drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in GPL Ghostscript
Name: |
Mehrere Probleme in GPL Ghostscript |
|
ID: |
201811-12 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Sa, 24. November 2018, 22:41 |
|
Referenzen: |
https://nvd.nist.gov/vuln/detail/CVE-2017-9739
https://nvd.nist.gov/vuln/detail/CVE-2017-9620
https://nvd.nist.gov/vuln/detail/CVE-2017-9618
https://nvd.nist.gov/vuln/detail/CVE-2018-15909
https://nvd.nist.gov/vuln/detail/CVE-2018-16513
https://nvd.nist.gov/vuln/detail/CVE-2017-9740
https://nvd.nist.gov/vuln/detail/CVE-2018-16585
https://nvd.nist.gov/vuln/detail/CVE-2017-7948
https://nvd.nist.gov/vuln/detail/CVE-2017-9726
https://nvd.nist.gov/vuln/detail/CVE-2018-15910
https://nvd.nist.gov/vuln/detail/CVE-2017-9610
https://nvd.nist.gov/vuln/detail/CVE-2018-16510
https://nvd.nist.gov/vuln/detail/CVE-2018-16511
https://nvd.nist.gov/vuln/detail/CVE-2018-18284
https://nvd.nist.gov/vuln/detail/CVE-2017-9611
https://nvd.nist.gov/vuln/detail/CVE-2017-9727
https://nvd.nist.gov/vuln/detail/CVE-2018-16540
https://nvd.nist.gov/vuln/detail/CVE-2017-9835
https://nvd.nist.gov/vuln/detail/CVE-2018-15911
https://nvd.nist.gov/vuln/detail/CVE-2017-11714
https://nvd.nist.gov/vuln/detail/CVE-2018-16541
https://nvd.nist.gov/vuln/detail/CVE-2018-15908
https://nvd.nist.gov/vuln/detail/CVE-2018-16802
https://nvd.nist.gov/vuln/detail/CVE-2018-10194
https://nvd.nist.gov/vuln/detail/CVE-2018-19409
https://nvd.nist.gov/vuln/detail/CVE-2017-9612
https://nvd.nist.gov/vuln/detail/CVE-2018-16539
https://nvd.nist.gov/vuln/detail/CVE-2018-16509
https://nvd.nist.gov/vuln/detail/CVE-2018-16543
https://nvd.nist.gov/vuln/detail/CVE-2018-16542
https://nvd.nist.gov/vuln/detail/CVE-2017-9619 |
|
Applikationen: |
Ghostscript |
|
Originalnachricht |
--v9Ux+11Zm5mwPlX6 Content-Type: text/plain; charset=utf-8 Content-Disposition: inlin Content-Transfer-Encoding: quoted-printable
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201811-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal Title: GPL Ghostscript: Multiple vulnerabilities Date: November 24, 2018 Bugs: #618820, #626418, #635426, #655404, #668846, #671732 ID: 201811-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis ========
Multiple vulnerabilities have been found in GPL Ghostscript, the worst of which could result in the execution of arbitrary code.
Background ==========
Ghostscript is an interpreter for the PostScript language and for PDF.
Affected packages =================
------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/ghostscript-gpl < 9.26 >= 9.26
Description ===========
Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for additional information.
Impact ======
A context-dependent attacker could entice a user to open a specially crafted PostScript file or PDF document using GPL Ghostscript possibly resulting in the execution of arbitrary code with the privileges of the process, a Denial of Service condition, or other unspecified impacts,
Workaround ==========
There is no known workaround at this time.
Resolution ==========
All GPL Ghostscript users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-text/ghostscript-gpl-9.26"
References ==========
[ 1 ] CVE-2017-11714 https://nvd.nist.gov/vuln/detail/CVE-2017-11714 [ 2 ] CVE-2017-7948 https://nvd.nist.gov/vuln/detail/CVE-2017-7948 [ 3 ] CVE-2017-9610 https://nvd.nist.gov/vuln/detail/CVE-2017-9610 [ 4 ] CVE-2017-9611 https://nvd.nist.gov/vuln/detail/CVE-2017-9611 [ 5 ] CVE-2017-9612 https://nvd.nist.gov/vuln/detail/CVE-2017-9612 [ 6 ] CVE-2017-9618 https://nvd.nist.gov/vuln/detail/CVE-2017-9618 [ 7 ] CVE-2017-9619 https://nvd.nist.gov/vuln/detail/CVE-2017-9619 [ 8 ] CVE-2017-9620 https://nvd.nist.gov/vuln/detail/CVE-2017-9620 [ 9 ] CVE-2017-9726 https://nvd.nist.gov/vuln/detail/CVE-2017-9726 [ 10 ] CVE-2017-9727 https://nvd.nist.gov/vuln/detail/CVE-2017-9727 [ 11 ] CVE-2017-9739 https://nvd.nist.gov/vuln/detail/CVE-2017-9739 [ 12 ] CVE-2017-9740 https://nvd.nist.gov/vuln/detail/CVE-2017-9740 [ 13 ] CVE-2017-9835 https://nvd.nist.gov/vuln/detail/CVE-2017-9835 [ 14 ] CVE-2018-10194 https://nvd.nist.gov/vuln/detail/CVE-2018-10194 [ 15 ] CVE-2018-15908 https://nvd.nist.gov/vuln/detail/CVE-2018-15908 [ 16 ] CVE-2018-15909 https://nvd.nist.gov/vuln/detail/CVE-2018-15909 [ 17 ] CVE-2018-15910 https://nvd.nist.gov/vuln/detail/CVE-2018-15910 [ 18 ] CVE-2018-15911 https://nvd.nist.gov/vuln/detail/CVE-2018-15911 [ 19 ] CVE-2018-16509 https://nvd.nist.gov/vuln/detail/CVE-2018-16509 [ 20 ] CVE-2018-16510 https://nvd.nist.gov/vuln/detail/CVE-2018-16510 [ 21 ] CVE-2018-16511 https://nvd.nist.gov/vuln/detail/CVE-2018-16511 [ 22 ] CVE-2018-16513 https://nvd.nist.gov/vuln/detail/CVE-2018-16513 [ 23 ] CVE-2018-16539 https://nvd.nist.gov/vuln/detail/CVE-2018-16539 [ 24 ] CVE-2018-16540 https://nvd.nist.gov/vuln/detail/CVE-2018-16540 [ 25 ] CVE-2018-16541 https://nvd.nist.gov/vuln/detail/CVE-2018-16541 [ 26 ] CVE-2018-16542 https://nvd.nist.gov/vuln/detail/CVE-2018-16542 [ 27 ] CVE-2018-16543 https://nvd.nist.gov/vuln/detail/CVE-2018-16543 [ 28 ] CVE-2018-16585 https://nvd.nist.gov/vuln/detail/CVE-2018-16585 [ 29 ] CVE-2018-16802 https://nvd.nist.gov/vuln/detail/CVE-2018-16802 [ 30 ] CVE-2018-18284 https://nvd.nist.gov/vuln/detail/CVE-2018-18284 [ 31 ] CVE-2018-19409 https://nvd.nist.gov/vuln/detail/CVE-2018-19409
Availability ============
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201811-12
Concerns? =========
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License =======
Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
--v9Ux+11Zm5mwPlX6 Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEiDRK3jyVBE/RkymqpRQw84X1dt0FAlv5qxAACgkQpRQw84X1 dt30cgf/R6k3Hevvy9Wmhje+EVNCv9t5DiGKfhB6b29YDWe9Phg/4j9ElkRwl1xI yf78HENsQ0UVEChZD84KUFGiOEwIaVeIe5MCE6vhSvID+ajOMySB9fj9yichBbTh zfBCfFUkPQ0Wa+BP2FVPyvF91EL9qAzz2TPt2bguzNCeh2fCWxcjZ3Wv/TI+Pwuc PWqfpNmcpMNtYCtP1posrmdjMqJm5006/yDE19+NYVtcqNwPhffo3su3P5Pl9U1o rDbLZIP4AiabRy1WlFbuIiE4SENBD+9H1YHrYK2IHhw0dPUccjoIQ/tUlex06Mwh P/b2ig0912wDMzs761rTcAhsDhI4ZQ== =xIGL -----END PGP SIGNATURE-----
--v9Ux+11Zm5mwPlX6--
|
|
|
|