1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
PublicDateAtUSN: 2017-04-03
Candidate: CVE-2017-5951
PublicDate: 2017-04-03
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5951
http://www.ubuntu.com/usn/usn-3272-1
Description:
The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software,
Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service
(NULL pointer dereference and application crash) via a crafted file.
Ubuntu-Description:
Notes:
Bugs:
https://bugs.ghostscript.com/show_bug.cgi?id=697548
Priority: low
Discovered-by: Kamil Frankowicz
Assigned-to:
Patches_ghostscript:
upstream: http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git;a=commitdiff;h=bfa6b2ec
upstream_ghostscript: needed
precise_ghostscript: released (9.05~dfsg-0ubuntu4.5)
precise/esm_ghostscript: DNE (precise was released [9.05~dfsg-0ubuntu4.5])
trusty_ghostscript: released (9.10~dfsg-0ubuntu10.7)
vivid/stable-phone-overlay_ghostscript: DNE
vivid/ubuntu-core_ghostscript: DNE
xenial_ghostscript: released (9.18~dfsg~0-0ubuntu2.4)
yakkety_ghostscript: released (9.19~dfsg+1-0ubuntu6.4)
zesty_ghostscript: released (9.19~dfsg+1-0ubuntu7.2)
devel_ghostscript: released (9.19~dfsg+1-0ubuntu8)
|