Headline
Debian Security Advisory 5808-1
Debian Linux Security Advisory 5808-1 - Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed.
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5808-1 [email protected]://www.debian.org/security/ Salvatore BonaccorsoNovember 11, 2024 https://www.debian.org/security/faq- -------------------------------------------------------------------------Package : ghostscriptCVE ID : CVE-2024-46951 CVE-2024-46952 CVE-2024-46953 CVE-2024-46955 CVE-2024-46956Multiple security issues were discovered in Ghostscript, the GPLPostScript/PDF interpreter, which could result in denial of service andpotentially the execution of arbitrary code if malformed document filesare processed.For the stable distribution (bookworm), these problems have been fixed inversion 10.0.0~dfsg-11+deb12u6.We recommend that you upgrade your ghostscript packages.For the detailed security status of ghostscript please refer to itssecurity tracker page at:https://security-tracker.debian.org/tracker/ghostscriptFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmcyNyZfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0TsSw/+O3JZxFqbD0O/frfKj2MbMsIxEpVYEfezp1HBnbTC4KFvVyn81yye8yS6OS8T/3FZxMAu0VwDXah8Hc0aemk47GT0Nj1NzoqoDwTU9DUNtFZ1GxyvM67qKBiG/x4Detk5ikwjfA1vdg71O8Vpw9TYGI4+CZv4sS4W/AuwZXxvL2o0DEE8Gvi501FU7ppD95hA9f+LaP7D8+LlKWU2blaN5Iim2WRrRABTimujgXTQjuCBFLuUUqWhznuNHJU4nWMuEYMot31eummNHw0tUD6d/tHGipN/2b/TM+nmhBIS+1T/HBS/2gEuYF3f3arOGm1Fgk3zAACczdeMp4CFXzD0PUKCJfOeAI5kMMaHosAqjnvhWthz3Ye2s/3bVZ4INYvOo1J8/Bgr1l/k6b91HoCIb60DemUzDrQPZyzdAnEUm0W5ET1jKOvfF73vukl7V5SF/b4f90/zc/kTJDKf5lTgXOAER7Ci7DwPrkBFp+fAutqyUQzdZWrJCAyxuu75q2SjCqUCKiHhXNO3IipvE2DxXHxXgXOsw3SLwUt3+ciJbUY2+9bri1lcLiocSKvEYKw14bw72Eb01472NAoF87p1ectAlnMO6GOj0xzZoXat31W/DNe6wSUtIbekzMxHT0Cx06tcKdyfhq6AVTm4HspGB/1nA9MqU6ok0VR9B73rRLk==hMTY-----END PGP SIGNATURE-----Related news
Ubuntu Security Notice 7103-1 - It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Ghostscript incorrectly handled parsing certain PDF files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10.