Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Thu, 28 Feb 2008 17:18:55 -0600 Reply-To: Troy DawsonSender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for ghostscript on SL3.x, SL4.x, SL5.x i386/x86_64 Comments: To: " This email address is being protected from spambots. You need JavaScript enabled to view it. "Synopsis: Important: ghostscript security update Issue date: 2008-02-27 CVE Names: CVE-2008-0411 Chris Evans from the Google Security Team reported a stack-based buffer overflow flaw in Ghostscript's zseticcspace() function. An attacker could create a malicious PostScript file that would cause Ghostscript to execute arbitrary code when opened. (CVE-2008-0411) These updated packages also fix a bug, which prevented the pxlmono printer driver from producing valid output on Scientific Linux 4. SL 3.0.x SRPMS: ghostscript-7.05-32.1.13.src.rpm i386: ghostscript-7.05-32.1.13.i386.rpm ghostscript-devel-7.05-32.1.13.i386.rpm hpijs-1.3-32.1.13.i386.rpm x86_64: ghostscript-7.05-32.1.13.i386.rpm ghostscript-7.05-32.1.13.x86_64.rpm ghostscript-devel-7.05-32.1.13.x86_64.rpm hpijs-1.3-32.1.13.x86_64.rpm SL 4.x SRPMS: ghostscript-7.07-33.2.el4_6.1.src.rpm i386: ghostscript-7.07-33.2.el4_6.1.i386.rpm ghostscript-devel-7.07-33.2.el4_6.1.i386.rpm ghostscript-gtk-7.07-33.2.el4_6.1.i386.rpm x86_64: ghostscript-7.07-33.2.el4_6.1.i386.rpm ghostscript-7.07-33.2.el4_6.1.x86_64.rpm ghostscript-devel-7.07-33.2.el4_6.1.x86_64.rpm ghostscript-gtk-7.07-33.2.el4_6.1.x86_64.rpm SL 5.x SRPMS: ghostscript-8.15.2-9.1.el5_1.1.src.rpm i386: ghostscript-8.15.2-9.1.el5_1.1.i386.rpm ghostscript-devel-8.15.2-9.1.el5_1.1.i386.rpm ghostscript-gtk-8.15.2-9.1.el5_1.1.i386.rpm x86_64: ghostscript-8.15.2-9.1.el5_1.1.i386.rpm ghostscript-8.15.2-9.1.el5_1.1.x86_64.rpm ghostscript-devel-8.15.2-9.1.el5_1.1.i386.rpm ghostscript-devel-8.15.2-9.1.el5_1.1.x86_64.rpm ghostscript-gtk-8.15.2-9.1.el5_1.1.x86_64.rpm -Connie Sieh -Troy Dawson