[ubuntu/cosmic-security] ghostscript 9.26~dfsg+0-0ubuntu0.18.10.4 (Accepted)

Sebastien Bacher seb128 at ubuntu.com
Sat Feb 23 11:23:24 UTC 2019


ghostscript (9.26~dfsg+0-0ubuntu0.18.10.4) cosmic-security; urgency=medium

  * SECURITY UPDATE: code execution vulnerability
    - debian/patches/CVE-2019-6116.patch: address .force* operators
      exposure in Resource/Init/gs_diskn.ps, Resource/Init/gs_dps1.ps,
      Resource/Init/gs_fntem.ps, Resource/Init/gs_fonts.ps,
      Resource/Init/gs_init.ps, Resource/Init/gs_lev2.ps,
      Resource/Init/gs_pdfwr.ps, Resource/Init/gs_res.ps,
      Resource/Init/gs_setpd.ps, Resource/Init/pdf_base.ps,
      Resource/Init/pdf_draw.ps, Resource/Init/pdf_font.ps,
      Resource/Init/pdf_main.ps, Resource/Init/pdf_ops.ps,
      psi/int.mak, psi/interp.c, psi/istack.c, psi/istack.h.
    - CVE-2019-6116

Date: 2019-01-16 15:54:17.867057+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Sebastien Bacher <seb128 at ubuntu.com>
https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.18.10.4
-------------- next part --------------
Sorry, changesfile not available.


More information about the Cosmic-changes mailing list