[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#861295: marked as done (ghostscript: CVE-2017-8291: shell injection)

Your message dated Fri, 28 Apr 2017 21:02:08 +0000
with message-id <E1d4D1k-0007yW-Re@fasolo.debian.org>
and subject line Bug#861295: fixed in ghostscript 9.06~dfsg-2+deb8u5
has caused the Debian Bug report #861295,
regarding ghostscript: CVE-2017-8291: shell injection
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
861295: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861295
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Source: ghostscript
Version: 9.06~dfsg-2
Severity: grave
Tags: upstream security
Justification: user security hole
Forwarded: https://bugs.ghostscript.com/show_bug.cgi?id=697808

Hi,

the following vulnerability was published for ghostscript.

CVE-2017-8291[0]:
| Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote
| command execution via a "/OutputFile (%pipe%" substring in a crafted
| .eps document that is an input to the gs program, as exploited in the
| wild in April 2017.

Regading the CVE assignment, note that it is psecific to the shell
injection, as per
https://bugs.ghostscript.com/show_bug.cgi?id=697808#c1 if the
segmentation violation that is seen when executing this sample
represents a second security issue then it will get a second CVE.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-8291
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8291
[1] https://bugs.ghostscript.com/show_bug.cgi?id=697808

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
Source: ghostscript
Source-Version: 9.06~dfsg-2+deb8u5

We believe that the bug you reported is fixed in the latest version of
ghostscript, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 861295@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Salvatore Bonaccorso <carnil@debian.org> (supplier of updated ghostscript package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 28 Apr 2017 10:32:58 +0200
Source: ghostscript
Binary: ghostscript ghostscript-x ghostscript-doc libgs9 libgs9-common libgs-dev ghostscript-dbg
Architecture: all source
Version: 9.06~dfsg-2+deb8u5
Distribution: jessie-security
Urgency: high
Maintainer: Debian Printing Team <debian-printing@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 858350 859666 859694 859696 861295
Description: 
 ghostscript - interpreter for the PostScript language and for PDF
 ghostscript-dbg - interpreter for the PostScript language and for PDF - Debug symbo
 ghostscript-doc - interpreter for the PostScript language and for PDF - Documentati
 ghostscript-x - interpreter for the PostScript language and for PDF - X11 support
 libgs-dev  - interpreter for the PostScript language and for PDF - Development
 libgs9     - interpreter for the PostScript language and for PDF - Library
 libgs9-common - interpreter for the PostScript language and for PDF - common file
Changes:
 ghostscript (9.06~dfsg-2+deb8u5) jessie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Avoid divide by 0 in scan conversion code (CVE-2016-10219) (Closes:
     #859666)
   * fix crash with bad data supplied to makeimagedevice (CVE-2016-10220)
     (Closes: #859694)
   * use the correct param list enumerator (CVE-2017-5951) (Closes: #859696)
   * Ensure a device has raster memory, before trying to read it
     (CVE-2017-7207) (Closes: #858350)
   * -dSAFER bypass and remote command execution via a "/OutputFile  (%pipe%"
     substring (CVE-2017-8291) (Closes: #861295)
Checksums-Sha1: 
 8f7c4346fe47fea21650056086bda263db9d6872 3044 ghostscript_9.06~dfsg-2+deb8u5.dsc
 e25ca1fd6c73d41ac2aaebd8c531a66317251713 99820 ghostscript_9.06~dfsg-2+deb8u5.debian.tar.xz
 a273d08977e14bdfc3a79bb96facbff938257629 5067584 ghostscript-doc_9.06~dfsg-2+deb8u5_all.deb
 88574e4609644e4ae7f8533b03c3180fe0744aed 1979830 libgs9-common_9.06~dfsg-2+deb8u5_all.deb
Checksums-Sha256: 
 16a0d747448b2218b32a4b2bc10f5889487f24c560ab30cffd032f12e4b7dfe5 3044 ghostscript_9.06~dfsg-2+deb8u5.dsc
 a8669894aa36a27a7cb377d534ea3b18e521b3cad081061b38efa4d053752b8f 99820 ghostscript_9.06~dfsg-2+deb8u5.debian.tar.xz
 277197c6bcec09f21fb5b5db572dc06b7de530003ba4d57185b63b9704e002b5 5067584 ghostscript-doc_9.06~dfsg-2+deb8u5_all.deb
 2fad4b983c3e377831bdbb41b2931b7801a5852af5e990dd73f25f0b1dedd206 1979830 libgs9-common_9.06~dfsg-2+deb8u5_all.deb
Files: 
 cd42658d6bb92c53893b6cc074447dd7 3044 text optional ghostscript_9.06~dfsg-2+deb8u5.dsc
 947cd7155561de35b402acc790acdc92 99820 text optional ghostscript_9.06~dfsg-2+deb8u5.debian.tar.xz
 86512a2ba1ae1616e1f684b8bed65638 5067584 doc optional ghostscript-doc_9.06~dfsg-2+deb8u5_all.deb
 14dd4974786b18da1e7baa84714f0509 1979830 libs optional libgs9-common_9.06~dfsg-2+deb8u5_all.deb

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlkDAKJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EMMoP/jOPsBQ2cXbxTb8ZbG3O8ZMPOyhWigVH
qq3gGgYXTWRez6NdSSGHNjiDCUX0NppYfiW0OqRnAAv0E1ypYQsqk/M2LBTkhMRy
D/oYFlZ2/B8RSo4/tQwCHxeUagj/AvaH7Pc6Zqf+njakhu6csz7vm2wJyAXVF/8V
wOIBTu3+61SGUijfDkXruBX3HuHTx1m53ijd73McdmmkSl6Ygs7HBjb2cfEFEDvM
BWBe6BpzVE4vzcxK+7SzLJoBgOrb50Df5ZaGdPRDcFQDMlPzmvTR8NEMFY6GIc9z
KuGDe1E+uCGGM8F+uR0xPHYlAQSkk3W6nAPNV+XunTanNuk682I29NKmSjNFQGDO
CztBciB1Ir8oK2mPfVWT/VIXuaNU4YvlOD/4dbwoXrOmWHsCbT9UsZuSkWw8niN9
/6nnD3vlQQEFkV3r0q8+VTAjf79WmI78tYE07jaj78ISbfzSJQW4DfDw3dmUnF3w
tVd9FX5PuWbj3EDnZvNVCkKi2lfNDU2BjqcT01NNOP+8E3tv3eIWuHCAMquTA6cQ
nouXe06AiBOxhKZh+lYkvJHJ9u4vZzleesqTDhfeMX0O7XHLOKVUW0FH5QQDx4To
OX5fkqwVmKCTqhWYVbzzPKvOnVNf0ZqyPGZgQe72a/Svfdk7363P9Uq4JielNjxV
ocbK4QPHpt9g
=RoV4
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: