Описание
Security update for ghostscript-library
This update for ghostscript-library fixes the following issues:
-
Multiple security vulnerabilities have been discovered where ghostscript's '-dsafer' flag did not provide sufficient protection against unintended access to the file system. Thus, a machine that would process a specially crafted Postscript file would potentially leak sensitive information to an attacker. (CVE-2013-5653, bsc#1001951)
-
An incorrect reference count was found in .setdevice. This issue lead to a use-after-free scenario, which could have been exploited for denial-of-service or, possibly, arbitrary code execution attacks. (CVE-2016-7978, bsc#1001951)
-
Insufficient validation of the type of input in .initialize_dsc_parser used to allow remote code execution. (CVE-2016-7979, bsc#1001951)
This update was imported from the SUSE:SLE-12:Update update project.
Список пакетов
openSUSE Leap 42.1
Ссылки
- E-Mail link for openSUSE-SU-2016:2574-1
- SUSE Security Ratings
Описание
The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.
Затронутые продукты
Ссылки
- CVE-2013-5653
- SUSE Bug 1001951
- SUSE Bug 1004237
- SUSE Bug 1036453
Описание
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.
Затронутые продукты
Ссылки
- CVE-2016-7978
- SUSE Bug 1001951
- SUSE Bug 1004237
Описание
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.
Затронутые продукты
Ссылки
- CVE-2016-7979
- SUSE Bug 1001951
- SUSE Bug 1004237