[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 3838-1] ghostscript security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3838-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
April 28, 2017                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : ghostscript
CVE ID         : CVE-2016-10219 CVE-2016-10220 CVE-2017-5951 CVE-2017-7207
                 CVE-2017-8291
Debian Bug     : 858350 859666 859694 859696 861295

Several vulnerabilities were discovered in Ghostscript, the GPL
PostScript/PDF interpreter, which may lead to the execution of arbitrary
code or denial of service if a specially crafted Postscript file is
processed.

For the stable distribution (jessie), these problems have been fixed in
version 9.06~dfsg-2+deb8u5.

For the unstable distribution (sid), these problems have been fixed in
version 9.20~dfsg-3.1 or earlier versions.

We recommend that you upgrade your ghostscript packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlkDK7FfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Sy2A/+NRPzrRNkijdWTdHNqNT81bZ1Rodg0+gbHFlZ5z867x+A2G7qlYLfJhcS
dkdHG50ANakgqPVkjy4bdIeakFerlHmlVVGUfiVD5MGPblBKWYL1Er4wybhW2ucs
ATmOOKrxjzD8lRCwgxN2LLgdAJn0o51KZJYYxu1QQsRMlR1LqmfOJwQlhHck/9eC
WMXTojqIzamgUHOe8CInu7j7dZofHHGnjPGQqbCUBF3/2/y7IxN5JwsiSpsQTnPC
/KeRcGa2t+fILdM63cahPk+bGivECeXKql9gF8087z5iDR53+uPqubW6GF/OFEpS
2AdT05Mttx6gyiJtAgzFW6Fmv1CH1xynYnsi8e9YhRaDfW7L0/l+fHraHDNrMDnS
IqKPpVUqxjXFNWwKVU6XlP6WEaZvUacU5VUjKd+4pIBkplIx0teQ6t4QPsnMM106
FEO3ob4/2uXICWwdVK/HGAA083boSdpJ1fij9lR1AXflvth2gv5vIfIqHTgeA+uU
MyK5O0hKpKaWYRW5eIUtLA3/woPnXI75LSZemYSw4hrauPGoVWgs0gPtxpPhCLZM
SW3sP+jRY7LCoAG/uvW+CRnBhcbkjbMZUK9PfpCE+Fgae/T1kxkNtUXEVjoho7vx
PAWRr5RaLFusbPlExP34C9mRnbBM3VPUJcTJn8hguKz2tjmkCfY=
=usrs
-----END PGP SIGNATURE-----


Reply to: