[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#561717: marked as done (gs-gpl: open security issues in etch)

Your message dated Tue, 23 Feb 2010 19:38:25 +0100
with message-id <20100223183825.GA29422@inutil.org>
and subject line Re: gs-gpl: open security issues in etch
has caused the Debian Bug report #561717,
regarding gs-gpl: open security issues in etch
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
561717: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561717
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: gs-gpl
Version: 8.54.dfsg.1-5
Severity: grave
Tags: security

Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for ghostscript.  gs-gpl is the source package for
ghostscript in etch.  I have not determined whether the vulnerable code
related to these CVEs is present there, but it is very likely. Please
check and work with the security team to release updates.

CVE-2007-2721[0]:
| The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer
| JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted
| attackers to cause a denial of service (crash) and possibly corrupt
| the heap via malformed image files, as originally demonstrated using
| imagemagick convert.

CVE-2007-6725[1]:
| The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly
| other versions, allows remote attackers to cause a denial of service
| (crash) and possibly execute arbitrary code via a crafted PDF file
| that triggers a buffer underflow in the cf_decode_2d function.

CVE-2008-3520[2]:
| Multiple integer overflows in JasPer 1.900.1 might allow
| context-dependent attackers to have an unknown impact via a crafted
| image file, related to integer multiplication for memory allocation.

CVE-2008-3522[3]:
| Buffer overflow in the jas_stream_printf function in
| libjasper/base/jas_stream.c in JasPer 1.900.1 might allow
| context-dependent attackers to have an unknown impact via vectors
| related to the mif_hdr_put function and use of vsprintf.

CVE-2008-6679[4]:
| Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and
| possibly other versions, allows remote attackers to cause a denial of
| service (ps2pdf crash) and possibly execute arbitrary code via a
| crafted Postscript file.

CVE-2009-0196[5]:
| Heap-based buffer overflow in the big2_decode_symbol_dict function
| (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in
| Ghostscript 8.64, and probably earlier versions, allows remote
| attackers to execute arbitrary code via a PDF file with a JBIG2 symbol
| dictionary segment with a large run length value.

CVE-2009-0792[6]:
| Multiple integer overflows in icc.c in the International Color
| Consortium (ICC) Format library (aka icclib), as used in Ghostscript
| 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and
| earlier, allow context-dependent attackers to cause a denial of
| service (heap-based buffer overflow and application crash) or possibly
| execute arbitrary code by using a device file for a translation
| request that operates on a crafted image file and targets a certain
| "native color space," related to an ICC profile in a (1) PostScript or
| (2) PDF file with embedded images.  NOTE: this issue exists because of
| an incomplete fix for CVE-2009-0583.

If you fix the vulnerabilities please also make sure to include the
CVE ids in your changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2721
    http://security-tracker.debian.org/tracker/CVE-2007-2721
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6725
    http://security-tracker.debian.org/tracker/CVE-2007-6725
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520
    http://security-tracker.debian.org/tracker/CVE-2008-3520
[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522
    http://security-tracker.debian.org/tracker/CVE-2008-3522
[4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6679
    http://security-tracker.debian.org/tracker/CVE-2008-6679
[5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196
    http://security-tracker.debian.org/tracker/CVE-2009-0196
[6] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792
    http://security-tracker.debian.org/tracker/CVE-2009-0792

--- End Message ---
--- Begin Message --- 
On Sat, Dec 19, 2009 at 03:18:49PM -0500, Michael Gilbert wrote:
> Package: gs-gpl
> Version: 8.54.dfsg.1-5
> Severity: grave
> Tags: security
> 
> Hi,
> the following CVE (Common Vulnerabilities & Exposures) ids were
> published for ghostscript.  gs-gpl is the source package for
> ghostscript in etch.  I have not determined whether the vulnerable code
> related to these CVEs is present there, but it is very likely. Please
> check and work with the security team to release updates.

Closing, gs-gpl is only in Etch, for which security support ended a
week ago.

Cheers,
        Moritz

--- End Message ---
Reply to: