Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
Updated ghostscript packages for RH
Posted by Philipp Esselbach on: 06/02/2003 09:13 PM [ Print | 0 comment(s) ]
Red Hat has released updated ghostscript packages
New ghostscript packages fixing a command execution vulnerability are now available.
Description:
GNU Ghostscript is an interpreter for the PostScript language, and is often used when printing to printers that do not have their own built-in PostScript interpreter.
A flaw in unpatched versions of Ghostscript before 7.07 allows malicious postscript files to execute arbitrary commands even with -dSAFER enabled. Note that this vulnerability does not affect Ghostscript when the Red Hat -dPARANOIDSAFER option is used. Therefore, a malicious print job cannot be used to exploit this vulnerability under Red Hat Linux.
Users of Ghostscript are advised to upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
Description:
GNU Ghostscript is an interpreter for the PostScript language, and is often used when printing to printers that do not have their own built-in PostScript interpreter.
A flaw in unpatched versions of Ghostscript before 7.07 allows malicious postscript files to execute arbitrary commands even with -dSAFER enabled. Note that this vulnerability does not affect Ghostscript when the Red Hat -dPARANOIDSAFER option is used. Therefore, a malicious print job cannot be used to exploit this vulnerability under Red Hat Linux.
Users of Ghostscript are advised to upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
Read more
