LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Eridani alert ERISA-2002:022 (ghostscript)

From:	 Eridani Star System <linux@eridani.co.uk>
To:	 eridani-announce@eridani.co.uk
Subject: [Eridani-Announce] ERISA-2002:022
Date:	 Thu, 6 Jun 2002 00:07:51 +0100 (BST)

=========================================================================
		ERIDANI LINUX - SECURITY ANNOUNCEMENT
=========================================================================

Package:	ghostscript
Summary:	ghostscript/postscript command execution vulnerability
Date:		2002-06-05
ID:		ERISA-2002:022

=========================================================================

Problem description:

  Ghostscript is a program for displaying PostScript printer files and
  printing them to a variety of printers.

  A maliciously crafted PostScript file can cause Ghostscript to execute
  arbitrary commands as a result of insufficient checking of the document.
  As ghostscript is run as user lp (when during the course of printing a
  document) upgrading is strongly advised.

  This version of ghostscript has some new dependencies - required by
  new drivers to support an even wider range of printers.  

-------------------------------------------------------------------------
Updated packages:

  aa99682dfb533b1a127f0faa276cf527  VFlib2-2.25.1-12.src.rpm
  d0aaef4413a0351c2303673cccbf910b  xtt-fonts-0.19990222-9.src.rpm
  3c48b41f2fdfc1ec7af3fff71e95f7e9  ghostscript-6.51-17.src.rpm

  5d031dd43135e3050d43628ed659d927  VFlib2-2.25.1-12.i386.rpm
  7972e8179c10aba32d649450e526e1a6  VFlib2-VFjfm-2.25.1-12.i386.rpm
  bdb0a99d0809a465dc71e7bb8ffcc271  VFlib2-devel-2.25.1-12.i386.rpm
  5b24d48d05e030c549fc1f210978b97b  xtt-fonts-0.19990222-9.noarch.rpm
  f8b5763ef24a1c49b25d5706565d7996  ghostscript-6.51-17.i386.rpm

-------------------------------------------------------------------------
References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0363

=========================================================================

Packages available from ftp://ftp.eridani.co.uk/pub/Aeryn/
or by HTTP from http://ftp.eridani.co.uk/

Packages are signed with our GNU GPG key, also on our FTP site.

Users of releases of Eridani Linux prior to 6.3 are advised to download   
the source RPM and rebuild for their system.

Copyright (C)2002 Eridani Star System

-- Michael "Soruk" McConnell                       http://www.eridani.co.uk
Eridani Linux  --  The Most Up-to-Date Red Hat-based Linux CDROMs Available
Email: linux@eridani.co.uk -- Also Debian, Slackware, Mandrake and more...

_______________________________________________
Eridani-Announce mailing list
To be removed from this list email linux@eridani.co.uk requesting removal.
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds