ghostscript-9.07-20.el7.1
エラータID: AXSA:2017-1218:01
リリース日:
2017/01/04 Wednesday - 17:23
題名:
ghostscript-9.07-20.el7.1
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- Ghostscript の getenv と filenameforall 関数は,"-dSAFER" 引数を無視し
ており,巧妙に細工された postscript ファイルによって,リモートの攻撃者が
データを読み込む脆弱性があります。(CVE-2013-5653)
- Ghostscript の psi/zht2.c の .sethalftone5 関数には,空のオペランド
スタックを持つ .sethalftone5 を呼び出す巧妙に細工された Postscript ドキュ
メントによって,リモートの攻撃者がサービス拒否 (アプリケーションのクラッ
シュ) を引き起こす,あるいは任意のコードを実行する可能性のある脆弱性があ
ります。(CVE-2016-8602)
- 現時点では CVE-2016-7977, CVE-2016-7978, CVE-2016-7979,
の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2013-5653
The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.
The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.
CVE-2016-7977
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.
CVE-2016-7978
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.
CVE-2016-7979
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.
CVE-2016-8602
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.
追加情報:
N/A
ダウンロード:
SRPMS
- ghostscript-9.07-20.el7.1.src.rpm
MD5: 5f9bf5262e8e78a412619d4d8c9a1bdc
SHA-256: 35996f9c4e92fcd5adc1e1b64ff127d0bfbe6523d6fdc45008ae5f0eb1dc5ce2
Size: 26.57 MB
Asianux Server 7 for x86_64
- ghostscript-9.07-20.el7.1.x86_64.rpm
MD5: eb5a732132306d0a50790537aa74ddb1
SHA-256: 9f00e1a7dd42401bf6bb79080ee2a42e89ff27f8d499d19cbc534a135b26dcaf
Size: 4.31 MB - ghostscript-cups-9.07-20.el7.1.x86_64.rpm
MD5: 7c76019a5726750831dd471d95a3c203
SHA-256: 798a5121d7dec1b13c268030458fe102ec69881959d453eaae5fc9a02e3ff5d4
Size: 54.42 kB - ghostscript-9.07-20.el7.1.i686.rpm
MD5: 4aa826d3e745719e03e931ac4cd0130b
SHA-256: 290c905a566ff4fa44054a36c59a256dd217f90e9c426db66bfa56f5dc78085a
Size: 4.30 MB