Nome do pacote
ghostscript
Data
2009-07-28
ID Alerta
MDVSA-2009:165
Versões afetadas
MES5 i586 , MES5 x86_64

Descrição do problema

Multiple security vulnerabilities has been identified and fixed
in ghostscript:

Multiple integer overflows in JasPer 1.900.1 might allow
context-dependent attackers to have an unknown impact via a crafted
image file, related to integer multiplication for memory allocation
(CVE-2008-3520).

Buffer overflow in the jas_stream_printf function in
libjasper/base/jas_stream.c in JasPer 1.900.1 might allow
context-dependent attackers to have an unknown impact via
vectors related to the mif_hdr_put function and use of vsprintf
(CVE-2008-3522).

Previousely the ghostscript packages were statically built against
a bundled and private copy of the jasper library. This update makes
ghostscript link against the shared system jasper library which
makes it easier to address presumptive future security issues in the
jasper library.

Pacotes atualizados

MES5 i586

 522b6a5c361a4a6205516b882a92064b  mes5/i586/ghostscript-8.63-62.3mdvmes5.i586.rpm
 362fcaf29ec6ed28b776c5bbc7623a07  mes5/i586/ghostscript-common-8.63-62.3mdvmes5.i586.rpm
 5957705fb7537c5386d8cce36db9b133  mes5/i586/ghostscript-doc-8.63-62.3mdvmes5.i586.rpm
 fc18ad1734dfb9c561fe32f9fd4eaddc  mes5/i586/ghostscript-dvipdf-8.63-62.3mdvmes5.i586.rpm
 82848a8c21df381f3623feee9a7e5f06  mes5/i586/ghostscript-module-X-8.63-62.3mdvmes5.i586.rpm
 a60ef4bbf6d230413798123d76c66256  mes5/i586/ghostscript-X-8.63-62.3mdvmes5.i586.rpm
 63b592eb894b53f976d4fc46efb82c40  mes5/i586/libgs8-8.63-62.3mdvmes5.i586.rpm
 0a985aa191f8fc700efeb5c3107dc5bc  mes5/i586/libgs8-devel-8.63-62.3mdvmes5.i586.rpm
 42bb3a1f0bdef682d8ed32dd4cd4a6f9  mes5/i586/libijs1-0.35-62.3mdvmes5.i586.rpm
 eea9f8a2b112eb7382e3afcce2cf7b32  mes5/i586/libijs1-devel-0.35-62.3mdvmes5.i586.rpm 
 c81b2ecc80d4d336b772708f6d0597b8  mes5/SRPMS/ghostscript-8.63-62.3mdvmes5.src.rpm

MES5 x86_64

 3b171f576c4da5ed378f76fef0e0aeb2  mes5/x86_64/ghostscript-8.63-62.3mdvmes5.x86_64.rpm
 ed2b0836b7a4ede822c0952ef515fafd  mes5/x86_64/ghostscript-common-8.63-62.3mdvmes5.x86_64.rpm
 4fed216433f8b0b57e15ba2f7db56ef5  mes5/x86_64/ghostscript-doc-8.63-62.3mdvmes5.x86_64.rpm
 0a7dd5e643c5847e22aad380aa2dd9fd  mes5/x86_64/ghostscript-dvipdf-8.63-62.3mdvmes5.x86_64.rpm
 779b16024d8e8bfd033374b6facae06d  mes5/x86_64/ghostscript-module-X-8.63-62.3mdvmes5.x86_64.rpm
 c71e7fd9849cd6f068692445b9d276f8  mes5/x86_64/ghostscript-X-8.63-62.3mdvmes5.x86_64.rpm
 b410c041382d1e5b0660d59444e76e5d  mes5/x86_64/lib64gs8-8.63-62.3mdvmes5.x86_64.rpm
 6be22e00b18420ae3869c8e992457512  mes5/x86_64/lib64gs8-devel-8.63-62.3mdvmes5.x86_64.rpm
 53cd9beb7f4f864c82374e12c9650686  mes5/x86_64/lib64ijs1-0.35-62.3mdvmes5.x86_64.rpm
 2715b78eba10382e254d79783e5c74bd  mes5/x86_64/lib64ijs1-devel-0.35-62.3mdvmes5.x86_64.rpm 
 c81b2ecc80d4d336b772708f6d0597b8  mes5/SRPMS/ghostscript-8.63-62.3mdvmes5.src.rpm

Referências