[gentoo-announce] [ GLSA 200803-14 ] Ghostscript: Buffer overflow - gentoo-announce

From:	Pierre-Yves Rofes <py@g.o>
To:	gentoo-announce@l.g.o
Cc:	full-disclosure@××××××××××××××.uk, bugtraq@×××××××××××××.com, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200803-14 ] Ghostscript: Buffer overflow
Date:	Sat, 08 Mar 2008 18:26:57
Message-Id:	`47D2E1A1.4080005@gentoo.org`

1

-----BEGIN PGP SIGNED MESSAGE-----

2

Hash: SHA1

3

4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

5

Gentoo Linux Security Advisory                           GLSA 200803-14

6

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

7

                                            http://security.gentoo.org/

8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

9

10

  Severity: Normal

11

     Title: Ghostscript: Buffer overflow

12

      Date: March 08, 2008

13

      Bugs: #208999

14

        ID: 200803-14

15

16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

17

18

Synopsis

19

========

20

21

A stack-based buffer overflow has been discovered in Ghostscript,

22

allowing arbitrary code execution.

23

24

Background

25

==========

26

27

Ghostscript is a suite of software based on an interpreter for

28

PostScript and PDF.

29

30

Affected packages

31

=================

32

33

    -------------------------------------------------------------------

34

     Package                   /   Vulnerable   /           Unaffected

35

    -------------------------------------------------------------------

36

  1  app-text/ghostscript-esp      < 8.15.4-r1            >= 8.15.4-r1

37

  2  app-text/ghostscript-gpl       < 8.61-r3               >= 8.61-r3

38

  3  app-text/ghostscript-gnu      < 8.60.0-r2            >= 8.60.0-r2

39

    -------------------------------------------------------------------

40

     3 affected packages on all of their supported architectures.

41

    -------------------------------------------------------------------

42

43

Description

44

===========

45

46

Chris Evans (Google Security) discovered a stack-based buffer overflow

47

within the zseticcspace() function in the file zicc.c when processing a

48

PostScript file containing a long "Range" array in a .seticcscpate

49

operator.

50

51

Impact

52

======

53

54

A remote attacker could exploit this vulnerability by enticing a user

55

to open a specially crafted PostScript file, which could possibly lead

56

to the execution of arbitrary code or a Denial of Service.

57

58

Workaround

59

==========

60

61

There is no known workaround at this time.

62

63

Resolution

64

==========

65

66

All Ghostscript ESP users should upgrade to the latest version:

67

68

    # emerge --sync

69

    # emerge --ask --oneshot --verbose

70

">=app-text/ghostscript-esp-8.15.4-r1"

71

72

All Ghostscript GPL users should upgrade to the latest version:

73

74

    # emerge --sync

75

    # emerge --ask --oneshot --verbose ">=app-text/ghostscript-gpl-8.61-r3"

76

77

All Ghostscript GNU users should upgrade to the latest version:

78

79

    # emerge --sync

80

    # emerge --ask --oneshot --verbose

81

">=app-text/ghostscript-gnu-8.60.0-r2"

82

83

References

84

==========

85

86

  [ 1 ] CVE-2008-0411

87

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0411

88

89

Availability

90

============

91

92

This GLSA and any updates to it are available for viewing at

93

the Gentoo Security Website:

94

95

  http://security.gentoo.org/glsa/glsa-200803-14.xml

96

97

Concerns?

98

=========

99

100

Security is a primary focus of Gentoo Linux and ensuring the

101

confidentiality and security of our users machines is of utmost

102

importance to us. Any security concerns should be addressed to

103

security@g.o or alternatively, you may file a bug at

104

http://bugs.gentoo.org.

105

106

License

107

=======

108

109

Copyright 2008 Gentoo Foundation, Inc; referenced text

110

belongs to its owner(s).

111

112

The contents of this document are licensed under the

113

Creative Commons - Attribution / Share Alike license.

114

115

http://creativecommons.org/licenses/by-sa/2.5

116

-----BEGIN PGP SIGNATURE-----

117

Version: GnuPG v2.0.7 (GNU/Linux)

118

Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

119

120

iD8DBQFH0uGhuhJ+ozIKI5gRAgVTAJwLRnRiWNfyNb/A7MCpSyt+SWckvQCeIkz2

121

Qb3ry7zddKcpZa4ecmV5Fas=

122

=ealP

123

-----END PGP SIGNATURE-----

124

--

125

gentoo-announce@l.g.o mailing list

1	-----BEGIN PGP SIGNED MESSAGE-----
2	Hash: SHA1
3
4	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
5	Gentoo Linux Security Advisory GLSA 200803-14
6	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
7	http://security.gentoo.org/
8	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
9
10	Severity: Normal
11	Title: Ghostscript: Buffer overflow
12	Date: March 08, 2008
13	Bugs: #208999
14	ID: 200803-14
15
16	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17
18	Synopsis
19	========
20
21	A stack-based buffer overflow has been discovered in Ghostscript,
22	allowing arbitrary code execution.
23
24	Background
25	==========
26
27	Ghostscript is a suite of software based on an interpreter for
28	PostScript and PDF.
29
30	Affected packages
31	=================
32
33	-------------------------------------------------------------------
34	Package / Vulnerable / Unaffected
35	-------------------------------------------------------------------
36	1 app-text/ghostscript-esp < 8.15.4-r1 >= 8.15.4-r1
37	2 app-text/ghostscript-gpl < 8.61-r3 >= 8.61-r3
38	3 app-text/ghostscript-gnu < 8.60.0-r2 >= 8.60.0-r2
39	-------------------------------------------------------------------
40	3 affected packages on all of their supported architectures.
41	-------------------------------------------------------------------
42
43	Description
44	===========
45
46	Chris Evans (Google Security) discovered a stack-based buffer overflow
47	within the zseticcspace() function in the file zicc.c when processing a
48	PostScript file containing a long "Range" array in a .seticcscpate
49	operator.
50
51	Impact
52	======
53
54	A remote attacker could exploit this vulnerability by enticing a user
55	to open a specially crafted PostScript file, which could possibly lead
56	to the execution of arbitrary code or a Denial of Service.
57
58	Workaround
59	==========
60
61	There is no known workaround at this time.
62
63	Resolution
64	==========
65
66	All Ghostscript ESP users should upgrade to the latest version:
67
68	# emerge --sync
69	# emerge --ask --oneshot --verbose
70	">=app-text/ghostscript-esp-8.15.4-r1"
71
72	All Ghostscript GPL users should upgrade to the latest version:
73
74	# emerge --sync
75	# emerge --ask --oneshot --verbose ">=app-text/ghostscript-gpl-8.61-r3"
76
77	All Ghostscript GNU users should upgrade to the latest version:
78
79	# emerge --sync
80	# emerge --ask --oneshot --verbose
81	">=app-text/ghostscript-gnu-8.60.0-r2"
82
83	References
84	==========
85
86	[ 1 ] CVE-2008-0411
87	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0411
88
89	Availability
90	============
91
92	This GLSA and any updates to it are available for viewing at
93	the Gentoo Security Website:
94
95	http://security.gentoo.org/glsa/glsa-200803-14.xml
96
97	Concerns?
98	=========
99
100	Security is a primary focus of Gentoo Linux and ensuring the
101	confidentiality and security of our users machines is of utmost
102	importance to us. Any security concerns should be addressed to
103	security@g.o or alternatively, you may file a bug at
104	http://bugs.gentoo.org.
105
106	License
107	=======
108
109	Copyright 2008 Gentoo Foundation, Inc; referenced text
110	belongs to its owner(s).
111
112	The contents of this document are licensed under the
113	Creative Commons - Attribution / Share Alike license.
114
115	http://creativecommons.org/licenses/by-sa/2.5
116	-----BEGIN PGP SIGNATURE-----
117	Version: GnuPG v2.0.7 (GNU/Linux)
118	Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
119
120	iD8DBQFH0uGhuhJ+ozIKI5gRAgVTAJwLRnRiWNfyNb/A7MCpSyt+SWckvQCeIkz2
121	Qb3ry7zddKcpZa4ecmV5Fas=
122	=ealP
123	-----END PGP SIGNATURE-----
124	--
125	gentoo-announce@l.g.o mailing list

Gentoo Archives: gentoo-announce