Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Alexander_Naumov:SLE-12:Update
patchinfo.4701
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.4701
<patchinfo incident="4701"> <issue id="1032120" tracker="bnc">VUL-1: CVE-2016-10220: ghostscript: The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc.Ghostscript 9.20 al...</issue> <issue id="1032114" tracker="bnc">VUL-1: CVE-2017-5951: ghostscript: The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc.Ghostscript 9.20 all...</issue> <issue id="1018128" tracker="bnc">VUL-1: CVE-2016-9601: ghostscript,ghostscript-library,jbig2dec: Heap-buffer overflow due to Integer overflow in jbig2_image_new function</issue> <issue id="1030263" tracker="bnc">VUL-1: CVE-2017-7207: ghostscript, ghostscript-library: The mem_get_bits_rectangle function allows remote attackers to cause a denial of service</issue> <issue id="1036453" tracker="bnc">EMU: VUL-0: CVE-2017-8291: ghostscript,ghostscript-library: Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remotecommand execution via a "/Ou...</issue> <issue id="2017-5951" tracker="cve" /> <issue id="2016-10220" tracker="cve" /> <issue id="2017-7207" tracker="cve" /> <issue id="2017-8291" tracker="cve" /> <issue id="2016-9601" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>vitezslav_cizek</packager> <description> This update for ghostscript fixes the following security vulnerabilities: CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. (bsc#1036453) CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misused to cause a Denial-of-Service. (bsc#1018128) CVE-2016-10220: A NULL pointer dereference in the PDF Transparency module allowed remote attackers to cause a Denial-of-Service. (bsc#1032120) CVE-2017-5951: A NULL pointer dereference allowed remote attackers to cause a denial of service via a crafted PostScript document. (bsc#1032114) CVE-2017-7207: A NULL pointer dereference allowed remote attackers to cause a denial of service via a crafted PostScript document. (bsc#1030263) </description> <summary>Security update for ghostscript</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor