[ubuntu/xenial-security] ghostscript 9.26~dfsg+0-0ubuntu0.16.04.4 (Accepted)

Sebastien Bacher seb128 at ubuntu.com
Sat Feb 23 11:20:01 UTC 2019


ghostscript (9.26~dfsg+0-0ubuntu0.16.04.4) xenial-security; urgency=medium

  * SECURITY UPDATE: code execution vulnerability
    - debian/patches/CVE-2019-6116.patch: address .force* operators
      exposure in Resource/Init/gs_diskn.ps, Resource/Init/gs_dps1.ps,
      Resource/Init/gs_fntem.ps, Resource/Init/gs_fonts.ps,
      Resource/Init/gs_init.ps, Resource/Init/gs_lev2.ps,
      Resource/Init/gs_pdfwr.ps, Resource/Init/gs_res.ps,
      Resource/Init/gs_setpd.ps, Resource/Init/pdf_base.ps,
      Resource/Init/pdf_draw.ps, Resource/Init/pdf_font.ps,
      Resource/Init/pdf_main.ps, Resource/Init/pdf_ops.ps,
      psi/int.mak, psi/interp.c, psi/istack.c, psi/istack.h.
    - CVE-2019-6116

Date: 2019-01-16 16:52:12.997162+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Sebastien Bacher <seb128 at ubuntu.com>
https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.16.04.4
-------------- next part --------------
Sorry, changesfile not available.


More information about the Xenial-changes mailing list