** Changed in: ghostscript (Ubuntu)
Assignee: (unassigned) => Skymathrix (asstaroid)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/546009
Title:
Multiple memory corruption vulnerabilities in
** Changed in: gs-gpl
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/546009
Title:
Multiple memory corruption vulnerabilities in Ghostscript
To manage
** Changed in: gs-gpl
Importance: Unknown = Critical
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/546009
Title:
Multiple memory corruption vulnerabilities in Ghostscript
--
ubuntu-bugs
** Changed in: gs-gpl
Status: Fix Released = Confirmed
--
Multiple memory corruption vulnerabilities in Ghostscript
https://bugs.launchpad.net/bugs/546009
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing
This bug was fixed in the package ghostscript - 8.71.dfsg.1-0ubuntu5.2
---
ghostscript (8.71.dfsg.1-0ubuntu5.2) lucid-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via unlimited recursive
procedure invocations (LP: #546009)
-
** Changed in: gs-gpl
Status: Confirmed = Fix Released
--
Multiple memory corruption vulnerabilities in Ghostscript
https://bugs.launchpad.net/bugs/546009
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-1869
--
Multiple memory corruption vulnerabilities in Ghostscript
https://bugs.launchpad.net/bugs/546009
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
Ok, so issue #2 (infinite recursion, dynamic_save) is fixed with 8.71
and is CVE-2010-1869.
Issue #1 does affect 8.71, and is CVE-2010-1628.
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-1628
--
Multiple memory corruption vulnerabilities in Ghostscript
dynamic_save() overflow in 2 should be:
http://bugs.ghostscript.com/show_bug.cgi?id=690902
http://code.google.com/p/ghostscript/source/detail?r=10312
** Bug watch added: Ghostscript (AFPL) Bugzilla #690902
http://bugs.ghostscript.com/show_bug.cgi?id=690902
--
Multiple memory corruption
Hi Dan, where does this bug stand with upstream? Is there a CRD for it,
or is it public now? Thanks!
--
Multiple memory corruption vulnerabilities in Ghostscript
https://bugs.launchpad.net/bugs/546009
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Is this vulnerability present in 8.71 too?
--
Multiple memory corruption vulnerabilities in Ghostscript
https://bugs.launchpad.net/bugs/546009
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
Reported upstream as
http://bugs.ghostscript.com/show_bug.cgi?id=691303
** Bug watch added: Ghostscript (AFPL) Bugzilla #691303
http://bugs.ghostscript.com/show_bug.cgi?id=691303
** Also affects: gs-gpl via
http://bugs.ghostscript.com/show_bug.cgi?id=691303
Importance: Unknown
** Changed in: gs-gpl
Status: Unknown = Invalid
--
Multiple memory corruption vulnerabilities in Ghostscript
https://bugs.launchpad.net/bugs/546009
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
** Bug watch added: Ghostscript (AFPL) Bugzilla #691295
http://bugs.ghostscript.com/show_bug.cgi?id=691295
** Changed in: gs-gpl
Status: Invalid = Unknown
** Changed in: gs-gpl
Remote watch: Ghostscript (AFPL) Bugzilla #691303 = Ghostscript (AFPL)
Bugzilla #691295
--
Multiple
** Changed in: gs-gpl
Status: Unknown = Confirmed
--
Multiple memory corruption vulnerabilities in Ghostscript
https://bugs.launchpad.net/bugs/546009
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
8.71 is not vulnerable to the first bug (stack overflow in token
parsing), but is vulnerable to the second (infinite recursion memory
corruption).
--
Multiple memory corruption vulnerabilities in Ghostscript
https://bugs.launchpad.net/bugs/546009
You received this bug notification because you
** Visibility changed to: Public
--
Multiple memory corruption vulnerabilities in Ghostscript
https://bugs.launchpad.net/bugs/546009
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
17 matches
Mail list logo