[SECURITY] [DSA 3326-1] ghostscript security update

2015-08-0212:43:48

lists.debian.org

EPSS

0.014

Percentile

86.5%

JSON

Debian Security Advisory DSA-3326-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
August 02, 2015 https://www.debian.org/security/faq

Package : ghostscript
CVE ID : CVE-2015-3228
Debian Bug : 793489

William Robinet and Stefan Cornelius discovered an integer overflow in
Ghostscript, the GPL PostScript/PDF interpreter, which may result in
denial of service or potentially execution of arbitrary code if a
specially crafted file is opened.

For the oldstable distribution (wheezy), this problem has been fixed
in version 9.05~dfsg-6.3+deb7u2.

For the stable distribution (jessie), this problem has been fixed in
version 9.06~dfsg-2+deb8u1.

For the testing distribution (stretch), this problem has been fixed
in version 9.15~dfsg-1.

For the unstable distribution (sid), this problem has been fixed in
version 9.15~dfsg-1.

We recommend that you upgrade your ghostscript packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian8amd64libgs9< 9.06~dfsg-2+deb8u1libgs9_9.06~dfsg-2+deb8u1_amd64.deb
Debian6allgs-gpl< 8.71~dfsg2-9+squeeze2gs-gpl_8.71~dfsg2-9+squeeze2_all.deb
Debian8arm64ghostscript-x< 9.06~dfsg-2+deb8u1ghostscript-x_9.06~dfsg-2+deb8u1_arm64.deb
Debian8i386libgs-dev< 9.06~dfsg-2+deb8u1libgs-dev_9.06~dfsg-2+deb8u1_i386.deb
Debian8armelghostscript-x< 9.06~dfsg-2+deb8u1ghostscript-x_9.06~dfsg-2+deb8u1_armel.deb
Debian7s390xghostscript-cups< 9.05~dfsg-6.3+deb7u2ghostscript-cups_9.05~dfsg-6.3+deb7u2_s390x.deb
Debian7mipsghostscript-x< 9.05~dfsg-6.3+deb7u2ghostscript-x_9.05~dfsg-6.3+deb7u2_mips.deb
Debian8kfreebsd-amd64ghostscript-dbg< 9.06~dfsg-2+deb8u1ghostscript-dbg_9.06~dfsg-2+deb8u1_kfreebsd-amd64.deb
Debian7armhflibgs9< 9.05~dfsg-6.3+deb7u2libgs9_9.05~dfsg-6.3+deb7u2_armhf.deb
Debian8powerpcghostscript-dbg< 9.06~dfsg-2+deb8u1ghostscript-dbg_9.06~dfsg-2+deb8u1_powerpc.deb

OS	Version	Architecture	Package	Version	Filename
Debian	8	amd64	libgs9	< 9.06~dfsg-2+deb8u1	libgs9_9.06~dfsg-2+deb8u1_amd64.deb
Debian	6	all	gs-gpl	< 8.71~dfsg2-9+squeeze2	gs-gpl_8.71~dfsg2-9+squeeze2_all.deb
Debian	8	arm64	ghostscript-x	< 9.06~dfsg-2+deb8u1	ghostscript-x_9.06~dfsg-2+deb8u1_arm64.deb
Debian	8	i386	libgs-dev	< 9.06~dfsg-2+deb8u1	libgs-dev_9.06~dfsg-2+deb8u1_i386.deb
Debian	8	armel	ghostscript-x	< 9.06~dfsg-2+deb8u1	ghostscript-x_9.06~dfsg-2+deb8u1_armel.deb
Debian	7	s390x	ghostscript-cups	< 9.05~dfsg-6.3+deb7u2	ghostscript-cups_9.05~dfsg-6.3+deb7u2_s390x.deb
Debian	7	mips	ghostscript-x	< 9.05~dfsg-6.3+deb7u2	ghostscript-x_9.05~dfsg-6.3+deb7u2_mips.deb
Debian	8	kfreebsd-amd64	ghostscript-dbg	< 9.06~dfsg-2+deb8u1	ghostscript-dbg_9.06~dfsg-2+deb8u1_kfreebsd-amd64.deb
Debian	7	armhf	libgs9	< 9.05~dfsg-6.3+deb7u2	libgs9_9.05~dfsg-6.3+deb7u2_armhf.deb
Debian	8	powerpc	ghostscript-dbg	< 9.06~dfsg-2+deb8u1	ghostscript-dbg_9.06~dfsg-2+deb8u1_powerpc.deb