SUSE-SU-2016:2493-1
- Source
- https://www.suse.com/support/update/announcement/2016/suse-su-20162493-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:2493-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2016:2493-1
- Related
- Published
- 2016-10-11T13:08:17Z
- Modified
- 2016-10-11T13:08:17Z
- Summary
- Security update for ghostscript-library
- Details
-
This update for ghostscript-library fixes the following issues:
Multiple security vulnerabilities have been discovered where ghostscript's '-dsafer' flag did not provide sufficient protection against unintended access to the file system. Thus, a machine that would process a specially crafted Postscript file would potentially leak sensitive information to an attacker. (CVE-2013-5653, CVE-2016-7977, bsc#1001951)
Insufficient validation of the type of input in .initializedscparser used to allow remote code execution. (CVE-2016-7979, bsc#1001951)
An integer overflow in the gsheapalloc_bytes function used to allow remote attackers to cause a denial of service (crash) via specially crafted Postscript files. (CVE-2015-3228, boo#939342)
- References
-
- https://www.suse.com/support/update/announcement/2016/suse-su-20162493-1/
- https://bugzilla.suse.com/1001951
- https://bugzilla.suse.com/939342
- https://www.suse.com/security/cve/CVE-2013-5653
- https://www.suse.com/security/cve/CVE-2015-3228
- https://www.suse.com/security/cve/CVE-2016-7977
- https://www.suse.com/security/cve/CVE-2016-7979
Affected packages
SUSE:Linux Enterprise Software Development Kit 11 SP4 / ghostscript-library
Package
- Name
- ghostscript-library
- Purl
- pkg:rpm/suse/ghostscript-library&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4
SUSE:OpenStack Cloud 5 / ghostscript-library
Package
- Name
- ghostscript-library
- Purl
- pkg:rpm/suse/ghostscript-library&distro=SUSE%20OpenStack%20Cloud%205
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.62-32.38.1
Ecosystem specific
{
"binaries": [
{
"ghostscript-fonts-other": "8.62-32.38.1",
"ghostscript-fonts-std": "8.62-32.38.1",
"libgimpprint": "4.2.7-32.38.1",
"ghostscript-x11": "8.62-32.38.1",
"ghostscript-fonts-rus": "8.62-32.38.1",
"ghostscript-library": "8.62-32.38.1",
"ghostscript-omni": "8.62-32.38.1"
}
]
}
SUSE:Manager 2.1 / ghostscript-library
Package
- Name
- ghostscript-library
- Purl
- pkg:rpm/suse/ghostscript-library&distro=SUSE%20Manager%202.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.62-32.38.1
Ecosystem specific
{
"binaries": [
{
"ghostscript-fonts-other": "8.62-32.38.1",
"ghostscript-fonts-std": "8.62-32.38.1",
"libgimpprint": "4.2.7-32.38.1",
"ghostscript-x11": "8.62-32.38.1",
"ghostscript-fonts-rus": "8.62-32.38.1",
"ghostscript-library": "8.62-32.38.1",
"ghostscript-omni": "8.62-32.38.1"
}
]
}
SUSE:Manager Proxy 2.1 / ghostscript-library
Package
- Name
- ghostscript-library
- Purl
- pkg:rpm/suse/ghostscript-library&distro=SUSE%20Manager%20Proxy%202.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.62-32.38.1
Ecosystem specific
{
"binaries": [
{
"ghostscript-fonts-other": "8.62-32.38.1",
"ghostscript-fonts-std": "8.62-32.38.1",
"libgimpprint": "4.2.7-32.38.1",
"ghostscript-x11": "8.62-32.38.1",
"ghostscript-fonts-rus": "8.62-32.38.1",
"ghostscript-library": "8.62-32.38.1",
"ghostscript-omni": "8.62-32.38.1"
}
]
}
SUSE:Linux Enterprise Point of Sale 11 SP3 / ghostscript-library
Package
- Name
- ghostscript-library
- Purl
- pkg:rpm/suse/ghostscript-library&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.62-32.38.1
Ecosystem specific
{
"binaries": [
{
"ghostscript-fonts-other": "8.62-32.38.1",
"ghostscript-fonts-std": "8.62-32.38.1",
"libgimpprint": "4.2.7-32.38.1",
"ghostscript-x11": "8.62-32.38.1",
"ghostscript-fonts-rus": "8.62-32.38.1",
"ghostscript-library": "8.62-32.38.1",
"ghostscript-omni": "8.62-32.38.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP2-LTSS / ghostscript-library
Package
- Name
- ghostscript-library
- Purl
- pkg:rpm/suse/ghostscript-library&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.62-32.38.1
Ecosystem specific
{
"binaries": [
{
"ghostscript-fonts-other": "8.62-32.38.1",
"ghostscript-fonts-std": "8.62-32.38.1",
"libgimpprint": "4.2.7-32.38.1",
"ghostscript-x11": "8.62-32.38.1",
"ghostscript-fonts-rus": "8.62-32.38.1",
"ghostscript-library": "8.62-32.38.1",
"ghostscript-omni": "8.62-32.38.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP3-LTSS / ghostscript-library
Package
- Name
- ghostscript-library
- Purl
- pkg:rpm/suse/ghostscript-library&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.62-32.38.1
Ecosystem specific
{
"binaries": [
{
"ghostscript-fonts-other": "8.62-32.38.1",
"ghostscript-fonts-std": "8.62-32.38.1",
"libgimpprint": "4.2.7-32.38.1",
"ghostscript-x11": "8.62-32.38.1",
"ghostscript-fonts-rus": "8.62-32.38.1",
"ghostscript-library": "8.62-32.38.1",
"ghostscript-omni": "8.62-32.38.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP3-TERADATA / ghostscript-library
Package
- Name
- ghostscript-library
- Purl
- pkg:rpm/suse/ghostscript-library&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.62-32.38.1
Ecosystem specific
{
"binaries": [
{
"ghostscript-fonts-other": "8.62-32.38.1",
"ghostscript-fonts-std": "8.62-32.38.1",
"libgimpprint": "4.2.7-32.38.1",
"ghostscript-x11": "8.62-32.38.1",
"ghostscript-fonts-rus": "8.62-32.38.1",
"ghostscript-library": "8.62-32.38.1",
"ghostscript-omni": "8.62-32.38.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4 / ghostscript-library
Package
- Name
- ghostscript-library
- Purl
- pkg:rpm/suse/ghostscript-library&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.62-32.38.1
Ecosystem specific
{
"binaries": [
{
"ghostscript-fonts-other": "8.62-32.38.1",
"ghostscript-fonts-std": "8.62-32.38.1",
"libgimpprint": "4.2.7-32.38.1",
"ghostscript-x11": "8.62-32.38.1",
"ghostscript-fonts-rus": "8.62-32.38.1",
"ghostscript-library": "8.62-32.38.1",
"ghostscript-omni": "8.62-32.38.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 11 SP4 / ghostscript-library
Package
- Name
- ghostscript-library
- Purl
- pkg:rpm/suse/ghostscript-library&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.62-32.38.1
Ecosystem specific
{
"binaries": [
{
"ghostscript-fonts-other": "8.62-32.38.1",
"ghostscript-fonts-std": "8.62-32.38.1",
"libgimpprint": "4.2.7-32.38.1",
"ghostscript-x11": "8.62-32.38.1",
"ghostscript-fonts-rus": "8.62-32.38.1",
"ghostscript-library": "8.62-32.38.1",
"ghostscript-omni": "8.62-32.38.1"
}
]
}