ghostscript fixed with 9.28~~rc2~dfsg-1

Salvatore Bonaccorso Sat, 07 Sep 2019 05:53:09 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2c0405a0 by Salvatore Bonaccorso at 2019-09-07T12:50:33Z
CVE-2019-1481{1,2,3}/ghostscript fixed with 9.28~~rc2~dfsg-1

Since 9.28 this will be more like a hardening, but still the issues were
unfixed up to 9.28~rc2 upstream. The issues cannot be considered fixed
with the mitigation and rewrite of the dSAFER handling.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3575,7 +3575,7 @@ CVE-2019-14814
        RESERVED
        - linux <unfixed>
 CVE-2019-14813 (A flaw was found in ghostscript, versions 9.x before 9.28, in 
the sets ...)
-       - ghostscript <unfixed>
+       - ghostscript 9.28~~rc2~dfsg-1
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701443
        NOTE: 
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33
        NOTE: https://www.openwall.com/lists/oss-security/2019/08/28/2
@@ -3584,7 +3584,7 @@ CVE-2019-14813 (A flaw was found in ghostscript, versions 
9.x before 9.28, in th
        NOTE: which changed the access to file permissions.
 CVE-2019-14812
        RESERVED
-       - ghostscript <unfixed>
+       - ghostscript 9.28~~rc2~dfsg-1
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701444
        NOTE: 
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33
        NOTE: https://www.openwall.com/lists/oss-security/2019/08/28/2
@@ -3592,7 +3592,7 @@ CVE-2019-14812
        NOTE: from 
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=7ecbfda92b4c8dbf6f6c2bf8fc82020a29219eff
        NOTE: which changed the access to file permissions.
 CVE-2019-14811 (A flaw was found in, ghostscript versions prior to 9.28, in 
the .pdf_h ...)
-       - ghostscript <unfixed>
+       - ghostscript 9.28~~rc2~dfsg-1
        NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701445
        NOTE: 
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33
        NOTE: https://www.openwall.com/lists/oss-security/2019/08/28/2



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2c0405a0e56053f7dd3ae2aa1e935fb949f791cd

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2c0405a0e56053f7dd3ae2aa1e935fb949f791cd
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] CVE-2019-1481{1,2,3}/ghostscript fixed with 9.28~~rc2~dfsg-1

Reply via email to