User: Password:
Subscribe / Log in / New account

Ubuntu alert USN-3-1 (ghostscript)

From:  Martin Pitt <>
Subject:  [USN-3-1] GhostScript utility script vulnerabilities
Date:  Wed, 27 Oct 2004 02:42:05 +0200

=========================================================== Ubuntu Security Notice USN-3-1 October 27, 2004 GhostScript utility script vulnerabilities CAN-2004-0967 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: gs-common The problem can be corrected by upgrading the affected package to version 0.3.6ubuntu1.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Recently, Trustix Secure Linux discovered some vulnerabilities in the gs-common package. The utilities "" and "ps2epsi" created temporary files in an insecure way, which allowed a symlink attack to create or overwrite arbitrary files with the privileges of the user invoking the program. Source archives: Size/MD5: 589 3506426ff7ecd78fea5e254dbf694b35 Size/MD5: 31596 060a50ce728aedeb61d6b17be30d2e5d Architecture independent packages: Size/MD5: 45434 8ca2afdfe91cd67777f44f767489a705 -- ubuntu-security-announce mailing list

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds