SUSE-SU-2025:4148-1

Опубликовано: 20 нояб. 2025

Источник: suse-cvrf

Описание

Security update for ghostscript

This update for ghostscript fixes the following issues:

CVE-2025-59798: Fixed stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c. (bsc#1250353)
CVE-2025-59799: Fixed stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value. (bsc#1250354)

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP6

ghostscript-9.52-150000.211.1

ghostscript-devel-9.52-150000.211.1

ghostscript-x11-9.52-150000.211.1

SUSE Linux Enterprise Module for Basesystem 15 SP7

ghostscript-9.52-150000.211.1

ghostscript-devel-9.52-150000.211.1

ghostscript-x11-9.52-150000.211.1

openSUSE Leap 15.6

ghostscript-9.52-150000.211.1

ghostscript-devel-9.52-150000.211.1

ghostscript-x11-9.52-150000.211.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-20254148-1/
Link for SUSE-SU-2025:4148-1
https://lists.suse.com/pipermail/sle-security-updates/2025-November/023308.html
E-Mail link for SUSE-SU-2025:4148-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1250353
SUSE Bug 1250353
https://bugzilla.suse.com/1250354
SUSE Bug 1250354
https://www.suse.com/security/cve/CVE-2025-59798/
SUSE CVE CVE-2025-59798 page
https://www.suse.com/security/cve/CVE-2025-59799/
SUSE CVE CVE-2025-59799 page

Описание

Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c.

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15 SP6:ghostscript-9.52-150000.211.1

SUSE Linux Enterprise Module for Basesystem 15 SP6:ghostscript-devel-9.52-150000.211.1

SUSE Linux Enterprise Module for Basesystem 15 SP6:ghostscript-x11-9.52-150000.211.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:ghostscript-9.52-150000.211.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-59798.html
CVE-2025-59798
https://bugzilla.suse.com/1250353
SUSE Bug 1250353

Описание

Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value.

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15 SP6:ghostscript-9.52-150000.211.1

SUSE Linux Enterprise Module for Basesystem 15 SP6:ghostscript-devel-9.52-150000.211.1

SUSE Linux Enterprise Module for Basesystem 15 SP6:ghostscript-x11-9.52-150000.211.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:ghostscript-9.52-150000.211.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-59799.html
CVE-2025-59799
https://bugzilla.suse.com/1250354
SUSE Bug 1250354

SUSE-SU-2025:4148-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP6

SUSE Linux Enterprise Module for Basesystem 15 SP7

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2025-59798

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2025-59799

Описание

Затронутые продукты

Ссылки