Login
Newsletter
Werbung

Sicherheit: Ungewollte Kommandoausführung in ghostscript
Aktuelle Meldungen Distributionen
Name: Ungewollte Kommandoausführung in ghostscript
ID: MDKSA-2003:065
Distribution: Mandrake
Plattformen: Mandrake 8.2, Mandrake 9.0, Mandrake Corporate Server 2.1, Mandrake 9.1
Datum: Mi, 11. Juni 2003, 13:00
Referenzen: Keine Angabe
Applikationen: AFPL Ghostscript

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name: ghostscript
Advisory ID: MDKSA-2003:065
Date: June 10th, 2003

Affected versions: 8.2, 9.0, 9.1, Corporate Server 2.1
________________________________________________________________________

Problem Description:

A vulnerability was discovered in Ghostscript versions prior to 7.07
that allowed malicious postscript files to execute arbitrary commands
even when -dSAFER is enabled.
________________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0354
http://www.ghostscript.com/pipermail/gs-cvs/2003-May/003276.html
________________________________________________________________________

Updated Packages:

Corporate Server 2.1:
aea19db660ed07ab74e7ca7b69cad216
corporate/2.1/RPMS/cups-drivers-1.1-84.3mdk.i586.rpm
ccfec0900853fcdeaa2a1ec051310f2e
corporate/2.1/RPMS/foomatic-2.0.2-20021220.2.3mdk.i586.rpm
c179c1b205d1dbd529cf06326ceb3ec7
corporate/2.1/RPMS/ghostscript-7.05-33.3mdk.i586.rpm
b9ab3bc8caf0a386242b399d6d56d4ac
corporate/2.1/RPMS/ghostscript-module-X-7.05-33.3mdk.i586.rpm
5ece76a3b7a0cb5994976ea16df2bcd4
corporate/2.1/RPMS/libgimpprint1-4.2.5-0.2.3mdk.i586.rpm
f9cdc11bfd3fe0e9171ef6d89998f7c7
corporate/2.1/RPMS/libgimpprint1-devel-4.2.5-0.2.3mdk.i586.rpm
0609ace94d1a39215dd3abd99a8c7e2c
corporate/2.1/RPMS/printer-filters-1.0-84.3mdk.i586.rpm
5171fcbe0d917699832824beba8a878f
corporate/2.1/RPMS/printer-testpages-1.0-84.3mdk.i586.rpm
eb6578c57de83aab79d91dd318b96692
corporate/2.1/RPMS/printer-utils-1.0-84.3mdk.i586.rpm
49c2a573b772796b7d0cf3ac384dd747
corporate/2.1/RPMS/libijs0-0.34-24.3mdk.i586.rpm
a82adb5008ac22c603dfbdc5777fc72b
corporate/2.1/RPMS/libijs0-devel-0.34-24.3mdk.i586.rpm
447342be8d0ec6461aa39c7378054358
corporate/2.1/SRPMS/printer-drivers-1.0-84.3mdk.src.rpm

Mandrake Linux 8.2:
98a16a048eecdabd881dd4e3f1db2bc4 8.2/RPMS/cups-drivers-1.1-48.3mdk.i586.rpm
7c6a97a539f60bb994de6fc89584b111 8.2/RPMS/foomatic-1.1-0.20020323mdk.i586.rpm
4182e96ec07ba45755a9b7f5dbed9790 8.2/RPMS/ghostscript-6.53-13.3mdk.i586.rpm
7fc3901aa3bac77984ff4bbf477a55cd
8.2/RPMS/ghostscript-module-SVGALIB-6.53-13.3mdk.i586.rpm
8015c102df3ad06544c1ffea83212fd5
8.2/RPMS/ghostscript-module-X-6.53-13.3mdk.i586.rpm
68f9262a854e7c1191fd24353896d22c
8.2/RPMS/gimpprint-4.2.1-0.pre5.3mdk.i586.rpm
9a97abe1716d973fab426e512f02d678
8.2/RPMS/libgimpprint1-4.2.1-0.pre5.3mdk.i586.rpm
8362fbd5454fb23549989f76174eea91
8.2/RPMS/libgimpprint1-devel-4.2.1-0.pre5.3mdk.i586.rpm
c4d15ea95de55bb1c3eb095b0b4364da 8.2/RPMS/omni-0.6.0-2.3mdk.i586.rpm
2762ba487578cd4ba87e56a5f21dd29c
8.2/RPMS/printer-filters-1.0-48.3mdk.i586.rpm
75ae4ec0b70f3da9c67714dab1d4d54e
8.2/RPMS/printer-testpages-1.0-48.3mdk.i586.rpm
880d4397b61366a56f87dea7d15f9541 8.2/RPMS/printer-utils-1.0-48.3mdk.i586.rpm
04a4a67f87a04654aa93329379214317
8.2/SRPMS/printer-drivers-1.0-48.3mdk.src.rpm

Mandrake Linux 8.2/PPC:
dd1b8b567f27c8bd0169d76511939740
ppc/8.2/RPMS/cups-drivers-1.1-48.3mdk.ppc.rpm
d96230121989770b79399a7aad299834
ppc/8.2/RPMS/foomatic-1.1-0.20020323mdk.ppc.rpm
a8f6787ef584c74f9cb1fe712c2daddb
ppc/8.2/RPMS/ghostscript-6.53-13.3mdk.ppc.rpm
035faee6fa70cae5627a243cc13798b3
ppc/8.2/RPMS/ghostscript-module-X-6.53-13.3mdk.ppc.rpm
7080e346cefc8371aedee4a220c3e212
ppc/8.2/RPMS/gimpprint-4.2.1-0.pre5.3mdk.ppc.rpm
3c14663f32f7dba18cbaab06eb9056f6
ppc/8.2/RPMS/libgimpprint1-4.2.1-0.pre5.3mdk.ppc.rpm
e813c250e8b0b79f0a9938d8fc2c5bf1
ppc/8.2/RPMS/libgimpprint1-devel-4.2.1-0.pre5.3mdk.ppc.rpm
9fbbbba420a943cac659934dcfe651c9 ppc/8.2/RPMS/omni-0.6.0-2.3mdk.ppc.rpm
11fd25db09338592399afa9f87932e5e
ppc/8.2/RPMS/printer-filters-1.0-48.3mdk.ppc.rpm
0480157848184ecd6f7c3949bf2b5384
ppc/8.2/RPMS/printer-testpages-1.0-48.3mdk.ppc.rpm
4b8d3bc5fce468495585eb00adbc3ae0
ppc/8.2/RPMS/printer-utils-1.0-48.3mdk.ppc.rpm
04a4a67f87a04654aa93329379214317
ppc/8.2/SRPMS/printer-drivers-1.0-48.3mdk.src.rpm

Mandrake Linux 9.0:
aea19db660ed07ab74e7ca7b69cad216 9.0/RPMS/cups-drivers-1.1-84.3mdk.i586.rpm
ccfec0900853fcdeaa2a1ec051310f2e
9.0/RPMS/foomatic-2.0.2-20021220.2.3mdk.i586.rpm
c179c1b205d1dbd529cf06326ceb3ec7 9.0/RPMS/ghostscript-7.05-33.3mdk.i586.rpm
b9ab3bc8caf0a386242b399d6d56d4ac
9.0/RPMS/ghostscript-module-X-7.05-33.3mdk.i586.rpm
abbb928bf81434c41b049b42311d257a 9.0/RPMS/gimpprint-4.2.5-0.2.3mdk.i586.rpm
5ece76a3b7a0cb5994976ea16df2bcd4
9.0/RPMS/libgimpprint1-4.2.5-0.2.3mdk.i586.rpm
f9cdc11bfd3fe0e9171ef6d89998f7c7
9.0/RPMS/libgimpprint1-devel-4.2.5-0.2.3mdk.i586.rpm
d23c652296df1389ef1340ef19806fa0 9.0/RPMS/omni-0.7.1-11.3mdk.i586.rpm
0609ace94d1a39215dd3abd99a8c7e2c
9.0/RPMS/printer-filters-1.0-84.3mdk.i586.rpm
5171fcbe0d917699832824beba8a878f
9.0/RPMS/printer-testpages-1.0-84.3mdk.i586.rpm
eb6578c57de83aab79d91dd318b96692 9.0/RPMS/printer-utils-1.0-84.3mdk.i586.rpm
49c2a573b772796b7d0cf3ac384dd747 9.0/RPMS/libijs0-0.34-24.3mdk.i586.rpm
a82adb5008ac22c603dfbdc5777fc72b 9.0/RPMS/libijs0-devel-0.34-24.3mdk.i586.rpm
447342be8d0ec6461aa39c7378054358
9.0/SRPMS/printer-drivers-1.0-84.3mdk.src.rpm

Mandrake Linux 9.1:
2e5ec9285d93793c0e412cc76ea20741 9.1/RPMS/cups-drivers-1.1-104.2mdk.i586.rpm
e42bcdcc18f1d85e454c43bd8a60189e
9.1/RPMS/foomatic-db-3.0-0.beta2.20030403.2.2mdk.i586.rpm
4363bc896edce1a64e7893418d73767d
9.1/RPMS/foomatic-db-engine-3.0-0.beta2.20030403.2.2mdk.i586.rpm
75349b84600abffb619fcd0736f75ad0
9.1/RPMS/foomatic-filters-3.0-0.beta2.20030403.2.2mdk.i586.rpm
36a6059da9cf971495e95e57075d1fff 9.1/RPMS/ghostscript-7.05-53.2mdk.i586.rpm
c3130fdaee8f1350b6f3f0746449ce47
9.1/RPMS/ghostscript-module-X-7.05-53.2mdk.i586.rpm
6e79d0be3652c5cdd9a76adcf4aef5f0 9.1/RPMS/gimpprint-4.2.5-18.2mdk.i586.rpm
9343787de3c3f894f241ef2518647d41
9.1/RPMS/libgimpprint1-4.2.5-18.2mdk.i586.rpm
1b1bba4583a231931f40b754cbe57193
9.1/RPMS/libgimpprint1-devel-4.2.5-18.2mdk.i586.rpm
9b7e9483ce0c8a1f670cbc0ceb809eb1 9.1/RPMS/omni-0.7.2-20.2mdk.i586.rpm
440c1ad03b0a3d3533d0d41ac6d2b187
9.1/RPMS/printer-filters-1.0-104.2mdk.i586.rpm
a09036facfee0b5ae198732e9d55eff9
9.1/RPMS/printer-testpages-1.0-104.2mdk.i586.rpm
f97ec04ecfedb77dc388f3806487a9bc 9.1/RPMS/printer-utils-1.0-104.2mdk.i586.rpm
0cbc6f80a9cc340a5ad6f13e50d568d5 9.1/RPMS/libijs0-0.34-44.2mdk.i586.rpm
aa4c279b848df5b6333f9e7e90ccf0a4 9.1/RPMS/libijs0-devel-0.34-44.2mdk.i586.rpm
e467a44d0c5fa8fb41262eccb1928dd0
9.1/SRPMS/printer-drivers-1.0-104.2mdk.src.rpm

Mandrake Linux 9.1/PPC:
84fe4e8c1cbb4f437beca5b0902b55c5
ppc/9.1/RPMS/cups-drivers-1.1-104.2mdk.ppc.rpm
9a0730008855c362306b1053164a239a
ppc/9.1/RPMS/foomatic-db-3.0-0.beta2.20030403.2.2mdk.ppc.rpm
1e2c8b9f1df1e307df95c00050a2fb0d
ppc/9.1/RPMS/foomatic-db-engine-3.0-0.beta2.20030403.2.2mdk.ppc.rpm
492d63897e1f3f44b3a803c4c64b8563
ppc/9.1/RPMS/foomatic-filters-3.0-0.beta2.20030403.2.2mdk.ppc.rpm
1c7ba1c5cdcb9ab798fd6286f70d9206
ppc/9.1/RPMS/ghostscript-7.05-53.2mdk.ppc.rpm
d99f72bc51a18db5e8cc4237f77c765d
ppc/9.1/RPMS/ghostscript-module-X-7.05-53.2mdk.ppc.rpm
dca9edeff21c9dbc7121a06f44dc0526 ppc/9.1/RPMS/gimpprint-4.2.5-18.2mdk.ppc.rpm
5485c5a1eaa3874884d389c301e2d0dc
ppc/9.1/RPMS/libgimpprint1-4.2.5-18.2mdk.ppc.rpm
9dee2792793ecc7e0fe00ef2f47ce3cf
ppc/9.1/RPMS/libgimpprint1-devel-4.2.5-18.2mdk.ppc.rpm
1ee916a0b562cb228e74b7f06dc53758 ppc/9.1/RPMS/omni-0.7.2-20.2mdk.ppc.rpm
3ac0740a8bcb31ea6daa374be3028d6a
ppc/9.1/RPMS/printer-filters-1.0-104.2mdk.ppc.rpm
35eb41e3b6bdaa03b4d1e1e3398ff028
ppc/9.1/RPMS/printer-testpages-1.0-104.2mdk.ppc.rpm
5ed1e5905c9cc8a300daaab1d80763dc
ppc/9.1/RPMS/printer-utils-1.0-104.2mdk.ppc.rpm
466ea6d76c1655ec6e93d75a003ff235 ppc/9.1/RPMS/libijs0-0.34-44.2mdk.ppc.rpm
f13a3c6dc17eb6bfe32bf5c8a8021ad3
ppc/9.1/RPMS/libijs0-devel-0.34-44.2mdk.ppc.rpm
e467a44d0c5fa8fb41262eccb1928dd0
ppc/9.1/SRPMS/printer-drivers-1.0-104.2mdk.src.rpm
________________________________________________________________________

Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
________________________________________________________________________

To upgrade automatically, use MandrakeUpdate. The verification of md5
checksums and GPG signatures is performed automatically for you.

If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm". A list of
FTP mirrors can be obtained from:

http://www.mandrakesecure.net/en/ftp.php

Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command:

rpm --checksig <filename>

All packages are signed by MandrakeSoft for security. You can obtain
the GPG public key of the Mandrake Linux Security Team from:

https://www.mandrakesecure.net/RPM-GPG-KEYS

Please be aware that sometimes it takes the mirrors a few hours to
update.

You can view other update advisories for Mandrake Linux at:

http://www.mandrakesecure.net/en/advisories/

MandrakeSoft has several security-related mailing list services that
anyone can subscribe to. Information on these lists can be obtained by
visiting:

http://www.mandrakesecure.net/en/mlist.php

If you want to report vulnerabilities, please contact

security_linux-mandrake.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.7 (GNU/Linux)

mQGiBDlp594RBAC2tDozI3ZgQsE7XwxurJCJrX0L5vx7SDByR5GHDdWekGhdiday
L4nfUax+SeR9SCoCgTgPW1xB8vtQc8/sinJlMjp9197a2iKM0FOcPlkpa3HcOdt7
WKJqQhlMrHvRcsivzcgqjH44GBBJIT6sygUF8k0lU6YnMHj5MPc/NGWt8wCg9vKo
P0l5QVAFSsHtqcU9W8cc7wMEAJzQsAlnvPXDBfBLEH6u7ptWFdp0GvbSuG2wRaPl
hynHvRiE01ZvwbJZXsPsKm1z7uVoW+NknKLunWKB5axrNXDHxCYJBzY3jTeFjsqx
PFZkIEAQphLTkeXXelAjQ5u9tEshPswEtMvJvUgNiAfbzHfPYmq8D6x5xOw1IySg
2e/LBACxr2UJYCCB2BZ3p508mAB0RpuLGukq+7UWiOizy+kSskIBg2O7sQkVY/Cs
iyGEo4XvXqZFMY39RBdfm2GY+WB/5NFiTOYJRKjfprP6K1YbtsmctsX8dG+foKsD
LLFs7OuVfaydLQYp1iiN6D+LJDSMPM8/LCWzZsgr9EKJ8NXiyrQ6TGludXggTWFu
ZHJha2UgU2VjdXJpdHkgVGVhbSA8c2VjdXJpdHlAbGludXgtbWFuZHJha2UuY29t
PohWBBMRAgAWBQI5aefeBAsKBAMDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmK6LAKCy
/NInDsaMSI+WHwrquwC5PZrcnQCeI+v3gUDsNfQfiKBvQSANu1hdulqIRgQQEQIA
BgUCOtNVGQAKCRBZ5w3um0pAJJWQAKDUoL5He+mKbfrMaTuyU5lmRyJ0fwCgoFAP
WdvQlu/kFjphF740XeOwtOqIRgQQEQIABgUCOu8A6QAKCRBynDnb9lq3CnpjAJ4w
Pk0SEE9U4r40IxWpwLU+wrWVugCdFfSPllPpZRCiaC7HwbFcfExRmPaIRgQQEQIA
BgUCPI+UAwAKCRDniYrgcHcf8xK5AKCm/Mq8qP8GE0o1hEX22QsJMZwH5gCfZ72H
8TacOb3oAmBdprf+K6gkdOiIRgQQEQIABgUCOtOieAAKCRCv2bZyU0yB80MeAJ9K
+jXt0cKuaUonRU+CRGetk6t9dgCfTRRL6/puOKdD6md70+K5EBBSvsG0OE1hbmRy
YWtlIExpbnV4IFNlY3VyaXR5IFRlYW0gPHNlY3VyaXR5QG1hbmRyYWtlc29mdC5j
b20+iFcEExECABcFAjyPnuUFCwcKAwQDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmFi+
AJsHhohgnU3ik4+gy3EdFlB2i/MBoACg6lHn5cnVvTcmgNccWxeNxLLZI5e5AQ0E
OWnn7xAEAOQlTVY4TiNo5V/iP0J1xnqjqlqZsU7yEBKo/gZz6/+hx75RURe1ebiJ
9F779FQbpJ9Epz1KLSXvq974rnVb813zuGdmgFyk+ryA/rTR2RQ8h+EoNkwmATzR
xBXVJb57fFQjxOu4eNjZAtfII/YXb0uyXXrdr5dlJ/3eXrcO4p0XAAMFBACCxo6Z
269s+A4v8C6Ui12aarOQcCDlV8cVG9LkyatU3FNTlnasqwo6EkaP572448weJWwN
6SCXVl+xOYLiK0hL/6Jb/O9Agw75yUVdk+RMM2I4fNEi+y4hmfMh2siBv8yEkEvZ
jTcl3TpkTfzYky85tu433wmKaLFOv0WjBFSikohGBBgRAgAGBQI5aefvAAoJEJqo
0NAiRYqYid0AoJgeWzXrEdIClBOSW5Q6FzqJJyaqAKC0Y9YI3UFlE4zSIGjcFlLJ
EJGXlA==
=yGlX
-----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE+5gwsmqjQ0CJFipgRAnI9AKDRYrdzcAV4MJ/Rd72Pm1q7eI1K7QCcD0mA
sOjU47uU0AO07/b4VHffdxc=
=hyWi
-----END PGP SIGNATURE-----
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung