SUSE-SU-2022:0088-1

Source
https://www.suse.com/support/update/announcement/2022/suse-su-20220088-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:0088-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2022:0088-1
Related
Published
2022-01-17T12:40:20Z
Modified
2022-01-17T12:40:20Z
Summary
Security update for ghostscript
Details

This update for ghostscript fixes the following issues:

  • CVE-2021-45944: Fixed use-after-free in sampleddatasample (bsc#1194303)
  • CVE-2021-45949: Fixed heap-based buffer overflow in sampleddatafinish (bsc#1194304)
References

Affected packages

SUSE:Linux Enterprise Module for Basesystem 15 SP3 / ghostscript

Package

Name
ghostscript
Purl
pkg:rpm/suse/ghostscript&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.52-161.1

Ecosystem specific

{
    "binaries": [
        {
            "ghostscript": "9.52-161.1",
            "ghostscript-x11": "9.52-161.1",
            "ghostscript-devel": "9.52-161.1"
        }
    ]
}