F1TYM1

Gentoo: GLSA-202309-03: GPL Ghostscript: Multiple Vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202309-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: GPL Ghostscript: Multiple Vulnerabilities Date: September 17, 2023 Bugs: #904245, #910294 ID: 202309-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis
======== Multiple vulnerabilities have been discovered in GPL Ghostscript, the
worst of which could result in remote code execution. Background
========== Ghostscript is an interpreter for the PostScript language and for PDF. Affected packages
================= Package Vulnerable Unaffected
------------------------ ------------ ------------
app-text/ghostscript-gpl 10.01.2 >= 10.01.2 Description
=========== Multiple vulnerabilities have been discovered in GPL Ghostscript. Please
review the CVE identifiers referenced below for details. Impact
====== Please review the referenced CVE identifiers for details. Workaround
========== There is no known workaround at this time. Resolution
========== All GPL Ghostscript users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-text/ghostscript-gpl-10.01.2" References
========== [ 1 ] CVE-2022-2085 https://nvd.nist.gov/vuln/detail/CVE-2022-2085
[ 2 ] CVE-2023-28879 https://nvd.nist.gov/vuln/detail/CVE-2023-28879
[ 3 ] CVE-2023-36664 https://nvd.nist.gov/vuln/detail/CVE-2023-36664 Availability
============ This GLSA and any updates to it are available for viewing at
the Gentoo Security Website: https://security.gentoo.org/glsa/202309-03 Concerns?
========= Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or alternatively, you may file a bug at
https://bugs.gentoo.org. License
======= Copyright 2023 Gentoo Foundation, Inc; referenced text
belongs to its owner(s). The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5

In:

Tags:

, , , , ,