Описание
Security update for ghostscript
This update for ghostscript fixes the following issues:
- CVE-2023-38559: Fixed out-of-bounds read in devn_pcx_write_rle() that could result in DoS (bsc#1213637).
Список пакетов
SUSE Linux Enterprise Server 12 SP5
ghostscript-9.52-23.57.1
ghostscript-devel-9.52-23.57.1
ghostscript-x11-9.52-23.57.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
ghostscript-9.52-23.57.1
ghostscript-devel-9.52-23.57.1
ghostscript-x11-9.52-23.57.1
SUSE Linux Enterprise Software Development Kit 12 SP5
ghostscript-devel-9.52-23.57.1
Ссылки
- Link for SUSE-SU-2023:3439-1
- E-Mail link for SUSE-SU-2023:3439-1
- SUSE Security Ratings
- SUSE Bug 1213637
- SUSE CVE CVE-2023-38559 page
Описание
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:ghostscript-9.52-23.57.1
SUSE Linux Enterprise Server 12 SP5:ghostscript-devel-9.52-23.57.1
SUSE Linux Enterprise Server 12 SP5:ghostscript-x11-9.52-23.57.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:ghostscript-9.52-23.57.1
Ссылки
- CVE-2023-38559
- SUSE Bug 1213637