Fedora 10: 2009-1293 Critical: Enscript Memory Leak Patch
fedora
November 5, 2008
There were found various buffer overflows in enscript
Summary
GNU enscript is a free replacement for Adobe's Enscript
program. Enscript converts ASCII files to PostScript(TM) and spools
generated PostScript output to the specified printer or saves it to a
file. Enscript can be extended to handle different output media and
includes many options for customizing printouts.
There were found various buffer overflows in enscript. This update fixes
CVE-2008-3863 and CVE-2008-4306
* Mon Nov 3 2008 Adam Tkac
- fixed various buffer overflows (CVE-2008-3863, CVE-2008-4306)
[ 1 ] Bug #466771 - CVE-2008-3863 enscript: "setfilename" special escape buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=466771
[ 2 ] Bug #469311 - CVE-2008-4306 enscript: "font" special escape buffer overflows
https://bugzilla.redhat.com/show_bug.cgi?id=469311
su -c 'yum update enscript' at the command line.
For more information, refer to "Managing Software with yum",
available at .
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Topics Covered
Change Log
References
Update Instructions
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Product: Fedora 9
Version: 1.6.4
Release: 10.fc9
URL: Summary : A plain ASCII to PostScript converter.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!