1
PublicDateAtUSN: 2017-04-03
2
Candidate: CVE-2016-10220
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10220
6
https://usn.ubuntu.com/usn/usn-3272-1
8
The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software,
9
Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service
10
(NULL pointer dereference and application crash) via a crafted file that is
11
mishandled in the PDF Transparency module.
15
https://bugs.ghostscript.com/show_bug.cgi?id=697450
17
Discovered-by: Kamil Frankowicz
21
upstream: http://www.ghostscript.com/cgi-bin/findgit.cgi?daf85701dab05f17e924a48a81edc9195b4a04e8
22
upstream_ghostscript: needed
23
precise_ghostscript: released (9.05~dfsg-0ubuntu4.5)
24
precise/esm_ghostscript: DNE (precise was released [9.05~dfsg-0ubuntu4.5])
25
trusty_ghostscript: released (9.10~dfsg-0ubuntu10.7)
26
vivid/stable-phone-overlay_ghostscript: DNE
27
vivid/ubuntu-core_ghostscript: DNE
28
xenial_ghostscript: released (9.18~dfsg~0-0ubuntu2.4)
29
yakkety_ghostscript: released (9.19~dfsg+1-0ubuntu6.4)
30
zesty_ghostscript: released (9.19~dfsg+1-0ubuntu7.2)
31
devel_ghostscript: released (9.19~dfsg+1-0ubuntu8)