Описание
Security update for ghostscript
This update for ghostscript fixes the following issues:
- CVE-2021-45944: Fixed use-after-free in sampled_data_sample (bsc#1194303)
- CVE-2021-45949: Fixed heap-based buffer overflow in sampled_data_finish (bsc#1194304)
Список пакетов
openSUSE Leap 15.4
ghostscript-9.52-161.1
ghostscript-devel-9.52-161.1
ghostscript-x11-9.52-161.1
Ссылки
- E-Mail link for openSUSE-SU-2022:0088-2
- SUSE Security Ratings
- SUSE Bug 1194303
- SUSE Bug 1194304
- SUSE CVE CVE-2021-45944 page
- SUSE CVE CVE-2021-45949 page
Описание
Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).
Затронутые продукты
openSUSE Leap 15.4:ghostscript-9.52-161.1
openSUSE Leap 15.4:ghostscript-devel-9.52-161.1
openSUSE Leap 15.4:ghostscript-x11-9.52-161.1
Ссылки
- CVE-2021-45944
- SUSE Bug 1194303
Описание
Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).
Затронутые продукты
openSUSE Leap 15.4:ghostscript-9.52-161.1
openSUSE Leap 15.4:ghostscript-devel-9.52-161.1
openSUSE Leap 15.4:ghostscript-x11-9.52-161.1
Ссылки
- CVE-2021-45949
- SUSE Bug 1194304