Fwd: [Redhat-Bug 599168] New: Ghostscript is vulnerable to CVE-2010-2055

bug-ghostscript

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: [Redhat-Bug 599168] New: Ghostscript is vulnerable to CVE-2010-2055

From:	Markus Steinborn
Subject:	Fwd: [Redhat-Bug 599168] New: Ghostscript is vulnerable to CVE-2010-2055
Date:	Wed, 02 Jun 2010 21:21:19 +0200
User-agent:	Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.1.9) Gecko/20100317 SeaMonkey/2.0.4

As AFAIK every upstream version is vulnerable, GNU ghostscript isvulnerable, too.

.

Summary: Ghostscript is vulnerable to CVE-2010-2055

https://bugzilla.redhat.com/show_bug.cgi?id=599168

           Summary: Ghostscript is vulnerable to CVE-2010-2055
          Platform: All
        OS/Version: Linux
          Severity: urgent
          Priority: low

AFAIK all versions of Ghostscript are vulnerable.

From version 8.64 (upstreamn without patches) up to current svn head things are

even worse: The security option "-P-" is not working properly. See

https://bugzilla.novell.com/show_bug.cgi?id=608071

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583183

and https://bugzilla.redhat.com/show_bug.cgi?id=599168


for details.


Greetings

Markus Steinborn
GNU gv maintainer

[Prev in Thread]

Current Thread

[Next in Thread]

Fwd: [Redhat-Bug 599168] New: Ghostscript is vulnerable to CVE-2010-2055, Markus Steinborn <=

Next by Date: Re: gv 3.7.0 released (Security Fix) & Translators wanted
Next by thread: Re: gv 3.7.0 released (Security Fix) & Translators wanted
Index(es):
- Date
- Thread