Mageia 7 Advisory: 2020-0344 Moderate Ghostscript Denial of Service
mageia
August 25, 2020
The updated packages fix security vulnerabilities: A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a re...
Summary
The updated packages fix security vulnerabilities:
A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c
of Artifex Software GhostScript v9.50 allows a remote attacker to cause
a denial of service via a crafted PDF file. (CVE-2020-16287)
A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c
of Artifex Software GhostScript v9.50 allows a remote attacker to cause
a denial of service via a crafted PDF file. (CVE-2020-16288)
A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c
of Artifex Software GhostScript v9.50 allows a remote attacker to cause
a denial of service via a crafted PDF file. (CVE-2020-16289)
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c
of Artifex Software GhostScript v9.50 allows a remote attacker to cause
a denial of service via a crafted PDF file. (CVE-2020-16290)
A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software
GhostScript v9.50 allows a rem...
References
- https://bugs.mageia.org/show_bug.cgi?id=27169
- https://lists.debian.org/debian-lts-announce/2020/08/msg00032.html
- https://www.cve.org/CVERecord?id=CVE-2020-16287
- https://www.cve.org/CVERecord?id=CVE-2020-16288
- https://www.cve.org/CVERecord?id=CVE-2020-16289
- https://www.cve.org/CVERecord?id=CVE-2020-16290
- https://www.cve.org/CVERecord?id=CVE-2020-16291
- https://www.cve.org/CVERecord?id=CVE-2020-16292
- https://www.cve.org/CVERecord?id=CVE-2020-16293
- https://www.cve.org/CVERecord?id=CVE-2020-16294
- https://www.cve.org/CVERecord?id=CVE-2020-16295
- https://www.cve.org/CVERecord?id=CVE-2020-16296
- https://www.cve.org/CVERecord?id=CVE-2020-16297
- https://www.cve.org/CVERecord?id=CVE-2020-16298
- https://www.cve.org/CVERecord?id=CVE-2020-16299
- https://www.cve.org/CVERecord?id=CVE-2020-16300
- https://www.cve.org/CVERecord?id=CVE-2020-16301
- https://www.cve.org/CVERecord?id=CVE-2020-16302
- https://www.cve.org/CVERecord?id=CVE-2020-16303
- https://www.cve.org/CVERecord?id=CVE-2020-16304
- https://www.cve.org/CVERecord?id=CVE-2020-16305
- https://www.cve.org/CVERecord?id=CVE-2020-16306
- https://www.cve.org/CVERecord?id=CVE-2020-16307
- https://www.cve.org/CVERecord?id=CVE-2020-16308
- https://www.cve.org/CVERecord?id=CVE-2020-16309
- https://www.cve.org/CVERecord?id=CVE-2020-16310
- https://www.cve.org/CVERecord?id=CVE-2020-17538
Resolution
SRPMS
- 7/core/ghostscript-9.27-1.6.mga7
PREVIOUS 
NEXT Publication date: 25 Aug 2020
URL: https://advisories.mageia.org/MGASA-2020-0344.html
Type: security
CVE: CVE-2020-16287, CVE-2020-16288, CVE-2020-16289, CVE-2020-16290, CVE-2020-16291, CVE-2020-16292, CVE-2020-16293, CVE-2020-16294, CVE-2020-16295, CVE-2020-16296, CVE-2020-16297, CVE-2020-16298, CVE-2020-16299, CVE-2020-16300, CVE-2020-16301, CVE-2020-16302, CVE-2020-16303, CVE-2020-16304, CVE-2020-16305, CVE-2020-16306, CVE-2020-16307, CVE-2020-16308, CVE-2020-16309, CVE-2020-16310, CVE-2020-17538
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!