| Revision Date: | 2017-04-28 | Version: | 1 |
| Title: | Security update for ghostscript (Important) |
| Description: |
This update for ghostscript fixes the following security vulnerabilities:
CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. (bsc#1036453)
CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misused to cause a Denial-of-Service. (bsc#1018128)
CVE-2016-10220: A NULL pointer dereference in the PDF Transparency module allowed remote attackers to cause a Denial-of-Service. (bsc#1032120)
CVE-2017-5951: A NULL pointer dereference allowed remote attackers to cause a denial of service via a crafted PostScript document. (bsc#1032114)
CVE-2017-7207: A NULL pointer dereference allowed remote attackers to cause a denial of service via a crafted PostScript document. (bsc#1030263)
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1018128
1030263
1032114
1032120
1036453
CVE-2016-10220
CVE-2016-9601
CVE-2017-5951
CVE-2017-7207
CVE-2017-8291
SUSE-SU-2017:1138-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 12 SP1
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information
ghostscript-9.15-20.1 is installed
OR ghostscript-x11-9.15-20.1 is installed
|