Adsons

    Debian LTS: DLA-1670-1: ghostscript security update

    Date11 Feb 2019
    CategoryDebian LTS
    85
    Posted ByLinuxSecurity Advisories
    Tavis Ormandy discovered a vulnerability in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed (despite the -dSAFER sandbox being enabled).
    
    Package        : ghostscript
    Version        : 9.26a~dfsg-0+deb8u1
    CVE ID         : CVE-2019-6116
    
    Tavis Ormandy discovered a vulnerability in Ghostscript, the GPL
    PostScript/PDF interpreter, which may result in denial of service or the
    execution of arbitrary code if a malformed Postscript file is processed
    (despite the -dSAFER sandbox being enabled).
    
    For Debian 8 "Jessie", this problem has been fixed in version
    9.26a~dfsg-0+deb8u1.
    
    We recommend that you upgrade your ghostscript packages.
    
    Further information about Debian LTS security advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://wiki.debian.org/LTS
    

    Comments powered by CComment

    Sidebar Ad

    LinuxSecurity Poll

    Does your company/organization utilize open-source software?

    Message!

    Poll results are hidden from public viewing.

    You are not authorized to vote on this poll.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    5
    radio
    bottom200