openSUSE-SU-2016:2710-1

Опубликовано: 03 нояб. 2016

Источник: suse-cvrf

Описание

Security update for ghostscript

This update for ghostscript fixes the following issues:

CVE-2016-8602: Insufficient parameter check in .sethalftone5 (bsc#1004237).

This update was imported from the SUSE:SLE-12:Update update project.

Список пакетов

openSUSE Leap 42.1

ghostscript-9.15-11.1

ghostscript-devel-9.15-11.1

ghostscript-mini-9.15-11.1

ghostscript-mini-devel-9.15-11.1

ghostscript-x11-9.15-11.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2016-11/msg00003.html
E-Mail link for openSUSE-SU-2016:2710-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.

Затронутые продукты

openSUSE Leap 42.1:ghostscript-9.15-11.1

openSUSE Leap 42.1:ghostscript-devel-9.15-11.1

openSUSE Leap 42.1:ghostscript-mini-9.15-11.1

openSUSE Leap 42.1:ghostscript-mini-devel-9.15-11.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-8602.html
CVE-2016-8602
https://bugzilla.suse.com/1001951
SUSE Bug 1001951
https://bugzilla.suse.com/1004237
SUSE Bug 1004237
https://bugzilla.suse.com/1036453
SUSE Bug 1036453

openSUSE-SU-2016:2710-1

Описание

Список пакетов

openSUSE Leap 42.1

Ссылки

Уязвимость: CVE-2016-8602

Описание

Затронутые продукты

Ссылки