Update ghostscript to version 8.61.dfsg.1-1ubuntu3.2
Bug #352920 reported by
Nicola Ferralis
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
The Dell Mini Project |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
OpenSSL is currently in version 8.61.dfsg.
ghostscript (8.61.dfsg.
* SECURITY UPDATE: Arbitrary code execution due to integer overflows and
insufficient upper-bounds checks in the ICC library
- debian/
overflows and perform bounds checking in icclib/icc.c.
- CVE-2009-0583
- CVE-2009-0584
-- Marc Deslauriers <email address hidden> Mon, 23 Mar 2009 07:46:37 -0400
Changed in dell-mini: | |
status: | New → Confirmed |
To post a comment you must log in.
New release in generic hardy fixes several other vulnerabilities
ghostscript (8.61.dfsg. 1-1ubuntu3. 2) hardy-security; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code patches/ 33_CVE- 2007-6725. dpatch: work around the buffer patches/ 34_CVE- 2008-6679. dpatch: increase size of buffer in gdevpdtb. c. patches/ 35_CVE- 2009-0196. dpatch: validate size of runlength jbig2_symbol_ dict.c. patches/ 36_CVE- 2009-0792. dpatch: fix numerous overflows in
execution via buffer underflow in the CCITTFax decoding filter
- debian/
underflow in src/scfd.c.
- CVE-2007-6725
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via BaseFont writer module
- debian/
src/
- CVE-2008-6679
* SECURITY UPDATE: possible arbitrary code execution via JBIG2 symbol
dictionary segments
- debian/
in export symbol table in jbig2dec/
- CVE-2009-0196
* SECURITY UPDATE: denial of service and possible arbitrary code
execution via integer overflows in icclib
- debian/
icclib/icc.c.
- CVE-2009-0792
-- Marc Deslauriers <email address hidden> Thu, 09 Apr 2009 11:26:12 -0400