Ubuntu 3866-3: Ghostscript regression

    Date26 Feb 2019
    CategoryUbuntu
    3021
    Posted ByLinuxSecurity Advisories
    USN-3866-2 introduced a regression in Ghostscript.
    ==========================================================================
    Ubuntu Security Notice USN-3866-3
    February 26, 2019
    
    ghostscript regression
    ==========================================================================
    
    A security issue affects these releases of Ubuntu and its derivatives:
    
    - Ubuntu 18.10
    - Ubuntu 18.04 LTS
    - Ubuntu 16.04 LTS
    - Ubuntu 14.04 LTS
    
    Summary:
    
    USN-3866-2 introduced a regression in Ghostscript.
    
    Software Description:
    - ghostscript: PostScript and PDF interpreter
    
    Details:
    
    USN-3866-2 fixed a regression in Ghostscript. The Ghostscript update
    introduced a new regression that resulted in certain pages being printed
    with a blue background. This update fixes the problem.
    
    Original advisory details:
    
     Tavis Ormandy discovered that Ghostscript incorrectly handled certain
     PostScript files. If a user or automated system were tricked into
     processing a specially crafted file, a remote attacker could possibly use
     this issue to access arbitrary files, execute arbitrary code, or cause a
     denial of service.
    
    Update instructions:
    
    The problem can be corrected by updating your system to the following
    package versions:
    
    Ubuntu 18.10:
      ghostscript                     9.26~dfsg+0-0ubuntu0.18.10.7
      libgs9                          9.26~dfsg+0-0ubuntu0.18.10.7
    
    Ubuntu 18.04 LTS:
      ghostscript                     9.26~dfsg+0-0ubuntu0.18.04.7
      libgs9                          9.26~dfsg+0-0ubuntu0.18.04.7
    
    Ubuntu 16.04 LTS:
      ghostscript                     9.26~dfsg+0-0ubuntu0.16.04.7
      libgs9                          9.26~dfsg+0-0ubuntu0.16.04.7
    
    Ubuntu 14.04 LTS:
      ghostscript                     9.26~dfsg+0-0ubuntu0.14.04.7
      libgs9                          9.26~dfsg+0-0ubuntu0.14.04.7
    
    In general, a standard system update will make all the necessary changes.
    
    References:
      https://usn.ubuntu.com/usn/usn-3866-3
      https://usn.ubuntu.com/usn/usn-3866-1
      https://launchpad.net/bugs/1817308
    
    Package Information:
      https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.18.10.7
      https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.18.04.7
      https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.16.04.7
      https://launchpad.net/ubuntu/+source/ghostscript/9.26~dfsg+0-0ubuntu0.14.04.7
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"23","type":"x","order":"1","pct":56.1,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":12.2,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"13","type":"x","order":"3","pct":31.71,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.