28879 page

Описание

In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written.

Затронутые продукты

SUSE Linux Enterprise Server 12 SP2-BCL:ghostscript-9.52-23.51.1

SUSE Linux Enterprise Server 12 SP2-BCL:ghostscript-devel-9.52-23.51.1

SUSE Linux Enterprise Server 12 SP2-BCL:ghostscript-x11-9.52-23.51.1

SUSE Linux Enterprise Server 12 SP4-ESPOS:ghostscript-9.52-23.51.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-28879.html
CVE-2023-28879
https://bugzilla.suse.com/1210062
SUSE Bug 1210062
https://bugzilla.suse.com/1210900
SUSE Bug 1210900
https://bugzilla.suse.com/1211514
SUSE Bug 1211514
https://bugzilla.suse.com/1213844
SUSE Bug 1213844

SUSE-SU-2023:1797-1

Описание

Список пакетов

SUSE Linux Enterprise Server 12 SP2-BCL

SUSE Linux Enterprise Server 12 SP4-ESPOS

SUSE Linux Enterprise Server 12 SP4-LTSS

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP4

SUSE Linux Enterprise Server for SAP Applications 12 SP5

SUSE Linux Enterprise Software Development Kit 12 SP5

SUSE OpenStack Cloud 9

SUSE OpenStack Cloud Crowbar 9

Ссылки

Уязвимость: CVE-2023-28879

Описание

Затронутые продукты

Ссылки