--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2008-9351
2008-11-06 02:56:25
--------------------------------------------------------------------------------Name        : enscript
Product     : Fedora 8
Version     : 1.6.4
Release     : 9.fc8
URL         : Summary     : A plain ASCII to PostScript converter.
Description :
GNU enscript is a free replacement for Adobe's Enscript
program. Enscript converts ASCII files to PostScript(TM) and spools
generated PostScript output to the specified printer or saves it to a
file. Enscript can be extended to handle different output media and
includes many options for customizing printouts.

--------------------------------------------------------------------------------Update Information:

There were found various buffer overflows in enscript. This update fixes
CVE-2008-3863 and CVE-2008-4306
--------------------------------------------------------------------------------ChangeLog:

* Mon Nov  3 2008 Adam Tkac  1.6.4-9
- fixed various buffer overflows (CVE-2008-3863, CVE-2008-4306)
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #466771 - CVE-2008-3863 enscript: "setfilename" special escape buffer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=466771
  [ 2 ] Bug #469311 - CVE-2008-4306 enscript: "font" special escape buffer overflows
        https://bugzilla.redhat.com/show_bug.cgi?id=469311
--------------------------------------------------------------------------------This update can be installed with the "yum" update program.  Use 
su -c 'yum update enscript' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 8 Update: enscript-1.6.4-9.fc8

November 5, 2008
There were found various buffer overflows in enscript

Summary

GNU enscript is a free replacement for Adobe's Enscript

program. Enscript converts ASCII files to PostScript(TM) and spools

generated PostScript output to the specified printer or saves it to a

file. Enscript can be extended to handle different output media and

includes many options for customizing printouts.

There were found various buffer overflows in enscript. This update fixes

CVE-2008-3863 and CVE-2008-4306

* Mon Nov 3 2008 Adam Tkac 1.6.4-9

- fixed various buffer overflows (CVE-2008-3863, CVE-2008-4306)

[ 1 ] Bug #466771 - CVE-2008-3863 enscript: "setfilename" special escape buffer overflow

https://bugzilla.redhat.com/show_bug.cgi?id=466771

[ 2 ] Bug #469311 - CVE-2008-4306 enscript: "font" special escape buffer overflows

https://bugzilla.redhat.com/show_bug.cgi?id=469311

su -c 'yum update enscript' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2008-9351 2008-11-06 02:56:25 Product : Fedora 8 Version : 1.6.4 Release : 9.fc8 URL : Summary : A plain ASCII to PostScript converter. Description : GNU enscript is a free replacement for Adobe's Enscript program. Enscript converts ASCII files to PostScript(TM) and spools generated PostScript output to the specified printer or saves it to a file. Enscript can be extended to handle different output media and includes many options for customizing printouts. There were found various buffer overflows in enscript. This update fixes CVE-2008-3863 and CVE-2008-4306 * Mon Nov 3 2008 Adam Tkac 1.6.4-9 - fixed various buffer overflows (CVE-2008-3863, CVE-2008-4306) [ 1 ] Bug #466771 - CVE-2008-3863 enscript: "setfilename" special escape buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=466771 [ 2 ] Bug #469311 - CVE-2008-4306 enscript: "font" special escape buffer overflows https://bugzilla.redhat.com/show_bug.cgi?id=469311 su -c 'yum update enscript' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Product : Fedora 8
Version : 1.6.4
Release : 9.fc8
URL : Summary : A plain ASCII to PostScript converter.

Related News

22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly
19.Laptop Bed Esm H320
2 - 3 min read
The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux
4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
18.WifiCutout Landscape Esm H320
2 - 3 min read
A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The
21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While
13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved