Subject: | |
From: | |
Reply To: | |
Date: | Wed, 15 Apr 2009 15:35:37 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Moderate: ghostscript security update
Issue date: 2009-04-14
CVE Names: CVE-2007-6725 CVE-2008-6679 CVE-2009-0196
CVE-2009-0792
It was discovered that the Red Hat Security Advisory RHSA-2009:0345 did
not address all possible integer overflow flaws in Ghostscript's
International Color Consortium Format library (icclib). Using
specially-crafted ICC profiles, an attacker could create a malicious
PostScript or PDF file with embedded images that could cause Ghostscript
to crash or, potentially, execute arbitrary code when opened.
(CVE-2009-0792)
A buffer overflow flaw and multiple missing boundary checks were found
in Ghostscript. An attacker could create a specially-crafted PostScript
or PDF file that could cause Ghostscript to crash or, potentially,
execute arbitrary code when opened. (CVE-2008-6679, CVE-2007-6725,
CVE-2009-0196)
SL 3.0.x
SRPMS:
ghostscript-7.05-32.1.20.src.rpm
i386:
ghostscript-7.05-32.1.20.i386.rpm
ghostscript-devel-7.05-32.1.20.i386.rpm
hpijs-1.3-32.1.20.i386.rpm
x86_64:
ghostscript-7.05-32.1.20.i386.rpm
ghostscript-7.05-32.1.20.x86_64.rpm
ghostscript-devel-7.05-32.1.20.x86_64.rpm
hpijs-1.3-32.1.20.x86_64.rpm
SL 4.x
SRPMS:
ghostscript-7.07-33.2.el4_7.8.src.rpm
i386:
ghostscript-7.07-33.2.el4_7.8.i386.rpm
ghostscript-devel-7.07-33.2.el4_7.8.i386.rpm
ghostscript-gtk-7.07-33.2.el4_7.8.i386.rpm
x86_64:
ghostscript-7.07-33.2.el4_7.8.i386.rpm
ghostscript-7.07-33.2.el4_7.8.x86_64.rpm
ghostscript-devel-7.07-33.2.el4_7.8.x86_64.rpm
ghostscript-gtk-7.07-33.2.el4_7.8.x86_64.rpm
SL 5.x
SRPMS:
ghostscript-8.15.2-9.4.el5_3.7.src.rpm
i386:
ghostscript-8.15.2-9.4.el5_3.7.i386.rpm
ghostscript-devel-8.15.2-9.4.el5_3.7.i386.rpm
ghostscript-gtk-8.15.2-9.4.el5_3.7.i386.rpm
x86_64:
ghostscript-8.15.2-9.4.el5_3.7.i386.rpm
ghostscript-8.15.2-9.4.el5_3.7.x86_64.rpm
ghostscript-devel-8.15.2-9.4.el5_3.7.i386.rpm
ghostscript-devel-8.15.2-9.4.el5_3.7.x86_64.rpm
ghostscript-gtk-8.15.2-9.4.el5_3.7.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|