| |||||||||||||||||||
Slackware alert SSA:2009-181-01 (ghostscript)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] ghostscript (SSA:2009-181-01) New ghostscript packages are available for Slackware 12.1, 12.2, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792 Here are the details from the Slackware 12.2 ChangeLog: +--------------------------+ patches/packages/ghostscript-8.63-i486-3_slack12.2.tgz: Rebuilt. Patched various problems with ghostscript that could lead to a denial of service or the execution of arbitrary code when processing a malicious or malformed file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com. Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating additional FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patc... Updated package for Slackware 12.2: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patc... Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/s... Updated package for Slackware64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current... MD5 signatures: +-------------+ Slackware 12.1 package: 052df55ec047d8ea8523dbd344ed75f1 ghostscript-8.62-i486-6_slack12.1.tgz Slackware 12.2 package: 2a674db1adf4f1c77bdfecb0758df5a2 ghostscript-8.63-i486-3_slack12.2.tgz Slackware -current package: cfb4a6cad4e409fb6cfdcfc13208b8b6 ghostscript-8.64-i486-2.txz Slackware64 -current package: 8b313fdb584c6533175b3adc2ceccf8f ghostscript-8.64-x86_64-2.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg ghostscript-8.63-i486-3_slack12.2.tgz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkpJqs4ACgkQakRjwEAQIjP5MQCfWl5NZ5e3DpiswPxlI1Haul+P RlMAnAssaB108Y0Qp4WoDLbCp6amBOkx =cUFU -----END PGP SIGNATURE----- (Log in to post comments)
|
|||||||||||||||||||