lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Fri, 28 Oct 2016 14:46:52 +0000
From: Salvatore Bonaccorso <carnil@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3691-2] ghostscript regression update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3691-2                   security@...ian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
October 28, 2016                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : ghostscript
Debian Bug     : 840691

The update for ghostscript issued as DSA-3691-1 caused regressions for
certain Postscript document viewers (evince, zathura). Updated packages
are now available to address this problem. For reference, the original
advisory text follows.

Several vulnerabilities were discovered in Ghostscript, the GPL
PostScript/PDF interpreter, which may lead to the execution of arbitrary
code or information disclosure if a specially crafted Postscript file is
processed.

For the stable distribution (jessie), this problem has been fixed in
version 9.06~dfsg-2+deb8u4.

We recommend that you upgrade your ghostscript packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQJ8BAEBCgBmBQJYE2K8XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ0NjQ0NDA5ODA4QzE3MUUwNTUzMURERUUw
NTRDQjhGMzEzNDNDRjQ0AAoJEAVMuPMTQ89ESWcP/31xgpW8BJtGnEVAA5O5cl+y
ZktIhOq3fHBi2BdCAyiaTFOqdIPrKEOVcFLkc15f7zxR1ph3H/ociBW98Jy/i76F
ERDhNRV/vm6KcP9d8K1trUYb0VKhMp8n6y0/7tta8ej7C+YU+aHGIvA3rlGF0v+4
IWi3xeOch2E++qAfCdcfGNMqOGzakfXlDeSw1L6S2CcXzXtGm0s6tL5L1NuHotGv
RN9iTYSD4Q87+TcdxmSUXiQexIjWEPgFxsmGG8UrGjFarx43GM134zYE4hfJNQI5
JzUjnjf4fGr367RD5I/bxDIgGSndtpXoTVQ9RVV8PWkrjQ1F0NdG9XURBGFJYngF
2nkYEruaeiTvG1dfv0m0FuibHOhYmjzQD7iXiw+87S4kXhb8Swz/lxSSMtLT/1/Z
qJs/1PUUJu/2839Xm52E/bu07fEmdtnNYyuffeNvojQN7jZxVu4H0STjxg5CKd/2
T8owo4XOYRXjrOP0Cn/3EpES+ptAd8xILZU7Jc9WjtE3GcyxYbPJ3dCDH8f8dVvh
AygDCORPKNVt3ZkmO79M9NyQs5zgRYGzOi+lPFw6DP+uglYkmRRPzJrv8TRU7lTe
CUthYn/Zsl8w5FTsybCsigXP2FFFMGZ/i8dWwn3qmD0CET3GxxkCJSyH9ymT//Mk
dV3tsO9d8YmmMQ7Uwwqq
=4I9u
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ