-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : ghostscript Version : 9.05~dfsg-6.3+deb7u8 CVE ID : CVE-2018-10194 Debian Bug : 896069
It was discovered that the set_text_distance function in base/gdevpdts.c in the pdfwrite component in Ghostscript does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. For Debian 7 "Wheezy", these problems have been fixed in version 9.05~dfsg-6.3+deb7u8. We recommend that you upgrade your ghostscript packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlrgyFVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeT7Ug/+KoyMinAIXr5grwM5QeXfGAJ6Ktx29w5MDGibMT+1BGngpydKuscEofoH o83ctcBkIU9aXxFfzDW4ZrSOGQgifl3fR5ARNWh+KqpZpeGvkGZkph/tSTd1eLYt cVWWAiS1xQnmWYKAnDsIgcEpwOnnCxOD0QSU87td13p8c8knQ/zy7hSqs0Ol21Dd wNcU8TrhntZN8CvFHQwSC7ZSRv/QR3nN2wC81pUPPKXQT7ZAgDfFnt/EDqUVMIob aEH6EVkn6smN9RjU2QRbUVmMEwDB+aF/rnVb+2oA/EjYyyQiY2Q+5/RmpTnPsKa/ Lfakc41WhLBRkWwGLzYgkImeFnIYkp0ZIM6yQSnVg7B8hRsbBYTljQwLxDdVtLAP gNwdNYYC4Or3JXvdjoGcef8Z/7Ui1glBspI9chZYmq28jqbmh1wui1FW+/dPEzUD lz527pEA2E9Bh1snwzuTCpOwTBP9xMAiLkFiCM3PEyqFPQi5V8bl2PlNzad/hk5V mLB0UXvRG3QOcAb/uqLuh3PxU/+r8LJ0RwL3aemSoQNG+NCz4TGmi/wjN6OuhlUi nqPoKf/dHW7WLifWY3gdz/+RL+wesY+qw6TXJd0NY4FYeYKmasxIPKw5nMkP28T2 +HA7CX06w5IV1tQ3cYH3vooVjlW57F/nm/2EGeI++60UfV4NP8o= =kb+M -----END PGP SIGNATURE-----