Debian Security Advisory
DLA-280-1 ghostscript -- LTS security update
- Date Reported:
- 25 Jul 2015
- Affected Packages:
- ghostscript
- Vulnerable:
- Yes
- Security database references:
- In the Debian bugtracking system: Bug 793489.
In Mitre's CVE dictionary: CVE-2015-3228. - More information:
-
In gs_heap_alloc_bytes(), add a sanity check to ensure we don't overflow the variable holding the actual number of bytes we allocate.