[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#856142: ghostscript: CVE-2017-6196

Package: ghostscript
Severity: important
Tags: security

Hi,

the following vulnerability was published for ghostscript.

CVE-2017-6196[0]:
| Multiple use-after-free vulnerabilities in the gx_image_enum_begin
| function in base/gxipixel.c in Ghostscript before
| ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to
| cause a denial of service (application crash) or possibly have
| unspecified other impact via a crafted PostScript document.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-6196
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6196
Please adjust the affected versions in the BTS as needed.
Reply to: