You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa ghostscript

Sigurnosni nedostaci programskog paketa ghostscript

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3636-1
April 30, 2018

ghostscript vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS
– Ubuntu 17.10
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in Ghostscript.

Software Description:
– ghostscript: PostScript and PDF interpreter

Details:

It was discovered that Ghostscript incorrectly handled certain
PostScript files. An attacker could possibly use this to cause a denial
of server. (CVE-2016-10317)

It was discovered that Ghostscript incorrectly handled certain PDF
files. An attacker could possibly use this to cause a denial of
service. (CVE-2018-10194)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  ghostscript                     9.22~dfsg+1-0ubuntu1.1
  libgs9                          9.22~dfsg+1-0ubuntu1.1

Ubuntu 17.10:
  ghostscript                     9.21~dfsg+1-0ubuntu3.1
  libgs9                          9.21~dfsg+1-0ubuntu3.1

Ubuntu 16.04 LTS:
  ghostscript                     9.18~dfsg~0-0ubuntu2.8
  libgs9                          9.18~dfsg~0-0ubuntu2.8

Ubuntu 14.04 LTS:
  ghostscript                     9.10~dfsg-0ubuntu10.12
  libgs9                          9.10~dfsg-0ubuntu10.12

In general, a standard system update will make all the necessary
changes.

References:
  https://usn.ubuntu.com/usn/usn-3636-1
  CVE-2016-10317, CVE-2018-10194

Package Information:
  https://launchpad.net/ubuntu/+source/ghostscript/9.22~dfsg+1-0ubuntu1.1
  https://launchpad.net/ubuntu/+source/ghostscript/9.21~dfsg+1-0ubuntu3.1
  https://launchpad.net/ubuntu/+source/ghostscript/9.18~dfsg~0-0ubuntu2.8
  https://launchpad.net/ubuntu/+source/ghostscript/9.10~dfsg-0ubuntu10.12—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJa51jTAAoJEEW851uECx9pHh4P/1zUdj8BGvN+9bJs/DVWRiPv
k/pVDusZ2uBe8zXdncSxDPuM2ER2Dp0EbUBkchTKRCIqPCaogjqWNCNNcODtyU9Q
L9MVy9a62I1xcYUqXQRfy6TgyxqJKEMT0xiloLxWIkFXct0H7W3+Nh6W7oZAIjRQ
8WBKkYv/aQfmkxYEJtd3vFwwsxGvOHl5e3GP94rvACz2K8U+8+Pj4HLINHz0tyBp
Jna5MRLCX/T6ttcSkTqLqA7xYkETS/aM1PJnnnrAtfhVJSPdkJKsYi3FB4cYtnDp
NaQSvzGwLavXXHEDNKN79IFDmTIh1XyZ4Bf7DfJ1cAPHHKhA/d/O8ktyks7SaYna
IRWBu2/POIkWAPJhNGBoPeMnGNshbcAfsqTy1CwjXdcTUxJH+CdaqAIU3WlRbsYZ
I2grcIFXYcecjOG0h0X/3EG/8vBxZx8YyAUs8eSo/SaOgeEeRBG5l9HzIExq2y0/
X5U21qC9ZByqiuwNcDY1/kzvkwOxPXWNZDwygHVXOBTNIYS05ZX8aoaaXGicK1Uj
DmVo8MxQOL/Xb/XSnBBy5BBljeGlJHjH3WijXNtMh4nSgmXGA8+sPk4l6hFEnDCu
DnSNdWUdTtm2ArsQyMvyAHmuo57KhjUeiS1KvKnzqoszGxe7q7l+5S+AQowgGbyy
8bJI6x2rq/RGUuVElH8v
=ISGY
—–END PGP SIGNATURE—–

AutorVlatka Misic
Cert idNCERT-REF-2018-05-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa webkit2gtk

Otkriveni su sigurnosni nedostaci u programskom paketu webkit2gtk za operacijski sustav Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje XSS napada,...

Close