ghostscript is vulnerable to denial of service (DoS). The vulnerability exists due to the heap-buffer-overflow in the lprn_is_black
function in contrib/lips4/gdevlprn.c
, allowing an attacker to crash the application via a crafted PDF file.
bugs.ghostscript.com/show_bug.cgi?id=701785
git.ghostscript.com/?p=ghostpdl.git;a=commit;h=450da26a76286a8342ec0864b3d113856709f8f6
lists.debian.org/debian-lts-announce/2020/08/msg00032.html
security-tracker.debian.org/tracker/CVE-2020-16287
security.gentoo.org/glsa/202008-20
usn.ubuntu.com/4469-1/
www.debian.org/security/2020/dsa-4748